heng99.help Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://heng99.help/
Effective URL:
https://heng99.help/
Submission: On November 09 via api (November 9th 2024, 1:56:08 am UTC) from US — Scanned from NL

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 47 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is heng99.help.
TLS certificate: Issued by WE1 on September 28th 2024. Valid for: 3 months.

This is the only time heng99.help was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.186.31 104.18.186.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.18.64.15 2.18.64.15	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2.16.1.243 2.16.1.243	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	95.101.111.146 95.101.111.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	162.159.134.22 162.159.134.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.64.153.78 172.64.153.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	13

25 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

heng99.help	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.15 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-15.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

heng99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.1.243 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-243.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.111.146 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-146.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.134.22 (None, )

ASN13335 (CLOUDFLARENET, US)

device.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.153.78 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

d-ipv6.mmapiws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	heng99.help heng99.help	878 KB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5927 api.livechatinc.com — Cisco Umbrella Rank: 5615 secure.livechatinc.com — Cisco Umbrella Rank: 6850	36 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
2	heng99.com heng99.com — Cisco Umbrella Rank: 608467	51 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	450 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	87 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
1	mmapiws.com d-ipv6.mmapiws.com — Cisco Umbrella Rank: 22919	299 B
1	maxmind.com device.maxmind.com — Cisco Umbrella Rank: 38597	8 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	106 KB
47	11

	Domain	Requested by
25	heng99.help	heng99.help
5	analytics.tiktok.com	heng99.help analytics.tiktok.com
3	api.livechatinc.com	cdn.livechatinc.com
2	heng99.com	heng99.help heng99.com
2	cdn.jsdelivr.net	heng99.help cdn.jsdelivr.net
2	use.fontawesome.com	heng99.help use.fontawesome.com
2	fonts.googleapis.com	heng99.help
1	d-ipv6.mmapiws.com	device.maxmind.com
1	device.maxmind.com	heng99.help
1	secure.livechatinc.com	cdn.livechatinc.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.livechatinc.com	heng99.help
1	www.googletagmanager.com	heng99.help
47	13

This site contains no links.

Subject Issuer	Validity	Valid
heng99.help WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
heng99.com WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh
maxmind.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
mmapiws.com WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://heng99.help/
Frame ID: D10DB4EA210273EFAD4D478F2DEC5004
Requests: 46 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=13349250&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Frame ID: 68B2C0A0D70EA0C5E278664C2104EE31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Heng99 เว็บตรง รับสมัครตัวแทนสร้างรายได้ หลัก หมื่น ถึง ล้าน บริการ คาสิโนออนไลน์ และ เกมส์เดิมพันออนไลน์ - HENG99

Page URL History Show full URLs

http://heng99.help/ HTTP 307
https://heng99.help/ Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

47
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

1757 kB
Transfer

5718 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://heng99.help/ HTTP 307
https://heng99.help/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
heng99.help/
Redirect Chain

http://heng99.help/
https://heng99.help/

468 KB
45 KB

800ms
638ms

Document
text/html

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

806592b57258d27a9244d5aad4a8e5d51fb694557e980569591081a4a46eb726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8dfa2f07bae18f32-FRA
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Sat, 09 Nov 2024 01:55:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15FFM83WH3X%2FSGTOcgWPwDfdlPWFa63kzNhllM1K9ExI8A4eKd18cqjDS1qkytRK1admJV4tsiFlqrLKUTDhPr1scpE9bKoY9vHfwdivrUp7lYjLlImsuXvQIvdL%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=19321&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4532&delivery_rate=626&cwnd=12000&unsent_bytes=0&cid=7752889c57f83d02&ts=719&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-powered-by: Nvenger Technology
x-xss-protection: 1; mode=block

Redirect headers

Location: https://heng99.help/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 81ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400|Material+Icons

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c3cf89871e7f6ee21071b29429e6ca6ab5cdeac689d22f1f7b5432c715c92e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 01:56:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 09 Nov 2024 01:56:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 all.css
use.fontawesome.com/releases/v5.10.2/css/ 55 KB
13 KB 122ms
37ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Requested by: Host: heng99.help
URL: https://heng99.help/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
age: 603773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jhe%2F2cFFarVvgJMNW3f1%2B1nb4jizBh%2BldyVw8bR8maZg2LbGhtwC82%2FICwWGDxBEMPGNQn3U70GvY9israrcLAsHQhwcu2lvydiPX93J5i1WY4EszEXpNuGjO8EnN2MAq3P%2F9p5ILNR01210JOdgbhQE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dfa2f0cba02f170-CDG
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=28128&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2174&delivery_rate=136723&cwnd=204&unsent_bytes=0&cid=7bb0325e5a36487f&ts=41&x=0"
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:44:55 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 7 KB
736 B 81ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Sarabun:100,300,400,500,700,900&display=swap

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44734b5925b75c6778744dfbda45bcab0e81c0837dc2adf8ebb677d55d0e976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 01:56:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 09 Nov 2024 01:56:00 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 339 KB
55 KB 88ms
37ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
age: 25169
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7WuJEmQ3aF9F7DbOSNphXpfJaVKjWqe%2FQihGkQ0iwhVPQQz4ABGRmHjFNhimR6%2F5iWru0WZFHS9njPTFbbni%2FmrEIuw9dOq5F9BhoghCq%2BpUvomxlu1MKak6I2VjKm0Z2L2uuj2fiWwiZPk7g2Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-etou8220025-FRA, cache-lga21976-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dfa2f0c8df19736-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 55843
server: cloudflare
x-jsd-version: 7.4.47

GET
H3 200 tt_pixel.js Show response
heng99.help/assets/js/ 995 B
1 KB 555ms
554ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/assets/js/tt_pixel.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

122806fd5857e8e2aa1c7a23ac5c15b97ae07551be2360eaffd1db64aafa3bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"3e3-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zon%2BsV2%2B8vy%2BQTg2zGYzZ7htm7hjqRyOGizG4BmhijkQIOwgtTo%2BUQdZVWBrvTkEEWLtMlnax%2BzxzZzlEbvGQc9OuG14obUulJDBBuONvgtXYrKTnS6GN9fwI5Zp0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20009&sent=162&recv=81&lost=0&retrans=0&sent_bytes=163504&recv_bytes=11619&delivery_rate=824132&cwnd=43200&unsent_bytes=0&cid=7752889c57f83d02&ts=1636&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e0d938f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 device.js Show response
heng99.help/assets/js/ 469 B
1 KB 566ms
565ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/assets/js/device.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

babb905dcd91d53330df196536dfb9583f506ec0a8b2969c678e085745f45030

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"1d5-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L26OI6HXGgOU82xISJJeQfOlvigUXo5%2Fx0rqqiRxnsjXEH2GHfPT8RchtcVCBwQdXKRWntVrglkdCtTqGYwTsMQWSmWyUmMA7CKX%2Fu77ajp%2B%2BxvHHv8h0ZaSRJl%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20009&sent=164&recv=81&lost=0&retrans=0&sent_bytes=164935&recv_bytes=11619&delivery_rate=824132&cwnd=43200&unsent_bytes=0&cid=7752889c57f83d02&ts=1648&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e0d948f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 f249f670aa4599aabc5a.js Show response
heng99.help/_nuxt/ 5 KB
3 KB 559ms
558ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/f249f670aa4599aabc5a.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

6bf8fea137c6d99d8c450d5c50f4fef9a970674e9f309e65135c7bc670fd0936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"132a-192c3699ea0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ulg5NOcueYeDOi1dKOEoka3M%2B2k6KkrfmaSpTSL1weojzVuAUkCnt%2Ftow5YR0BPtqSKSVCcb1%2BtduVgJygIO%2Bjb%2Fa7rZ0zUp7xwIL%2FLXlcHlMLRIdEUN6dKtn1uRlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19606&sent=60&recv=49&lost=0&retrans=0&sent_bytes=51910&recv_bytes=10206&delivery_rate=74899&cwnd=24000&unsent_bytes=0&cid=7752889c57f83d02&ts=1349&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:12 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cd38f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 639fcceb011245da77f0.js Show response
heng99.help/_nuxt/ 231 KB
79 KB 786ms
786ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/639fcceb011245da77f0.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

a64505ef5482ef96e27511e706242203f5a88d27cadb7c67dae228b9d434cc01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"39cb7-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycG16QSy8E%2Bey4GN4mn%2B1tjkIprtbQO39gAfkS1mFUkjEKwHGqRmHFuQShHW2xByo6rM2PBY4yhM%2BfSPp2hslOWntNFO8ib4L%2Fnabcfclo26oF4dJyVw9OaDTDe0RA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19476&sent=132&recv=74&lost=0&retrans=0&sent_bytes=129163&recv_bytes=11307&delivery_rate=777614&cwnd=43200&unsent_bytes=0&cid=7752889c57f83d02&ts=1578&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cd48f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 3bb883d078ae7828efea.js Show response
heng99.help/_nuxt/ 2 MB
418 KB 771ms
771ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/3bb883d078ae7828efea.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

90a06dc68b318d3e604984e5f8921f3e4104c11c8bd30ab42e176f2b7ae8c8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"1b3e2e-192c3699ea0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fy65CRAo97vdS5caO0A3MLvbFShfERnfUqys2JsUkCgjvYmlqrAp8WLu5Ip7dP6kK2T9LoQO0OXK1qlranp%2BJ3TMnu2qHR4fhYlE0%2F5w74zlwKqI8gm%2BdDwfcjmatQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19457&sent=118&recv=71&lost=0&retrans=0&sent_bytes=114037&recv_bytes=11174&delivery_rate=858812&cwnd=28800&unsent_bytes=0&cid=7752889c57f83d02&ts=1564&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:12 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cd58f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 63fad10b56133828b8bf.js Show response
heng99.help/_nuxt/ 400 KB
70 KB 758ms
757ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/63fad10b56133828b8bf.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

1ae613b4339261c1be58dde9f3e4cb759b218848041085b48b372c083d036cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"640a6-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kazIvGpTuYtol%2Bvcvr3Rx8YGO%2Br96Pek2jv2bSvasF2cPy%2Bgau%2F6J1RbcY3syUftIjt%2Bz9iYuZENx6xm%2BExBzrcWp7NiVbCB4GuYp0RnbjVG35ef5CkAiXuGvRM%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19457&sent=105&recv=71&lost=0&retrans=0&sent_bytes=98921&recv_bytes=11174&delivery_rate=858812&cwnd=28800&unsent_bytes=0&cid=7752889c57f83d02&ts=1550&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cd68f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 1b26f5550a627d1c4250.js Show response
heng99.help/_nuxt/ 63 KB
16 KB 707ms
707ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/1b26f5550a627d1c4250.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

8b9066884340a26f98cb86b8de34e05fc6d05266281dbbce63c9dd18405b6490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"fce2-192c3699ea0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ltx4Hk%2FOU0K1Zaaqmvikdt76iVXbhRl0PVzYdFLnheIya9IIRcvubctHTFRu0IJh6Cuq0IGpbjZzffYQiS7HfMracCuAuqTiD9QAFmrrEOxp3xrjZHgt3RGms3Jc5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19513&sent=81&recv=55&lost=0&retrans=0&sent_bytes=74695&recv_bytes=10465&delivery_rate=450669&cwnd=24000&unsent_bytes=0&cid=7752889c57f83d02&ts=1500&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:12 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cd78f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 46b3cf83e5b0d4db8f22.js Show response
heng99.help/_nuxt/ 28 KB
8 KB 662ms
661ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/46b3cf83e5b0d4db8f22.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

8089ccbe83467d90a6b1abd1967b74559f77e799f89d0a5c29fbe64f2318a8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"717b-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=59hyy7t%2FODz8ZJJnEXj1tmSTlo5x99kNbWhQYtTnpgghVaEHGOz7%2FGIEV5MHt3J0awzGwQjaFnpEIpWs1JaxA6ZW1TVn%2BzobtbwSm6dAjCD2m0kVuHKYPxHVruWYUg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19613&sent=64&recv=51&lost=0&retrans=0&sent_bytes=55546&recv_bytes=10292&delivery_rate=13653&cwnd=24000&unsent_bytes=0&cid=7752889c57f83d02&ts=1454&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cd88f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 713ab65004bdbd3a1bd1.js Show response
heng99.help/_nuxt/ 47 KB
10 KB 697ms
697ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/713ab65004bdbd3a1bd1.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

bd60cf2dd6b116c28fa253c057464b1b38aa9c76ddee716c91b889726eb21190

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"bc20-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjO46mBtTIY9pN9jOIhq90rqKNKPYoABit8JvDNAfbv8gMd8uOBvBl8EZGxZbDsSJ%2BT%2B%2B5KD%2FdkNMzgnKpN1d5lUoQPj4tVyAJD4ncuKdXpGxZLUTZyl5HfeZEKveA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19513&sent=72&recv=55&lost=0&retrans=0&sent_bytes=64243&recv_bytes=10465&delivery_rate=450669&cwnd=24000&unsent_bytes=0&cid=7752889c57f83d02&ts=1490&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cda8f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 629d168cfc6d293902f2.js Show response
heng99.help/_nuxt/ 73 KB
7 KB 727ms
727ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/629d168cfc6d293902f2.js

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

ad2f58ea84c939308326613c2ce2758589ae503a8daee3297c2fa1ce4f26e14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"123f2-192c3699ea0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7k6BE7GXcdZVEBfdHzuI4NDHKBWBFH%2FViohsjJXQNyZlbOKHmcKHqW1b5iOPTrB%2FPbYeYT9Lodk0%2BWu%2FUxr3tsKiHdRKGRL6agZRsNiHRclLerBl7Cir1KfD%2BLrog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19702&sent=97&recv=59&lost=0&retrans=0&sent_bytes=91448&recv_bytes=10641&delivery_rate=490302&cwnd=28800&unsent_bytes=0&cid=7752889c57f83d02&ts=1519&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:12 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0c3cdb8f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 main-redblack-bg.jpg
heng99.help/ 24 KB
24 KB 681ms
681ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heng99.help/main-redblack-bg.jpg

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

5a1dd196aa2bccf24bcab41592fac17cd78f5779929d072e71cf780b7397bfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

cf-cache-status: MISS
etag: W/"5e43-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYb07kOXFd8WesK0vRsWpr6yHN%2BEjunyPto1gvj6SWuhktLwucmyelJLwE%2FmnqLJKUdBss4bviiteoLxoOzYgePKZ6xMVn8r%2BSTU7h7dcNNjaf5%2F1FdLRt7A06GnWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19880&sent=291&recv=91&lost=0&retrans=0&sent_bytes=311994&recv_bytes=12077&delivery_rate=2736339&cwnd=92400&unsent_bytes=0&cid=7752889c57f83d02&ts=1770&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: image/jpeg
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e0d9b8f32-FRA
accept-ranges: bytes
content-length: 24131
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 gradiant-top.svg
heng99.help/ 5 KB
2 KB 559ms
559ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heng99.help/gradiant-top.svg

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

0fa17a5634067e4b2c22574ea14e79f3630d07187cc9297c514648f6dd2349c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"127b-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kX0%2FQew7YZKFaxi7PHlK%2FqbFDiorc7%2B7snPGWeLahYftd4NJi4TwC1gwMltBpqrSEsYZALy2JEMSlk1TGEc2Es3I04nF2XcbeNfLgrAZVcnLdNty2FT%2BE8yu4m04g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20009&sent=165&recv=81&lost=0&retrans=0&sent_bytes=166047&recv_bytes=11619&delivery_rate=824132&cwnd=43200&unsent_bytes=0&cid=7752889c57f83d02&ts=1648&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: image/svg+xml
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e0d9c8f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 gradiant-bottom.svg
heng99.help/ 5 KB
2 KB 542ms
541ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heng99.help/gradiant-bottom.svg

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

c205a46f4b038702a484163ce40f53b623645124d86ff02e80316eba2d909d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"129c-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cV4NScqSbtmLbuB1D1Iw5r37qM9PkBEfSnHf7dwwgZz%2F3aEg0%2FW2HQIpSmUxwUN40d4p5ZP8bDlRsNVDHk%2Bs8%2BaKMnfCjWANCdaVURjr%2BbK5JnvtgpN%2FJKfj7uoYbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20009&sent=159&recv=81&lost=0&retrans=0&sent_bytes=161015&recv_bytes=11619&delivery_rate=824132&cwnd=43200&unsent_bytes=0&cid=7752889c57f83d02&ts=1630&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: image/svg+xml
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=3,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e0d9d8f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 394 KB
395 KB 128ms
33ms Font
font/woff2 104.18.186.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.4.47

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://heng99.help
Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Response headers

access-control-expose-headers: *
cf-cache-status: HIT
etag: W/"62710-TiD2zPQxmd6lyFsjoODwuoH/7iY"
age: 28829
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vmLBuUbyJn%2FwAdDsDkIRFk04VlLbKVs68iubM%2B4xPQd0gKWbqEnCQcv8EYqQmWiB2RWgBpMV3PWuw92kuG52oQOX%2FT2gXacKhkLkVPYEfJyStDdfrmoz4EDrdDoRqGYbrk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: font/woff2
x-served-by: cache-fra-eddf8230112-FRA, cache-lga21969-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dfa2f0ebe623619-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 403216
server: cloudflare
x-jsd-version: 7.4.47

GET
H3 200 Sarabun-Regular.6620546.ttf
heng99.help/_nuxt/fonts/ 81 KB
42 KB 783ms
782ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/fonts/Sarabun-Regular.6620546.ttf

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

2b067a15dbdf1d9f1732e457fe279676793710eb718e83a7cf25d76580265bca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://heng99.help
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"14448-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtls6vg76HPXP9GyVd8geeRc%2BiQwg4H9XZ5P1HF3hK1wY1bODOBHYz0Wry%2BWjzK8MApDIMiygtEnVdZG%2F97KYty1ENcjdyst8FqzRHmFo77upvNb2jVdGbE6Fbvq1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24312&sent=326&recv=103&lost=0&retrans=0&sent_bytes=352577&recv_bytes=12619&delivery_rate=775132&cwnd=100800&unsent_bytes=0&cid=7752889c57f83d02&ts=1883&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: font/ttf
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e1da68f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 Sarabun-Medium.1e54abd.ttf
heng99.help/_nuxt/fonts/ 81 KB
42 KB 736ms
736ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/fonts/Sarabun-Medium.1e54abd.ttf

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

59ffeff99889d34b49d1b64f413ec1b598eeb4214999771c5f1e67a379469a91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://heng99.help
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"14458-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13dmhvLcH1jAgrlJJKbMdIDpBhyqQT8Lo5YCXJeKRVnDqBp5aylY2wk8koHMl2GJwO%2F%2FGME1zFXITUZ4nAZBffLN3SgwalmLnmuPyHMPNo2Q1IywQgtrQafO8ts%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25752&sent=313&recv=101&lost=0&retrans=0&sent_bytes=337446&recv_bytes=12528&delivery_rate=2458611&cwnd=100800&unsent_bytes=0&cid=7752889c57f83d02&ts=1835&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: font/ttf
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e1da98f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 73 KB
74 KB 221ms
176ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://heng99.help
Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css

Response headers

cf-cache-status: MISS
etag: "3e1b2a654a784ceb385157140b4ccd71"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZiMQ%2FmXxU9sv4b6T1p6bfBXLKGKbnX%2BZpHuXu3GASoXs4p5KmaU7tedjTSLRHTgTtHQ1MxN%2FLqgKFPE6HsVELPmSCM8%2F9En1L9f0BJ8MYV%2F7eVwq%2BOV6uGz3swpJpQsuvdbQ4QTigQFnEYzk0JXqrJTW"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21026&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4027&recv_bytes=2250&delivery_rate=187599&cwnd=74&unsent_bytes=0&cid=b5b8f890b52e8ab5&ts=178&x=0"
date: Sat, 09 Nov 2024 01:56:00 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:44:56 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dfa2f0e6e8a7178-DUS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 74524
server: cloudflare

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 168ms
117ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE1E3ABC77UDDKL3KEE0&lib=ttq
Requested by: Host: heng99.help
URL: https://heng99.help/assets/js/tt_pixel.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8d310229d4efb194bcd82afd8e9c92cb9adcc6362b1d6dacec63cd9a454dad92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
expires: Sat, 09 Nov 2024 01:56:01 GMT
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=93
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 2b6862a2
x-tt-trace-host: 01afd4085f8e69829bebd2cc5bd52521d29612814df76c8f28937d49fd64342c2f1d767300ef5ddb07dff1e3ac39f648a7675a479ee4617fbe099182c73344640e415f64bda013e22d538da32b81e81d568f8d0f357d8979015ad5086130ea3c05
x-origin-response-time: 93,2.20.179.79
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241109015600190A6D01848A89CDD042-5A5D859C4541D367-00
x-tt-logid: 20241109015600190A6D01848A89CDD042
server: nginx

GET
H2 200 main.MWQ2ODQwNTg2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 341 KB
95 KB 39ms
38ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE1E3ABC77UDDKL3KEE0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 40780f31a9399252b5f948ced83fc2a4e79cde535e3ebb8e001b911a71729bdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=20
x-tt-trace-id: 00-24110712560848DC70F4CCD9B3A0F815-62129DBC8E3A4E8F-00
content-length: 96893
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024110712560848DC70F4CCD9B3A0F815
server: nginx
x-akamai-request-id: 2b6863e2
x-tt-trace-host: 01c50de85dc75f1a67e974017a8f696cf931cd2a235485337d429123c1870663fef5464962030ec32c45745117ed1f12384a8fa7de28985526dc8c9af29d417a20667b3f5dd6e2ea52732c9a53bdc26dde3eedda71ec45a0cf29dfd1e361d1d8af

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 23ms
23ms Script
application/javascript 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
x-tt-trace-id: 00-2408300225259566A772C0142480CD10-602315FD6571BF12-00
content-length: 39455
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202408300225259566A772C0142480CD10
server: nginx
x-akamai-request-id: 2b6864b8
x-tt-trace-host: 013c7db2a56d644dc8fd7f6e7ecd689b12a07851d62b1d7cbea7620bdccb515c6097130239d0d03cd7097d4e2c6d6c93d708d19d604bda57f5f1af32042e6c53070f89e179ae570644e5bbf2061d1e6fc869a20a793784dee2941056a3936597ab

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
876 B 160ms
159ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heng99.help/

Response headers

x-cache-remote: TCP_MISS from a23-220-104-207.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 09 Nov 2024 01:56:01 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=41, inner; dur=35
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sat, 09 Nov 2024 01:56:01 GMT
x-akamai-request-id: 21b7d97b.2b6864cf
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01afd4085f8e69829bebd2cc5bd52521d2d46d683778dbe48147ed1392d2a781c2f2d8ef0df4a974351c36c1c1d64a0b89abede889b16c7304a28cc9926614642774f8b192c6b05a44a541e987aaf9e99428c8de9f4e5a56d1eee6c9fd1300e1cbd23b2ade4fbcbc16e5ecdf116af34f7c
x-origin-response-time: 41,23.220.104.207
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411090156013C295AB9B44DD14F7C22-79C9A66C12CDD094-00
content-length: 0
x-parent-response-time: 130,2.20.179.79
x-tt-logid: 202411090156013C295AB9B44DD14F7C22
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
718 B 201ms
200ms Ping
text/plain 2.18.64.15
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ2ODQwNTg2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.15 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-15.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heng99.help/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 09 Nov 2024 01:56:01 GMT
server-timing: inner; dur=70, cdn-cache; desc=MISS, edge; dur=5, origin; dur=164
x-cache: TCP_MISS from a2-20-179-79.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Sat, 09 Nov 2024 01:56:01 GMT
x-akamai-request-id: 2b68670d
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01afd4085f8e69829bebd2cc5bd52521d29612814df76c8f28937d49fd64342c2f05ce01ad533415477977f31b8bbe1100e7118cb8b66e12aabc234e71ef0136237829bd33d895cd6ba6db6a997087a7deaa891b02409faceb544089b6c0d76b20
x-origin-response-time: 165,2.20.179.79
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411090156014873DAD387E82F476119-3E239B5530A6DDC8-00
content-length: 0
x-tt-logid: 202411090156014873DAD387E82F476119
server: nginx

GET
H3 200 Sarabun-Regular.6620546.ttf
heng99.help/_nuxt/fonts/ 81 KB
0 0ms
0ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/fonts/Sarabun-Regular.6620546.ttf

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

2b067a15dbdf1d9f1732e457fe279676793710eb718e83a7cf25d76580265bca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://heng99.help
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"14448-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qtls6vg76HPXP9GyVd8geeRc%2BiQwg4H9XZ5P1HF3hK1wY1bODOBHYz0Wry%2BWjzK8MApDIMiygtEnVdZG%2F97KYty1ENcjdyst8FqzRHmFo77upvNb2jVdGbE6Fbvq1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=24312&sent=326&recv=103&lost=0&retrans=0&sent_bytes=352577&recv_bytes=12619&delivery_rate=775132&cwnd=100800&unsent_bytes=0&cid=7752889c57f83d02&ts=1883&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: font/ttf
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e1da68f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 Sarabun-Medium.1e54abd.ttf
heng99.help/_nuxt/fonts/ 81 KB
0 2ms
2ms Font
font/ttf 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/fonts/Sarabun-Medium.1e54abd.ttf

Requested by

Host: heng99.help
URL: https://heng99.help/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

59ffeff99889d34b49d1b64f413ec1b598eeb4214999771c5f1e67a379469a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://heng99.help
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"14458-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=13dmhvLcH1jAgrlJJKbMdIDpBhyqQT8Lo5YCXJeKRVnDqBp5aylY2wk8koHMl2GJwO%2F%2FGME1zFXITUZ4nAZBffLN3SgwalmLnmuPyHMPNo2Q1IywQgtrQafO8ts%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=25752&sent=313&recv=101&lost=0&retrans=0&sent_bytes=337446&recv_bytes=12528&delivery_rate=2458611&cwnd=100800&unsent_bytes=0&cid=7752889c57f83d02&ts=1835&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: font/ttf
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f0e1da98f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 pCAHJ2Cxd3DwuJ0A Show response
heng99.com/WqJaRitjU2XqpCt3/ 135 KB
51 KB 121ms
73ms Script
text/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.com/WqJaRitjU2XqpCt3/pCAHJ2Cxd3DwuJ0A?apiKey=LeUVCf4RZKFR7arKIdhO&version=3&loaderVersion=3.11.2

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/3bb883d078ae7828efea.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c148f341233a5a9c69cd2084ecf8f69043d29e37adfc309e2c1f8430aeeb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"UO0KBlKGfEaVN5zZax+0WD+5IsA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ygkIwLLWFWDybGCaVOu%2FWPA5ZOXpD6pyOF3Qq92AKapTLjPk54T4sgWbxqnZ9WdlVFJo2g3uwZQMXv8R4i6Yzxa9CHN6CH1X16IKeq1qagwrwbGgLCUuub3pSEoz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: iyaqaqHkxmNZuiarBsoJh7P491xphxlSYjG22j8qwN-Lb7Look9hxw==
date: Sat, 09 Nov 2024 01:56:01 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=27925&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4162&recv_bytes=4382&delivery_rate=28152&cwnd=12000&unsent_bytes=0&cid=3fb38d09d575adb4&ts=87&x=1", cfHdrFlush;dur=0
cache-control: public, max-age=3600, s-maxage=60
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
via: 1.1 37236193bd380575cb98e661bedbb260.cloudfront.net (CloudFront)
cf-ray: 8dfa2f16aa799273-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P8
server: cloudflare

GET
H3 200 d9c6df674515c0f5232b.js Show response
heng99.help/_nuxt/ 30 KB
10 KB 2711ms
2710ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/d9c6df674515c0f5232b.js

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/f249f670aa4599aabc5a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

4b7f82e7824e215b5c19d02473f6d27fe1fd751c8be761030a5bdb32349c2fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"76c3-192c3699ab8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SpT8%2BLpFEk6R7s05I2c0XGiXj%2Fa201vE%2FUi%2BaFW0CA0mbvixhMlrGc%2BMPQMsNHT%2FCslEFXAqf2wh%2FNEGQ2qDjIF3%2BIFl96rlhZTNEjrjOoTrTcepGud8mEQSkILLZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20179&sent=721&recv=148&lost=0&retrans=3&sent_bytes=817446&recv_bytes=15219&delivery_rate=4516951&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=3168&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:02 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:11 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f1669fe8f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 bb9b1fd9d9f8a57c54d5.js Show response
heng99.help/_nuxt/ 256 B
1005 B 2709ms
2709ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/bb9b1fd9d9f8a57c54d5.js

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/f249f670aa4599aabc5a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

a4b8fa1c259f10179d2885ffca0142f6a1cac40efcbeccfe5b33495b282a1821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"100-192c3699ea0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggcnJph1jjW26bTQJm62HVGO4thTdWBByOaSxagGH9eIZa8u0tqAHU7Rd%2BclCWTEgYhf3SsmuE1bdXxQMxSZzlZ6o%2B7qpqI5izIlelSZk1GClQurzew77YPeqY2DYw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20179&sent=717&recv=148&lost=0&retrans=0&sent_bytes=814313&recv_bytes=15219&delivery_rate=4516951&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=2951&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:02 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:12 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f166a008f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H3 200 YQoL Show response
heng99.com/WqJaRitjU2XqpCt3/FN5PNmSyF41LdSWN/TPyLX/Um-uQh/6EkU/RXODZ/ 92 B
850 B 525ms
501ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.com/WqJaRitjU2XqpCt3/FN5PNmSyF41LdSWN/TPyLX/Um-uQh/6EkU/RXODZ/YQoL?region=ap&q=LeUVCf4RZKFR7arKIdhO

Requested by

Host: heng99.com
URL: https://heng99.com/WqJaRitjU2XqpCt3/pCAHJ2Cxd3DwuJ0A?apiKey=LeUVCf4RZKFR7arKIdhO&version=3&loaderVersion=3.11.2

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b163c51fe7679132c8fdf52e07221007a801a06be28bff7fc730769d84b7fd

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

x-robots-tag: noindex
access-control-expose-headers: Retry-After
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoSkwdfeg99NZ7e4vwSmjjf1AoCHFoLSbSiTQoApc6ZSrsSxcLeLIWu%2BTv0SpIQsk2ifURfSKKRhvKc%2F%2B25IX1iPxFz6sbI5fIoQAwPNiI%2B0wkAXhyhHQWsCjgRx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19920&sent=11&recv=9&lost=0&retrans=0&sent_bytes=2207&recv_bytes=4256&delivery_rate=625&cwnd=12000&unsent_bytes=0&cid=6bed0f872d0b58d5&ts=503&x=1", cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:04 GMT
content-type: text/plain; charset=utf-8
vary: Accept-Encoding
x-frame-options: DENY
content-security-policy: default-src 'none'; frame-ancestors 'none'
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
cf-ray: 8dfa2f278e6bdc9c-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 1325812e7b310cadcdcb.js Show response
heng99.help/_nuxt/ 324 KB
86 KB 756ms
756ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/_nuxt/1325812e7b310cadcdcb.js

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/f249f670aa4599aabc5a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

ef5d88b5d47863d2a95cac27355e31d6cd774d475ff52941cf2d220cc03c6893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"50e69-192c3699ea0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sEl6GLnvFbiMFbzJmJjPGhojqEJibwxCaKpwKVkxoNIFyoQcNTg7eqR0hWFav9NnFDkLOD05un1Rq8taYd9wgTKFZ0RQe01YMi9wVBc%2Bt4aHZT5SCrb6WScmO%2BD8cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=315643&sent=737&recv=151&lost=0&retrans=9&sent_bytes=831377&recv_bytes=15632&delivery_rate=6292&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=5904&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 25 Oct 2024 11:22:12 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f2769858f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 315 KB
106 KB 87ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0285Z1S0Z5

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/63fad10b56133828b8bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3176ceaa6e13a93db154bc2e90e3dd69ac31fbca7551a1383075d7c74679e76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 09 Nov 2024 01:56:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107766
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 84 KB
28 KB 94ms
23ms Script
application/javascript 2.16.1.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: heng99.help
URL: https://heng99.help/_nuxt/63fad10b56133828b8bf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d9c5fce4491aad94618e510f3920b2682a772e303154bfd0abbab1c695d9a750

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: br
x-amz-version-id: GwR4wlEcZjIMeUHWg3a2axLx52DxWGAr
etag: W/"81baeaf73a264c73efd7eed1016aca73"
expires: Sat, 09 Nov 2024 09:56:05 GMT
x-amz-cf-id: 83idimmESHOVZ6KrqlMFrbK2Guy6yEttBQafCv-Fp4l_NqudbzPOZg==
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 08 Nov 2024 13:00:33 GMT
vary: accept-encoding
cache-control: max-age=28800
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 28694
x-amz-cf-pop: FRA60-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H3 200 outpost.agent.domain Show response
heng99.help/api/ 330 B
1 KB 240ms
240ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/api/outpost.agent.domain

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/639fcceb011245da77f0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

ad6567064eb37b3eb9bc468e866f57dce335ff7bb3f52132ddc90bf189c59a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heng99.help/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
x-correlation-id: 938a2419-bdd9-47e2-62ae-c8e8debfff39
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WE65ggs052%2Bfmhoe5tW0pK5h4NmCrkvimRswpG4bFWynmbuL%2BX60d%2BME%2B7TlHLeNjEPYsc0YhAUAYZDufM1CBnNG9D1VL5O2RtK1iW6O3%2FhfDswoqtWp%2BKCVCN6FzjPrjfTHDR%2BHAX19PcBRnPDx1uozgMfVpET86A4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=2021&sent=3&recv=5&lost=0&retrans=0&sent_bytes=2826&recv_bytes=1591&delivery_rate=1593835&cwnd=222&unsent_bytes=0&cid=84f25418c69e249d&ts=32&x=0", cfL4;desc="?proto=QUIC&rtt=111833&sent=817&recv=164&lost=0&retrans=9&sent_bytes=922512&recv_bytes=16998&delivery_rate=3840300&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=6373&x=1", cfExtPri, cfHdrFlush;dur=0
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
x-download-options: noopen
cf-ray: 8dfa2f2d9c138f32-FRA
content-length: 239
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

POST
H3 200 outpost.agent.domain Show response
heng99.help/api/ 330 B
1 KB 225ms
224ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/api/outpost.agent.domain

Requested by

Host: heng99.help
URL: https://heng99.help/_nuxt/639fcceb011245da77f0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

ad6567064eb37b3eb9bc468e866f57dce335ff7bb3f52132ddc90bf189c59a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heng99.help/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

content-encoding: gzip
x-correlation-id: 3cfb9629-1434-4fe9-4064-176dfb8e8bbb
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRBNxULuRkKCfTjfALB3Oa%2F%2BIBUAxObAR2bW95OqKHkPTXjYAO7vCUASOdVpepIHa%2BrHXtswPCEAN1JH7BzIIwiEiLo1vkYYiTUOmNOXQYaNKF9%2Fc%2FMpcKUWrUgU9S63gEKyJbusBwokDHbGv0Yx6Ta97%2B2gqvihza8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=1577&sent=3&recv=5&lost=0&retrans=0&sent_bytes=2825&recv_bytes=1591&delivery_rate=1954116&cwnd=252&unsent_bytes=0&cid=79c97736f25a96c8&ts=20&x=0", cfL4;desc="?proto=QUIC&rtt=111833&sent=815&recv=164&lost=0&retrans=9&sent_bytes=921266&recv_bytes=16998&delivery_rate=3840300&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=6359&x=1", cfExtPri, cfHdrFlush;dur=0
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
x-download-options: noopen
cf-ray: 8dfa2f2d9c148f32-FRA
content-length: 239
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 384 B
596 B 239ms
167ms Script
application/javascript 95.101.111.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=13349250&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fheng99.help%2F&channel_type=code&jsonp=__b05pcz8okj4

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-146.deploy.static.akamaitechnologies.com

Software

Resource Hash

db2e27638bef83c2ec60bab1b38b878d44329da23e87fee6fcedd302e518656d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://heng99.help/;
X-Frame-Options	allow-from https://heng99.help/

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-security-policy: frame-ancestors https://heng99.help/;
content-length: 384
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
x-frame-options: allow-from https://heng99.help/

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 50ms
19ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0285Z1S0Z5&gtm=45je4b70v895487633za200&_p=1731117365331&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629&cid=1905367450.1731117365&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731117365&sct=1&seg=0&dl=https%3A%2F%2Fheng99.help%2F&dt=Heng99%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%95%E0%B8%A3%E0%B8%87%20%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%AA%E0%B8%A1%E0%B8%B1%E0%B8%84%E0%B8%A3%E0%B8%95%E0%B8%B1%E0%B8%A7%E0%B9%81%E0%B8%97%E0%B8%99%E0%B8%AA%E0%B8%A3%E0%B9%89%E0%B8%B2%E0%B8%87%E0%B8%A3%E0%B8%B2%E0%B8%A2%E0%B9%84%E0%B8%94%E0%B9%89%20%E0%B8%AB%E0%B8%A5%E0%B8%B1%E0%B8%81%20%E0%B8%AB%E0%B8%A1%E0%B8%B7%E0%B9%88%E0%B8%99%20%E0%B8%96%E0%B8%B6%E0%B8%87%20%E0%B8%A5%E0%B9%89%E0%B8%B2%E0%B8%99%20%E0%B8%9A%E0%B8%A3%E0%B8%B4%E0%B8%81%E0%B8%B2%E0%B8%A3%20%E0%B8%84%E0%B8%B2%E0%B8%AA%E0%B8%B4%E0%B9%82%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%81%E0%B8%A5%E0%B8%B0%20%E0%B9%80%E0%B8%81%E0%B8%A1%E0%B8%AA%E0%B9%8C%E0%B9%80%E0%B8%94%E0%B8%B4%E0%B8%A1%E0%B8%9E%E0%B8%B1%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20-%20HENG99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6364
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0285Z1S0Z5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://heng99.help
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 178ms
178ms Script
application/javascript 95.101.111.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=179cfdfd-dd25-4586-a553-58eb46e79a3c&version=1382.0.2.56.23.17.3.3.1.1.1.6.2&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a12370ba895c5691c499a42911289487ce20e40f9905a52bc6c7ef9bb3025f3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Sat, 09 Nov 2024 02:06:05 GMT
content-length: 1550
date: Sat, 09 Nov 2024 01:56:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 68B2 0
0 223ms
165ms Document
text/html 95.101.111.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13349250&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://heng99.help/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 744
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2024 01:56:06 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 20 KB
5 KB 538ms
538ms Script
application/javascript 95.101.111.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=179cfdfd-dd25-4586-a553-58eb46e79a3c&version=d41d8cd98f00b204e9800998ecf8427e_903a4b362b59b3a9288e030bd4db0578&language=th&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.111.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-111-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec0b4fe5e9612a67c45f0108f37da935dec4238b76cac148ddd6fe07579cd61b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Sat, 09 Nov 2024 02:06:06 GMT
content-length: 5138
date: Sat, 09 Nov 2024 01:56:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H3 200 device.js Show response
device.maxmind.com/js/ 18 KB
8 KB 70ms
33ms Script
text/javascript 162.159.134.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://device.maxmind.com/js/device.js

Requested by

Host: heng99.help
URL: https://heng99.help/assets/js/device.js

Protocol

Security

QUIC, , AES_128_GCM

Server

162.159.134.22 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bfc279f0ae1fe188f9708d9d63a4f0b28e1f7f9decda468341da170ad3c873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 4488
cf-ray: 8dfa2f348d04b92c-AMS
expires: Sat, 09 Nov 2024 05:56:06 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 01:56:06 GMT
content-type: text/javascript; charset=utf-8
last-modified: Sat, 09 Nov 2024 00:41:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon.ico
heng99.help/favicon_io/ 1 KB
2 KB 571ms
571ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/favicon_io/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

2b261b3f86b912216fb6f1edcfab74ff6b610d8e0346fe28f18208b4f09abf87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"47e-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD9LFHJ1vz2oNtmvXtMTtAoyhL%2Fgt3vUPpwwIXGjr60KE5YG9wJb%2BeGx6eqHUAAooLNJDFpB%2BKWakge3570Ayxgfscco%2FUxBGhCf52Md5HZi3FevjQyT4MHSB2uWNA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=90150&sent=820&recv=167&lost=0&retrans=9&sent_bytes=923778&recv_bytes=17569&delivery_rate=10867&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=7784&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:07 GMT
content-type: image/x-icon
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f345ef78f32-FRA
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

POST
H3 200 ant_squire Show response
d-ipv6.mmapiws.com/ 89 B
299 B 160ms
120ms Fetch
text/plain 172.64.153.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d-ipv6.mmapiws.com/ant_squire

Requested by

Host: device.maxmind.com
URL: https://device.maxmind.com/js/device.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.153.78 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

788513d06db393ff5faefc237a8e41c76fa8ff4c49af829348cb13dd3e13159d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://heng99.help/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8dfa2f363c249012-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Sat, 09 Nov 2024 01:56:06 GMT
content-type: text/plain; charset=utf-8
server: cloudflare

GET
H3 200 favicon-32x32.png
heng99.help/favicon_io/ 3 KB
4 KB 532ms
531ms Other
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://heng99.help/favicon_io/favicon-32x32.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Nvenger Technology

Resource Hash

278b509e1cc4234d3dced8630a83405a8413ae4c755f65a39fc39b6984d17ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://heng99.help/

Response headers

cf-cache-status: MISS
etag: W/"cd4-1927b7b05e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXjjrRBbmeysY2B%2Bx7S7zvvTYQm5wK5pFco%2Fa9rFYfjF2JHGSMAbYmTQG4WRf%2FdL3Psqnb%2B05AHsi7qgPtZMFE0iH2OTjeI3lKCBtReElgNAwQifk92aJaQQ%2B%2BDNfg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=81302&sent=823&recv=168&lost=0&retrans=9&sent_bytes=925462&recv_bytes=18128&delivery_rate=2905&cwnd=165600&unsent_bytes=0&cid=7752889c57f83d02&ts=8318&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 09 Nov 2024 01:56:07 GMT
content-type: image/png
last-modified: Fri, 11 Oct 2024 12:08:33 GMT
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
x-dns-prefetch-control: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-download-options: noopen
cf-ray: 8dfa2f37e8a68f32-FRA
accept-ranges: bytes
content-length: 3284
x-xss-protection: 1; mode=block
x-powered-by: Nvenger Technology
server: cloudflare

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 10:27:57	Name: __lc_cid Value: 937ee713-9dea-4d7e-bb38-3961264d7cbd
.accounts.livechatinc.com/v2/customer/token	1970-01-21 10:27:57	Name: __lc_cst Value: 7d30f9547afc78eddbcbe30f3052a7f8c26b243e2a85b13c329dcf5a11ae7275f68adb87f2350bfb358bba56e46f8c64b239c3ec2c4191b3740df5bf1244
.accounts.livechatinc.com/customer/token	1970-01-21 10:27:57	Name: __lc_cid Value: 937ee713-9dea-4d7e-bb38-3961264d7cbd
.accounts.livechatinc.com/customer/token	1970-01-21 10:27:57	Name: __lc_cst Value: 7d30f9547afc78eddbcbe30f3052a7f8c26b243e2a85b13c329dcf5a11ae7275f68adb87f2350bfb358bba56e46f8c64b239c3ec2c4191b3740df5bf1244
heng99.help/	1970-01-21 01:35:09	Name: locale Value: th
.tiktok.com/	1970-01-21 10:13:33	Name: _ttp Value: 2oap5viq1xFy4RYzCd8Fzr9mSA3
.heng99.help/	1970-01-21 10:13:33	Name: _tt_enable_cookie Value: 1
.heng99.help/	1970-01-21 10:13:33	Name: _ttp Value: v88sVjEMoP4h2iIW9nVdj-bcgbB
heng99.help/	1970-01-21 01:02:02	Name: guest Value: guest-d42j1hi9
.heng99.help/	1970-01-21 10:27:57	Name: _ga_0285Z1S0Z5 Value: GS1.1.1731117365.1.0.1731117365.0.0.0
.heng99.help/	1970-01-21 10:27:57	Name: _ga Value: GA1.1.1905367450.1731117365
.maxmind.com/	1969-12-31 23:59:59	Name: _cfuvid Value: V9wBsSOrnFIWzlFvq4FmvC_T6po_LR.Sf95iymT9Di8-1731117366502-0.0.1.1-604800000
accounts.livechatinc.com/	1970-01-21 00:51:57	Name: __oauth_redirect_detector Value: counter=1&t=1731117396&tag=467ff014b7093fce1385454f68eec01aec3b7eb4
.heng99.help/	1970-01-21 10:27:57	Name: __mmapiwsid Value: 01930ea2-be1c-73bd-b6de-f5b838f3f91a:570e714978274afea7b668130d5f13885575b686

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://heng99.help/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0205603B4010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://heng99.help/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0405403B4010000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.livechatinc.com
cdn.jsdelivr.net
cdn.livechatinc.com
d-ipv6.mmapiws.com
device.maxmind.com
fonts.googleapis.com
heng99.com
heng99.help
region1.google-analytics.com
secure.livechatinc.com
use.fontawesome.com
www.googletagmanager.com
104.18.186.31
162.159.134.22
172.64.153.78
188.114.96.3
188.114.97.3
2.16.1.243
2.18.64.15
2001:4860:4802:34::36
2606:4700:3036::6815:1b98
2606:4700::6812:bb1f
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
95.101.111.146
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
0fa17a5634067e4b2c22574ea14e79f3630d07187cc9297c514648f6dd2349c0
122806fd5857e8e2aa1c7a23ac5c15b97ae07551be2360eaffd1db64aafa3bb1
1ae613b4339261c1be58dde9f3e4cb759b218848041085b48b372c083d036cfd
278b509e1cc4234d3dced8630a83405a8413ae4c755f65a39fc39b6984d17ce9
2b067a15dbdf1d9f1732e457fe279676793710eb718e83a7cf25d76580265bca
2b261b3f86b912216fb6f1edcfab74ff6b610d8e0346fe28f18208b4f09abf87
3176ceaa6e13a93db154bc2e90e3dd69ac31fbca7551a1383075d7c74679e76d
40780f31a9399252b5f948ced83fc2a4e79cde535e3ebb8e001b911a71729bdd
4b7f82e7824e215b5c19d02473f6d27fe1fd751c8be761030a5bdb32349c2fd2
59ffeff99889d34b49d1b64f413ec1b598eeb4214999771c5f1e67a379469a91
5a1dd196aa2bccf24bcab41592fac17cd78f5779929d072e71cf780b7397bfbe
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
6bf8fea137c6d99d8c450d5c50f4fef9a970674e9f309e65135c7bc670fd0936
6c3cf89871e7f6ee21071b29429e6ca6ab5cdeac689d22f1f7b5432c715c92e3
71b163c51fe7679132c8fdf52e07221007a801a06be28bff7fc730769d84b7fd
788513d06db393ff5faefc237a8e41c76fa8ff4c49af829348cb13dd3e13159d
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
806592b57258d27a9244d5aad4a8e5d51fb694557e980569591081a4a46eb726
8089ccbe83467d90a6b1abd1967b74559f77e799f89d0a5c29fbe64f2318a8a0
84c148f341233a5a9c69cd2084ecf8f69043d29e37adfc309e2c1f8430aeeb80
89bfc279f0ae1fe188f9708d9d63a4f0b28e1f7f9decda468341da170ad3c873
8b9066884340a26f98cb86b8de34e05fc6d05266281dbbce63c9dd18405b6490
8d310229d4efb194bcd82afd8e9c92cb9adcc6362b1d6dacec63cd9a454dad92
90a06dc68b318d3e604984e5f8921f3e4104c11c8bd30ab42e176f2b7ae8c8f2
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
a12370ba895c5691c499a42911289487ce20e40f9905a52bc6c7ef9bb3025f3a
a44734b5925b75c6778744dfbda45bcab0e81c0837dc2adf8ebb677d55d0e976
a4b8fa1c259f10179d2885ffca0142f6a1cac40efcbeccfe5b33495b282a1821
a64505ef5482ef96e27511e706242203f5a88d27cadb7c67dae228b9d434cc01
ad2f58ea84c939308326613c2ce2758589ae503a8daee3297c2fa1ce4f26e14f
ad6567064eb37b3eb9bc468e866f57dce335ff7bb3f52132ddc90bf189c59a68
babb905dcd91d53330df196536dfb9583f506ec0a8b2969c678e085745f45030
bd60cf2dd6b116c28fa253c057464b1b38aa9c76ddee716c91b889726eb21190
c205a46f4b038702a484163ce40f53b623645124d86ff02e80316eba2d909d68
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
d9c5fce4491aad94618e510f3920b2682a772e303154bfd0abbab1c695d9a750
db2e27638bef83c2ec60bab1b38b878d44329da23e87fee6fcedd302e518656d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec0b4fe5e9612a67c45f0108f37da935dec4238b76cac148ddd6fe07579cd61b
ef5d88b5d47863d2a95cac27355e31d6cd774d475ff52941cf2d220cc03c6893

heng99.help Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

38 %IPv6

11 Domains

13 Subdomains

13 IPs

4 Countries

1757 kBTransfer

5718 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

heng99.help Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

1757 kB
Transfer

5718 kB
Size

14
Cookies

47 HTTP transactions
0 data transactions