helly.wtf Open in urlscan Pro
2606:4700:3032::ac43:88ef Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://helly.wtf/
Effective URL:
https://helly.wtf/
Submission: On April 16 via api (April 16th 2024, 2:35:15 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3032::ac43:88ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is helly.wtf.
TLS certificate: Issued by E1 on February 21st 2024. Valid for: 3 months.

This is the only time helly.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3032::ac43:88ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.67.136.239 172.67.136.239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

1 2606:4700:3032::ac43:88ef (United States)

ASN13335 (CLOUDFLARENET, US)

helly.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.136.239 (United States)

ASN13335 (CLOUDFLARENET, US)

helly.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

api.lanyard.rest	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	helly.wtf helly.wtf	100 KB
1	lanyard.rest api.lanyard.rest	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 239	5 KB
15	3

	Domain	Requested by
13	helly.wtf	helly.wtf
1	api.lanyard.rest	helly.wtf
1	cdnjs.cloudflare.com	helly.wtf
15	3

This site contains links to these domains. Also see Links.

Domain
t.me
github.com
twitter.com
www.planetminecraft.com

Subject Issuer	Validity	Valid
helly.wtf E1	`2024-02-21` - `2024-05-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
lanyard.rest E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://helly.wtf/
Frame ID: 22BD8C9BDC290E68EA537D10C0C272C9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://helly.wtf/ HTTP 307
https://helly.wtf/ Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

105 kB
Transfer

466 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/invitedtohell
Title: telegram

Search URL Search Domain Scan URL

URL: https://github.com/invitedtohell
Title: github

Search URL Search Domain Scan URL

URL: https://twitter.com/InvitedToHell
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.planetminecraft.com/member/invitedtoheaven/
Title: planetmc

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://helly.wtf/ HTTP 307
https://helly.wtf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
helly.wtf/
Redirect Chain

http://helly.wtf/
https://helly.wtf/

2 KB
2 KB

237ms
90ms

Document
text/html

2606:4700:3032::ac43:88ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helly.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:88ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5351b7eee83b38321e9c4178a975bc1561035ff6d40e1beef8fe54644c564625

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8754e6827a7c3a7f-FRA
content-encoding: br
content-type: text/html
date: Tue, 16 Apr 2024 14:35:11 GMT
link: <./_app/immutable/assets/0.M7YoMFwD.css>; rel="preload";as="style"; nopush, <./_app/immutable/entry/start.Ii6MhRol.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/scheduler.V7bLW0bx.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/singletons.Uy6Y-mW3.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/index.DmIl27O9.js>; rel="modulepreload"; nopush, <./_app/immutable/entry/app.1G2TAKj7.js>; rel="modulepreload"; nopush, <./_app/immutable/chunks/index.QuQCJCwO.js>; rel="modulepreload"; nopush, <./_app/immutable/nodes/0.FRE6CFrm.js>; rel="modulepreload"; nopush, <./_app/immutable/nodes/2.VGhhgaII.js>; rel="modulepreload"; nopush
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uayUO3hQcYG6YQ5z7jg0HN2c1E6wQ00%2BPEfgABK%2B9F2Li3wxmid9PATRXja1FSJ0Nx9iTlMKNOakf9EyibpgYsKyivo4eoSJXhIyainnrw32%2F%2FzSEPpNn9mNN%2BagJn5YR%2FnfOFUTH6E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-sveltekit-page: true

Redirect headers

Location: https://helly.wtf/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 0.M7YoMFwD.css
helly.wtf/_app/immutable/assets/ 296 KB
35 KB 33ms
32ms Stylesheet
text/css 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/assets/0.M7YoMFwD.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a085b3266a5de0ded88bda96d295439e7bfef5d860435572dda4cbfa2aeaf6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://helly.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 146899
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6d61f1e5fe8fe0462d5197645582d640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCzMJsSKBGvd6m9uQtZm66qd9rEZzIX0sKUXFqs9VQzZ1aFtsGrA2EZWiG4PCUSIWmvHDQ0RqtUT%2BmxQwZrh70H10NHUAUGWqEghrhhNxv4OiLfDI8SlgYojN7JrDuuZI4LCyvXXpqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6831c7102db-CDG

GET
H3 200 start.Ii6MhRol.js Show response
helly.wtf/_app/immutable/entry/ 27 KB
12 KB 143ms
142ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/entry/start.Ii6MhRol.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac50019d66ba08094c9646a5ce1dc3db483af9d475d191d0a069ec06d2f53bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"99627f9cead38fd64857b30cf18e0c2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FT%2BQlRxZrV%2BytR35yMezgUwWS6IBCUlgsCVS5ZiaU59IhghXyxM75GkMrZdWXJuch6%2FlLQlTi3EzbgnXvytUg1U5LWXBWRl3cw1h8KArlVqAHubBMSRMXFqJMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8002db-CDG

GET
H3 200 scheduler.V7bLW0bx.js Show response
helly.wtf/_app/immutable/chunks/ 2 KB
2 KB 114ms
113ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/chunks/scheduler.V7bLW0bx.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205375ce25b9be57eb0704bccde34a7ddc2b93cfb6cc6708e79c453b5b6dc181

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6f4fb08f0afab19adb45433769a029d3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BGxZ99iZEQyCHg%2Bqp7%2FNcMGznrP42%2BRUo%2BxK7SYBP83fM4EjRG2YSyLIf1EOtCEZfTyzUW0cqQQIM9ALXSWs0nxKPKkWN78Yf2%2FWLHW6q37bgRW4CgNU39XPO6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8302db-CDG

GET
H3 200 singletons.Uy6Y-mW3.js Show response
helly.wtf/_app/immutable/chunks/ 2 KB
2 KB 115ms
114ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/chunks/singletons.Uy6Y-mW3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9ebf65c66fa951902231fbf4a817aaec0d6d7b66da1785b8bc5613f8c1180fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6d8f0f2c8b964139ab4d152edfa0167e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIEt%2BSym4wi5GKSpM%2FUvoy%2F6ehUaP%2BX5Pt6LDRD8cbaMDsH2d%2FMx5YHBqCVuz2dPAoWK7FqQuFeL6xuD9GNWpy3XqczCNmaymPjFKQ0LOXX4R4m5necFrQTVrvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8602db-CDG

GET
H3 200 index.DmIl27O9.js Show response
helly.wtf/_app/immutable/chunks/ 509 B
818 B 103ms
102ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/chunks/index.DmIl27O9.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

871cccad26d8a0a16047df8c0d4c86ea983d877a430f455e5ced231a7b34410a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"92ad91cd3dc72e5f5e3bcd1d30df5a1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GE7%2F51k7IpTRZmCXFwZA7mwyN2djzc2GqmXPu34UwlSBSm6f6apa7rWhFaY9eT1QGPcGc%2BiXdOJtma0nDCk8slCxlZ27HJsHSAaUZNXd2EyOgV7Y7WgR%2Ft5ybpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8702db-CDG

GET
H3 200 app.1G2TAKj7.js Show response
helly.wtf/_app/immutable/entry/ 6 KB
3 KB 116ms
115ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/entry/app.1G2TAKj7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5d9a79c0c89f5c17d2c9a8bb7240869fb775b24c96108929ff58ca1b99f037

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"958e9de10507772d84441211fb12d46d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u38yiDF2lMOybWRa%2FIaFms3JYlSkGPvy4tokRMPEwXja4AJOdrVSyi%2BfIj%2FS3GYBMiwFxspZsIapGrEF9vrVfkPaJPtixaIwznwIi051XPl3LyBLz3mCnCy2QBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8902db-CDG

GET
H3 200 index.QuQCJCwO.js Show response
helly.wtf/_app/immutable/chunks/ 5 KB
3 KB 105ms
104ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/chunks/index.QuQCJCwO.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f621e49f681535d5a2d8a71c0c9f37f0877ae16278a22e979a8fe7c0fc13e7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"24ff660daaf37fcf595457c78f227af5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BySzmn3m6Jr5rIl%2F%2BvdsrIh2ey83ZpUY2tsHqEKO%2Ff6aheZeOLTPhtl1aXM%2FXJ8EDFHacmuNApf%2Fes3KYbNcMnxzalFCSoh6JwXJKFQg5NKTPKH6eMxiUzPfLc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8b02db-CDG

GET
H3 200 0.FRE6CFrm.js Show response
helly.wtf/_app/immutable/nodes/ 595 B
887 B 133ms
132ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/nodes/0.FRE6CFrm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310537e1fbcad87fa45beb1eb4cd5632edc5abb3dcb4d344c18fbae5ea35bb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"404042c7e992856d2ac99711d0d50974"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6oh4JQ%2BLmMCOd3p%2FyDgjM9ETtvhEFdr9%2Fvnzg%2Bq1bk%2BYUNcA3rt%2FNbCo8odDiWN%2FEDlRqsCvJGHrzo6GSCzppAdke2I5dZ5xYdQ%2B19340oYLweFwBeIxxOGN1DM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8e02db-CDG

GET
H3 200 2.VGhhgaII.js Show response
helly.wtf/_app/immutable/nodes/ 17 KB
5 KB 117ms
116ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/nodes/2.VGhhgaII.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ad1c62fcc7a66efba80c680fca869c461e8de313806317c0d770cf98189ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5f87b7b460bc6f09e26ef25ba5daac94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PjSraT542Hh7nJZPy5c7ncZCdG46CEI%2FYYn%2BB0YWjVLkCnK5hhFuLaDrMQmSMG1tA%2FL6gyzn%2BriBvrrcOxcOtxhUXf9jROGhWd6CjOF%2B7djjGPZ35%2B1sdipCImI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6832c8f02db-CDG

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 29ms
17ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: helly.wtf
URL: https://helly.wtf/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://helly.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 406501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4216
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0kUbluH0YSLB3WD0%2BUuAQt92XRrZMCgyGbO0KP1wMyMZkDwOaGr4KDmKO%2B6qlhlP7BSVD8kcFTD%2FR%2FXGpciQbhsXrh61%2Fc3IXHwq2jMcSOW96cRSDCzlMghL4BweK193s6sLGIbz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8754e6833fe31e30-FRA
expires: Sun, 06 Apr 2025 14:35:11 GMT

GET
H3 200 victormono-italic-webfont.woff
helly.wtf/fonts/ 33 KB
33 KB 92ms
92ms Font
font/woff 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/fonts/victormono-italic-webfont.woff

Requested by

Host: helly.wtf
URL: https://helly.wtf/_app/immutable/assets/0.M7YoMFwD.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fbd476c0ab5c5ae2c6be9ac251f9c3ab0f972bfdfe46f6c33170e1e7a01f099

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://helly.wtf/_app/immutable/assets/0.M7YoMFwD.css
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33536
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "7fdb7796088e6f1c7af54e387bb7885c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtBoPl%2BaILW1yjjodjgeXjOLWVIuyMZS05NduHHHPwcdBHzV80v3W8iTqtivbtUH6BfRVsPvJuU6pCRLg215fXyIn%2Fbfi%2BTz%2B42qm56lvY%2FCe4XxzdvuSTtsE9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8754e6839d0502db-CDG

GET
H3 200 1.NP4efRoJ.js Show response
helly.wtf/_app/immutable/nodes/ 970 B
1 KB 87ms
86ms Script
application/javascript 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/_app/immutable/nodes/1.NP4efRoJ.js

Requested by

Host: helly.wtf
URL: https://helly.wtf/_app/immutable/entry/app.1G2TAKj7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1a1f13e419c160ac16c99d17e8b11f94bd8a86b5324856f5eb8b249aab8b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://helly.wtf
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ca4d920b632ed7bc1948f93ec350b5d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPfr8Sb7Xxrpdp5j6iyljl%2F8yDMs%2BEcFu6YrprNPq6ePCvRBmdxNFRRMh6wkseslt2sJuwPZFSzluM1F4QB%2F53bca3G4GdtpKZATWJYpyvVZOqP2NG%2FaFAfxdMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
cf-ray: 8754e6841dc902db-CDG

GET
H3 200 469514043053309952 Show response
api.lanyard.rest/v1/users/ 1 KB
1 KB 233ms
178ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lanyard.rest/v1/users/469514043053309952
Requested by: Host: helly.wtf
URL: https://helly.wtf/_app/immutable/entry/start.Ii6MhRol.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adcf03c7674d2341b186b067430a9819395a7bfc0bb18fef99c2e8bb2892b731

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://helly.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGEdQVZ7DFeUilimWErjS4dJDizPa%2BVcJuApTSw3MDDRq%2B2BC8kbCYJ2zgDKJ3LKlYPOi%2BGqKBgraN0rHtu9khiI3RJS4JVj%2FZicytQ26mm8ihrKEuwGDGmgUbUE7lURap6W"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 8754e684b894d6aa-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.png
helly.wtf/ 2 KB
2 KB 145ms
144ms Other
image/png 172.67.136.239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://helly.wtf/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.136.239 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5146ed79b486cb9e1cdcdd7814cd22ae78e70ceb30fa06b4cd9a16cf121bc9e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://helly.wtf/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 14:35:11 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1571
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "c07c389e6a03aad46141f7e546f28e15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=987d9oic2IWcu0WKah%2Bbpj0IyblQXXPbxdiQ8vVK%2FL75M7xXpiOpKMs8uIPkjOd7%2FnKDlyiiJ0%2FjfeTenoDmq4sLxsiBCivzcB1VD4QQ%2Fsxhx6vTCIIKUj5P2wA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 8754e6844dfd02db-CDG

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __sveltekit_17v6fkp object| __svelte

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lanyard.rest
cdnjs.cloudflare.com
helly.wtf
104.17.25.14
172.67.136.239
188.114.97.3
2606:4700:3032::ac43:88ef
0f5d9a79c0c89f5c17d2c9a8bb7240869fb775b24c96108929ff58ca1b99f037
1d1a1f13e419c160ac16c99d17e8b11f94bd8a86b5324856f5eb8b249aab8b09
205375ce25b9be57eb0704bccde34a7ddc2b93cfb6cc6708e79c453b5b6dc181
310537e1fbcad87fa45beb1eb4cd5632edc5abb3dcb4d344c18fbae5ea35bb57
31ad1c62fcc7a66efba80c680fca869c461e8de313806317c0d770cf98189ded
5146ed79b486cb9e1cdcdd7814cd22ae78e70ceb30fa06b4cd9a16cf121bc9e6
5351b7eee83b38321e9c4178a975bc1561035ff6d40e1beef8fe54644c564625
5ac50019d66ba08094c9646a5ce1dc3db483af9d475d191d0a069ec06d2f53bb
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6fbd476c0ab5c5ae2c6be9ac251f9c3ab0f972bfdfe46f6c33170e1e7a01f099
871cccad26d8a0a16047df8c0d4c86ea983d877a430f455e5ced231a7b34410a
a085b3266a5de0ded88bda96d295439e7bfef5d860435572dda4cbfa2aeaf6dc
adcf03c7674d2341b186b067430a9819395a7bfc0bb18fef99c2e8bb2892b731
e9ebf65c66fa951902231fbf4a817aaec0d6d7b66da1785b8bc5613f8c1180fc
f621e49f681535d5a2d8a71c0c9f37f0877ae16278a22e979a8fe7c0fc13e7a8

helly.wtf Open in urlscan Pro 2606:4700:3032::ac43:88ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

105 kBTransfer

466 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

helly.wtf Open in urlscan Pro
2606:4700:3032::ac43:88ef Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

105 kB
Transfer

466 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions