urlscan.io logo urlscan.io
SecurityTrails logo

heltgo.com Open in urlscan Pro
172.67.169.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fidelity-investment.heltgo.com/
Effective URL: https://heltgo.com/
Submission: On October 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 172.67.169.208, located in United States and belongs to CLOUDFLARENET, US. The main domain is heltgo.com.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time heltgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 172.67.169.208 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.184.227 15169 (GOOGLE)
21 4
Apex Domain
Subdomains		 Transfer
16 heltgo.com
fidelity-investment.heltgo.com
heltgo.com
479 KB
4 gstatic.com
fonts.gstatic.com
54 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
21 3
Domain Requested by
15 heltgo.com 1 redirects heltgo.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com heltgo.com
1 fidelity-investment.heltgo.com 1 redirects
21 4

This site contains links to these domains. Also see Links.

Domain
www.slot168.com
mixclub999.com
www.apac-eureka.org
Subject Issuer Validity Valid
heltgo.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://heltgo.com/
Frame ID: 30FDC348C04B52D0006C04B7A4994F24
Requests: 18 HTTP requests in this frame

Frame: https://heltgo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: A20887B6F6628799A842087919148B96
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ยืนยันเบอร์ รับเครดิตฟรี โปรโมชั่นสุดพิเศษ ไม่ต้องฝากก่อน

Page URL History Show full URLs

  1. https://fidelity-investment.heltgo.com/ HTTP 301
    https://heltgo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Page Statistics

21
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

533 kB
Transfer

718 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fidelity-investment.heltgo.com/ HTTP 301
    https://heltgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://heltgo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://heltgo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heltgo.com/
Redirect Chain
  • https://fidelity-investment.heltgo.com/
  • https://heltgo.com/
107 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
807430da7ce6e1f2192722bb43df6f0723d76962eefda980cdbd83f3939afe5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d586e1dbd9cdbfe-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 10:47:39 GMT
link
<https://heltgo.com/wp-json/>; rel="https://api.w.org/", <https://heltgo.com/wp-json/wp/v2/pages/273>; rel="alternate"; title="JSON"; type="application/json", <https://heltgo.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sVoCUYEEmhXVybzbHT6TnLiXciXChjiGJbvx%2B5AZA%2FVlOR34978PuaqLEzRvpyVDyMMhFmoveIo15oP%2BtRX0buc%2BBT1mLUld5jYMBGKqC6vWCUZQIpfXUYepmmkd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30202&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5135&recv_bytes=4934&delivery_rate=758&cwnd=12000&unsent_bytes=0&cid=4befb6866b5c6926&ts=9932&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d586e1a7d28dbfe-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 20 Oct 2024 10:47:30 GMT
location
https://heltgo.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BxJrIBS1WP3pMJ55bpXLv%2FzJiM0TnzWpWktl0eveedrBGkr0wT7xOi1kGCgfXD8rpK4JbAcZxQIW4SgZcZ5e6kpvTAzEsonH0m8xbSosFNMvVUgytn%2BV664GbCd6I1IuVyVqC7weqTgt%2FHprfNr3f1M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29140&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4497&delivery_rate=498&cwnd=12000&unsent_bytes=0&cid=4befb6866b5c6926&ts=501&x=1" cfExtPri cfHdrFlush;dur=0
style.min.css
heltgo.com/wp-includes/blocks/navigation/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-includes/blocks/navigation/style.min.css?ver=6.6.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"4000-61df515c925db-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZUFSMiN0VQpkpO2XilM%2F%2Bwv%2FNnxs78w43aB6qKgGcLLvQp2F00e2k%2BuEUo4d5l22pMdGC5AONOr%2BAacZB8oZqLFophULWeIsrtbcqe%2F4iU94lotVT411l23ttikN"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29420&sent=57&recv=35&lost=5&retrans=5&sent_bytes=50777&recv_bytes=8791&delivery_rate=11577&cwnd=12600&unsent_bytes=0&cid=4befb6866b5c6926&ts=10645&x=1", cfExtPri, cfHdrFlush;dur=2
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
text/css
last-modified
Wed, 24 Jul 2024 02:32:09 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c895dbfe-FRA
accept-ranges
bytes
content-length
2285
server
cloudflare
style.min.css
heltgo.com/wp-includes/blocks/cover/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-includes/blocks/cover/style.min.css?ver=6.6.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5647515297fbefdea571d0b1019a5c1a944114c7a780e6ce3452cb332cc0a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"461e-61d6844deff4c-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vOWMDWHEXRAvWTbxrCDQ5ZAGBcZAwZ4kjLuTK%2FcKJHtkyIGHSRZKfyolyFzxCeUxFY%2Fhn4e%2FNmAcbyl6O0MGTwjlAPPG5%2FbwqnRPkRf6nRhZ2h8j4anhYt9H5r2"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25638&sent=44&recv=32&lost=5&retrans=5&sent_bytes=35832&recv_bytes=8661&delivery_rate=474648&cwnd=12600&unsent_bytes=0&cid=4befb6866b5c6926&ts=10479&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
text/css
last-modified
Wed, 17 Jul 2024 02:32:09 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c898dbfe-FRA
accept-ranges
bytes
content-length
1630
server
cloudflare
blocks.css
heltgo.com/wp-content/themes/mix_v1/assets/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/themes/mix_v1/assets/css/blocks.css?ver=6.6.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4928e6a3d60efcf0672b7754bd9a2b974c7be9c9ac5b0fbe43033c74de6f6097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2f75-62005175bf10c-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FIQWBd8PqLFxUBQuJRUDpMHPZWsjcQd4BH%2BzxlnhFzU1b9R53jKTtN95DIKnC9Ahn7PhCzJGg9stLsf8z1KmhX342N%2FoeWbOaOd9PdLUzBgE83m1VNC993dJau07"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30226&sent=307&recv=119&lost=26&retrans=27&sent_bytes=303494&recv_bytes=12698&delivery_rate=265687&cwnd=10456&unsent_bytes=0&cid=4befb6866b5c6926&ts=11491&x=1", cfExtPri, cfHdrFlush;dur=6
date
Sun, 20 Oct 2024 10:47:41 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 08:28:19 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c89adbfe-FRA
accept-ranges
bytes
content-length
2693
server
cloudflare
style.css
heltgo.com/wp-content/themes/mix_v1/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/themes/mix_v1/style.css?ver=1.0.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1e07b2f2917dd6e68a22f20197c1e0920c9165f265044ec2afa35c353c2e06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"6044-62005175d1dd5-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQf2gMJlGNQl1hLOoQ3rFyM4D6PbfMzSZpHLcc9eONs%2Ba73xPZofo3zRqNVBXIpc2kQJOkVeF0r7u6DKhz9NdB0y4Qh4Rvz3GDlTatgAk1DdowubwYiMpJAbyGXM"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=35034&sent=112&recv=61&lost=13&retrans=13&sent_bytes=102257&recv_bytes=9984&delivery_rate=126079&cwnd=10020&unsent_bytes=0&cid=4befb6866b5c6926&ts=10781&x=1", cfExtPri, cfHdrFlush;dur=6
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 08:28:19 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c89bdbfe-FRA
accept-ranges
bytes
content-length
4254
server
cloudflare
aos.css
heltgo.com/wp-content/themes/mix_v1/assets/css/ 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/themes/mix_v1/assets/css/aos.css?ver=6.6.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c0124b4ee738548b32108e9e59c29f8e6635a415ef3330a9df0f8a5d87985c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"7c40-62005175bf10c-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXlCnMPX5KcGg%2FthNFrtQSjAIpK51M0w0gOwK4%2BE4%2B%2BVrIqvA1Dk%2BPNbebiXHDKd%2BACf3Qzb5i2XORlzNAHoFMo%2BaORMjw%2FY3Z1g6u76VMaPehPd1KX0Ovz2NcMo"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25638&sent=41&recv=32&lost=5&retrans=5&sent_bytes=32584&recv_bytes=8661&delivery_rate=474648&cwnd=12600&unsent_bytes=0&cid=4befb6866b5c6926&ts=10468&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 08:28:19 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c89ddbfe-FRA
accept-ranges
bytes
content-length
2506
server
cloudflare
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Sarabun&family=Prompt
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4180f474cbea61481e478bf0b431c592390b7bb2c7eaed088673265a9e3ccdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 10:47:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 10:47:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 20 Oct 2024 10:47:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
heltgo-19-8-2567-2.png
heltgo.com/wp-content/uploads/2024/08/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/08/heltgo-19-8-2567-2.png
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb9fc72f0974ca336ef1b417455714fa2bceffcc61245e2296c8ca236235db8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"8046-62029f7fe38f6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2FjaKA5OpmtKEy1WBGpgVUgUw5tgVafTrSUiegnFGldk8plz%2Fp8iROCFBBNWSM2vapnTCGMeUMJADF3bNkCaubNqH3YOLift2zBxCcFZNhsmPtfUiO%2FURGFGXfpf"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29420&sent=46&recv=35&lost=5&retrans=5&sent_bytes=38177&recv_bytes=8791&delivery_rate=11577&cwnd=12600&unsent_bytes=0&cid=4befb6866b5c6926&ts=10628&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
image/png
last-modified
Wed, 21 Aug 2024 04:28:06 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c89edbfe-FRA
accept-ranges
bytes
content-length
32838
server
cloudflare
1595_a27a0-2048x1024.webp
heltgo.com/wp-content/uploads/2024/08/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/08/1595_a27a0-2048x1024.webp
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179bc43bc26e5f96bf5b7c0a9530a72ae8112f301b4a3105abf79cbb2ee625ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"2cdaa-62019cbfb3401-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ptquhCQZaZ8d0L1u28xXNoyy5vgioJFVE01yzzHBxnlAG1DQmHIq2%2B8KrsfZ%2F2nF469%2BppcKCNtmGD4ViPRy6twsjXQ2Rkh0jFkkxzouysY7ao4%2F6IMERBRaQeD"}],"group":"cf-nel","max_age":604800}
cf-ray
8d586e58c89fdbfe-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27866&sent=91&recv=52&lost=13&retrans=13&sent_bytes=83516&recv_bytes=9576&delivery_rate=235848&cwnd=7014&unsent_bytes=0&cid=4befb6866b5c6926&ts=10734&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
image/webp
last-modified
Tue, 20 Aug 2024 09:10:28 GMT
vary
Accept-Encoding,User-Agent
priority
u=2,i
%E0%B8%A2%E0%B8%B7%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%9A%E0%B8%AD%E0%B8%A3%E0%B9%8C-%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%...
heltgo.com/wp-content/uploads/2024/09/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/09/%E0%B8%A2%E0%B8%B7%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%9A%E0%B8%AD%E0%B8%A3%E0%B9%8C-%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%A3%E0%B8%B5-%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%88%E0%B8%A3%E0%B8%B4%E0%B8%87-%E0%B9%80%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%A1%E0%B8%B2%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%AA%E0%B8%B4%E0%B8%97%E0%B8%98%E0%B8%B4%E0%B8%9E%E0%B8%B4%E0%B9%80%E0%B8%A8%E0%B8%A9%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B2%E0%B9%80%E0%B8%97%E0%B9%88%E0%B8%B2%E0%B8%99%E0%B8%B1%E0%B9%89%E0%B8%99.jpg
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827226fcfb26ce5af4452dbfa393c570e517918a7e3362b26adfc08ecf055341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"14782-6220cea4d6bcb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5sHLGkTgDaPzsxN1qMU0A2rXmGPJlAIiAPoMYD%2B2ohPCuJr2VhsfD3IvCJEDCNJ%2FBtEj23zmUWOFreMesD14gjsPaPmCePmQAWYM7aBO%2F4Sq3M%2F52C%2FMc2DF4YMT"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=44224&sent=148&recv=73&lost=16&retrans=16&sent_bytes=138494&recv_bytes=10565&delivery_rate=127353&cwnd=9414&unsent_bytes=0&cid=4befb6866b5c6926&ts=10913&x=1", cfExtPri, cfHdrFlush;dur=5
date
Sun, 20 Oct 2024 10:47:40 GMT
content-type
image/jpeg
last-modified
Sat, 14 Sep 2024 04:38:46 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e58c8a2dbfe-FRA
accept-ranges
bytes
content-length
83842
server
cloudflare
31e78012-b129-4133-9289-88c902d62efb
https://heltgo.com/ Frame 		0
0
css2
fonts.googleapis.com/ 		3 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:wght@400;700&display=swap
Requested by
Host: heltgo.com
URL: https://heltgo.com/wp-content/themes/mix_v1/assets/css/blocks.css?ver=6.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5d759071d2334f233963dff714f6cb5c5b10e906804b19982b67e975b4101873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 10:47:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 10:47:41 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 20 Oct 2024 10:47:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
nKKZ-Go6G5tXcraBGwCYdA.woff2
fonts.gstatic.com/s/kanit/v15/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraBGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
320368
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 17:48:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 17:48:13 GMT
last-modified
Thu, 20 Jul 2023 20:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13260
x-xss-protection
0
server
sffe
DtVjJx26TKEr37c9aAFJn2QN.woff2
fonts.gstatic.com/s/sarabun/v15/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aAFJn2QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Sarabun&family=Prompt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
370910
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:45:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:45:51 GMT
last-modified
Thu, 24 Aug 2023 20:59:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9676
x-xss-protection
0
server
sffe
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
370639
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:50:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:50:22 GMT
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19388
x-xss-protection
0
server
sffe
DtVjJx26TKEr37c9aBVJnw.woff2
fonts.gstatic.com/s/sarabun/v15/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aBVJnw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Sarabun&family=Prompt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
470477
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 00:06:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 00:06:24 GMT
last-modified
Thu, 24 Aug 2023 21:03:27 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
11452
x-xss-protection
0
server
sffe
%E0%B9%82%E0%B8%9B%E0%B8%A3-%E0%B8%9D%E0%B8%B2%E0%B8%8110%E0%B8%A3%E0%B8%B1%E0%B8%9A100-%E0%B8%96%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AD%E0%B8%B1%E0%B9%89%E0%B8%99-%E0%B8%A5%E0%B9%88...
heltgo.com/wp-content/uploads/2024/08/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/08/%E0%B9%82%E0%B8%9B%E0%B8%A3-%E0%B8%9D%E0%B8%B2%E0%B8%8110%E0%B8%A3%E0%B8%B1%E0%B8%9A100-%E0%B8%96%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AD%E0%B8%B1%E0%B9%89%E0%B8%99-%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%B8%E0%B8%94-%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%9E%E0%B8%99%E0%B8%B1%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B8%84%E0%B8%99%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%A2%E0%B8%AD%E0%B8%B0%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94.jpg
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f7dbfb5d77cdcbaae53a8c4da64cc9e77254adae703b2e273f5bd64b0e0eed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"20f79-62029f8e61d57"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0Uk73KxmPxHOxQNxiHYTIVM4xQQV0pz61DVRa%2FSHJXOQr3a%2Fzyc%2BhYfBGvHizL18VI4whfzkuDKIY5Yn40CGnL9gmQSQeHOtKC%2Fnu5tqKgU4QSfljPgmv4kHy8D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39157&sent=411&recv=168&lost=36&retrans=37&sent_bytes=400129&recv_bytes=32753&delivery_rate=25533&cwnd=6911&unsent_bytes=0&cid=4befb6866b5c6926&ts=12539&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:42 GMT
content-type
image/jpeg
last-modified
Wed, 21 Aug 2024 04:28:21 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e62f9a8dbfe-FRA
accept-ranges
bytes
content-length
135033
server
cloudflare
wp-emoji-release.min.js
heltgo.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"4926-6152807fa8e40-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ISWWq1RVm6spdpyM2Gax76w73GHxDBj7jdb2yJ0hH8ps3l6OLdwuYhU7xqOz3GD8h4q3UAfjqAsOcwAFyY4JXhBxfD6sKRcjXxyIOokTrD%2BaTo9FKeXCTuwutnAw"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34801&sent=539&recv=195&lost=44&retrans=45&sent_bytes=548020&recv_bytes=34012&delivery_rate=59317&cwnd=12997&unsent_bytes=0&cid=4befb6866b5c6926&ts=14045&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:43 GMT
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 02:32:17 GMT
vary
Accept-Encoding,User-Agent
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e6309c1dbfe-FRA
accept-ranges
bytes
content-length
5062
server
cloudflare
main.js
heltgo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame A208
Redirect Chain
  • https://heltgo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://heltgo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ed31b297f4d41c6fbe09820315a9d67188caede61073c45b2d7e2eb4bee8ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WwvSKWYkPK0uSMLMJlzdDlviTHpSVngqtDHVzh1yIaf53jUveiCRkIK%2FOI0LwHzEb8llOHDr9NAJiHpTv%2FUUMf4SPuDDi7zBfAkmIlRQmxo5wyelXAfLK4r8kbgk"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d586e650f3edbfe-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=51930&sent=393&recv=148&lost=35&retrans=37&sent_bytes=394039&recv_bytes=15454&delivery_rate=21380&cwnd=6911&unsent_bytes=0&cid=4befb6866b5c6926&ts=11983&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4wLmhAc5sUmJkamaXPbCK7bXkPhD43AaM4%2BttMYLcgAfE1PWONKezYwhvxM5QhlPGuSsZPHBdMdByviKMDqqnxq2rWSKsWaIeDumL2WCcQcU4XtrcJilKKlxIUa"}],"group":"cf-nel","max_age":604800}
cf-ray
8d586e6309c6dbfe-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=40113&sent=335&recv=127&lost=31&retrans=33&sent_bytes=332740&recv_bytes=14212&delivery_rate=132880&cwnd=8159&unsent_bytes=0&cid=4befb6866b5c6926&ts=11658&x=1", cfExtPri, cfHdrFlush;dur=22
date
Sun, 20 Oct 2024 10:47:41 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8d586e1dbd9cdbfe
heltgo.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A208 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/cdn-cgi/challenge-platform/h/b/jsd/r/8d586e1dbd9cdbfe
Requested by
Host: heltgo.com
URL: https://heltgo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pTMnGa520HE0en4N4ylWgIsw6G%2FvX%2FQKx6cReOophw2WVRY6Q3gNqVhQz4zQko5W4IXCxcPMZqmsgX7gw6OTSsnGu1IMFJ3wkSMXEe2dy50Fs0H3QzS90TuT4%2Fne"}],"group":"cf-nel","max_age":604800}
cf-ray
8d586e6629addbfe-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38910&sent=410&recv=167&lost=36&retrans=37&sent_bytes=398970&recv_bytes=32708&delivery_rate=228002&cwnd=6911&unsent_bytes=0&cid=4befb6866b5c6926&ts=12166&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sun, 20 Oct 2024 10:47:41 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
cropped-heltgo-19-8-2567-2-32x32.png
heltgo.com/wp-content/uploads/2024/08/ 		625 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/uploads/2024/08/cropped-heltgo-19-8-2567-2-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89350b63d9f3f4fcbfbea7c43c07c8631bd743c840d9735fb97320e277db1b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"271-62029f6d84978"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZBPoo40YVOS1HpdhUgSnqCqkq0zbjYeMTYCIaGRBBLb9Japu6en2TOCEu8rj6CQsEPxivkZpaZv7EcVunRha8E1leYiN3YczjOJdno%2B95wfr54V%2BzJvAhLBVcfn"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34121&sent=545&recv=197&lost=44&retrans=45&sent_bytes=553890&recv_bytes=34801&delivery_rate=171227&cwnd=12997&unsent_bytes=0&cid=4befb6866b5c6926&ts=14530&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 10:47:44 GMT
content-type
image/png
last-modified
Wed, 21 Aug 2024 04:27:47 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d586e7239bbdbfe-FRA
accept-ranges
bytes
content-length
625
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
heltgo.com
URL
blob:https://heltgo.com/31e78012-b129-4133-9289-88c902d62efb

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| twemoji object| wp

1 Cookies

Domain/Path Name / Value
.heltgo.com/ Name: cf_clearance
Value: uNzuJk2NgDQUxwN_ECW989.JxhjSQ_SA7RbYpYSZj94-1729421261-1.2.1.1-q_L5i3MD8_r1hA2qfnoJAPt4kBIcdP.AYm50M69q5OZBZQObYdnMmTM4m9xl.yfqjK4hQDR4DXOaRjrESd_Y5O9LFKtHXYw0HoTFi9pY0xAJZ2pM8uDEqR4PUd.t5_uQsBuLmByRzoDCIk_IbpWfmM3Xq6.0eV6MxOk5fJyG2Jm6uRqnL0zKvbxc3V9z1mc69Ka04INeNLr3bInwS_EZPUXh_IEg0JAGtaehIGqVzABVMJod_gK0vQU5vGC_G40Txw9Bz97PVgdN3nVsmfZu71KJR8OJTawH._wxZ2kXX9XMzGPmNC2xT7Uq3_wpMN0qH2bME1SbG2NNVUdt7Kmz2od19IN3lY05H5F1JMbn8zp2zHh8_3KtR1vPwsGd9KVG

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fidelity-investment.heltgo.com
fonts.googleapis.com
fonts.gstatic.com
heltgo.com
heltgo.com
142.250.184.227
172.67.169.208
2a00:1450:4001:827::200a
01c0124b4ee738548b32108e9e59c29f8e6635a415ef3330a9df0f8a5d87985c
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
179bc43bc26e5f96bf5b7c0a9530a72ae8112f301b4a3105abf79cbb2ee625ef
21f7dbfb5d77cdcbaae53a8c4da64cc9e77254adae703b2e273f5bd64b0e0eed
3fb9fc72f0974ca336ef1b417455714fa2bceffcc61245e2296c8ca236235db8
4928e6a3d60efcf0672b7754bd9a2b974c7be9c9ac5b0fbe43033c74de6f6097
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5d759071d2334f233963dff714f6cb5c5b10e906804b19982b67e975b4101873
5f1e07b2f2917dd6e68a22f20197c1e0920c9165f265044ec2afa35c353c2e06
6e5647515297fbefdea571d0b1019a5c1a944114c7a780e6ce3452cb332cc0a0
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
807430da7ce6e1f2192722bb43df6f0723d76962eefda980cdbd83f3939afe5c
827226fcfb26ce5af4452dbfa393c570e517918a7e3362b26adfc08ecf055341
837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e
87ed31b297f4d41c6fbe09820315a9d67188caede61073c45b2d7e2eb4bee8ca
a89350b63d9f3f4fcbfbea7c43c07c8631bd743c840d9735fb97320e277db1b5
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4180f474cbea61481e478bf0b431c592390b7bb2c7eaed088673265a9e3ccdd