betterhelp.com - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 44.209.74.89, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is betterhelp.com. The Cisco Umbrella rank of the primary domain is 55032.

This is the only time betterhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	44.209.74.89 44.209.74.89	14618 (AMAZON-AES) (AMAZON-AES)
3	143.204.215.106 143.204.215.106	16509 (AMAZON-02) (AMAZON-02)
4	2

1 44.209.74.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-74-89.compute-1.amazonaws.com

betterhelp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-106.fra53.r.cloudfront.net

27828fc62a50.9021bf3a.us-east-1.token.awswaf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	awswaf.com 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com	281 KB
1	betterhelp.com betterhelp.com — Cisco Umbrella Rank: 55032	2 KB
4	2

	Domain	Requested by
3	27828fc62a50.9021bf3a.us-east-1.token.awswaf.com	betterhelp.com 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com
1	betterhelp.com
4	2

This site contains no links.

Subject Issuer	Validity	Valid
*.9021bf3a.us-east-1.token.awswaf.com Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://betterhelp.com/
Frame ID: A8B9FAC00160A8454147EBCA41C8E537
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Human Verification

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

282 kB
Transfer

1055 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	202 Accepted	Primary Request / Show response betterhelp.com/	1 KB 2 KB	247ms 117ms	Document text/html	44.209.74.89 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://betterhelp.com/ Protocol HTTP/1.1 Server 44.209.74.89 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-209-74-89.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash `5d4dd36220102da5d59c407705496525f6c64f8491879562cf36d4efe1ebe950` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, max-age=0 Connection keep-alive Content-Length 1462 Content-Type text/html; charset=UTF-8 Date Thu, 27 Jul 2023 14:12:15 GMT Server awselb/2.0 x-amzn-waf-action challenge
GET H2	200	challenge.js Show response 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/	1 MB 279 KB	514ms 409ms	Script text/javascript	143.204.215.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/challenge.js Requested by Host: betterhelp.com URL: http://betterhelp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-106.fra53.r.cloudfront.net Software / Resource Hash `970009cc69ef78cbf31fa38a7a67a79439468d3a61fc713ef8a6bd109032f5bf` Request headers accept-language de-DE,de;q=0.9 Referer http://betterhelp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 27 Jul 2023 14:12:16 GMT content-encoding gzip via 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 vary Accept-Encoding x-cache Miss from cloudfront x-amzn-waf-challenge-id Root=1-64c27b40-321debf30f41cc9b61fb12da content-type text/javascript cache-control private, max-age=86400 x-amz-cf-id n9zhc4-n4OE-Oypc_YX5oT7b_QaD_yMqHagmLUE40GVT3dDrHd3uWg== expires 0
POST H2	200	report Show response 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/	0 263 B	400ms 316ms	Fetch	143.204.215.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/report Requested by Host: 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com URL: https://27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/challenge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-106.fra53.r.cloudfront.net Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://betterhelp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 27 Jul 2023 14:12:17 GMT via 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 access-control-max-age 86400 access-control-allow-methods POST x-cache Miss from cloudfront access-control-allow-origin * content-length 0 x-amz-cf-id aahNSAcuYE0H2aR9ncAh0zkNl3fs-seipieYT7H9jnJ8OuhkhsVtrg==
GET H2	200	inputs Show response 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/	477 B 894 B	358ms 358ms	Fetch application/json	143.204.215.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/inputs?client=browser Requested by Host: 27828fc62a50.9021bf3a.us-east-1.token.awswaf.com URL: https://27828fc62a50.9021bf3a.us-east-1.token.awswaf.com/27828fc62a50/5250e8321163/84da829bd45a/challenge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-106.fra53.r.cloudfront.net Software / Resource Hash `df45be4f0e0c9aea5425934b3704429d2f0100912e040461e4a3043c63f08195` Request headers accept-language de-DE,de;q=0.9 Referer http://betterhelp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers pragma no-cache date Thu, 27 Jul 2023 14:12:19 GMT via 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 access-control-max-age 86400 access-control-allow-methods OPTIONS,GET,POST content-type application/json access-control-allow-origin * x-cache Miss from cloudfront x-amzn-waf-challenge-id Root=1-64c27b43-242226ba6037f6e4405c91d5 cache-control no-cache, no-store, must-revalidate content-length 477 x-amz-cf-id sCu_my_NXNKjbZ0JVZnDUMcHVN7b3K-KRsBa2PSOcjMmul7Dd1iU4A== expires 0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27828fc62a50.9021bf3a.us-east-1.token.awswaf.com
betterhelp.com
143.204.215.106
44.209.74.89
5d4dd36220102da5d59c407705496525f6c64f8491879562cf36d4efe1ebe950
970009cc69ef78cbf31fa38a7a67a79439468d3a61fc713ef8a6bd109032f5bf
df45be4f0e0c9aea5425934b3704429d2f0100912e040461e4a3043c63f08195
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

betterhelp.com Open in urlscan Pro 44.209.74.89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

75 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

282 kBTransfer

1055 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

betterhelp.com Open in urlscan Pro
44.209.74.89 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

282 kB
Transfer

1055 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions