urlscan.io logo urlscan.io
SecurityTrails logo

heltgo.com Open in urlscan Pro
104.21.27.232  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fidelity-investment.heltgo.com/
Effective URL: https://heltgo.com/
Submission: On November 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 104.21.27.232, located in and belongs to CLOUDFLARENET, US. The main domain is heltgo.com.
TLS certificate: Issued by WE1 on October 5th 2024. Valid for: 3 months.
This is the only time heltgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 16 104.21.27.232 13335 (CLOUDFLAR...)
2 172.253.115.95 15169 (GOOGLE)
4 142.251.167.94 15169 (GOOGLE)
21 4
Apex Domain
Subdomains		 Transfer
16 heltgo.com
fidelity-investment.heltgo.com
heltgo.com
479 KB
4 gstatic.com
fonts.gstatic.com
53 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
21 3
Domain Requested by
15 heltgo.com 1 redirects heltgo.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com heltgo.com
1 fidelity-investment.heltgo.com 1 redirects
21 4

This site contains links to these domains. Also see Links.

Domain
www.slot168.com
mixclub999.com
www.apac-eureka.org
www.outlookindia.com
mixgame999.com
Subject Issuer Validity Valid
heltgo.com
WE1		 2024-10-05 -
2025-01-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://heltgo.com/
Frame ID: 3980D205F642F9444F2B9B9377A47456
Requests: 18 HTTP requests in this frame

Frame: https://heltgo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 9220BA427AAD36F3C34C3652ADD43549
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ยืนยันเบอร์ รับเครดิตฟรี โปรโมชั่นสุดพิเศษ ไม่ต้องฝากก่อน

Page URL History Show full URLs

  1. https://fidelity-investment.heltgo.com/ HTTP 301
    https://heltgo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

532 kB
Transfer

719 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fidelity-investment.heltgo.com/ HTTP 301
    https://heltgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://heltgo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://heltgo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heltgo.com/
Redirect Chain
  • https://fidelity-investment.heltgo.com/
  • https://heltgo.com/
108 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76da51a554586607d28c148123db62d9294b55d022be5ae4ab84a9f3d0199c49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5a5bc03a0a5382-DEN
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 18:03:45 GMT
link
<https://heltgo.com/wp-json/>; rel="https://api.w.org/", <https://heltgo.com/wp-json/wp/v2/pages/273>; rel="alternate"; title="JSON"; type="application/json", <https://heltgo.com/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JMMoKXMK5UdpVeNDQn0NZ3qcoNV6L%2BUCYU3U%2BW8uE%2Fd%2FzRGV6g5bNZCO8ghCRcN82OCsfsHFJ0XMj3iE03ZE1WJ3iIAoihDyoTdiG18WW1%2FzC%2Fpikhs3%2FnMqA6xp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=76508&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5142&recv_bytes=4930&delivery_rate=387&cwnd=12000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2093&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e5a5bbeaf7b5382-DEN
content-type
text/html; charset=iso-8859-1
date
Wed, 20 Nov 2024 18:03:43 GMT
location
https://heltgo.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gz%2FzSlTI7lHtv7epWuHVTcYrSStQ7nCi8c68CyRmdA3BOHBiMkqmLFdTM53EKB%2B%2BXKWywQ9IXVd47c2QK%2BQqKCMneM8dHxZeIi3c%2By5UsmeDXxq69gCvWFtefE5zPrpjcJr8eaJoWtBBzYxUof%2B4Mjg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=72608&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4159&recv_bytes=4450&delivery_rate=8047&cwnd=12000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=195&x=1" cfExtPri cfHdrFlush;dur=0
style.min.css
heltgo.com/wp-includes/blocks/navigation/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-includes/blocks/navigation/style.min.css?ver=6.7
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"4000-61df515c925db-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ro25oAt%2FIsylw4hCaecpIhsNrdKeTaPxKYOmiJDLGF%2BAF2qv4%2BXDhDoGEISEmZEWQTWpheQ1Z%2FbeNH4TnQF69%2FC8G2MmseHHrSMoTBX%2FnBpTOvFzj4mlfPSdBO2Y"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=39&recv=29&lost=0&retrans=0&sent_bytes=30281&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2362&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css
last-modified
Wed, 24 Jul 2024 02:32:09 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2edf5382-DEN
accept-ranges
bytes
content-length
2285
server
cloudflare
style.min.css
heltgo.com/wp-includes/blocks/cover/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-includes/blocks/cover/style.min.css?ver=6.7
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae2fda6956af570d41234ace1c27901233700f61db942a0b94e30916aa3fa878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"46b3-626c2248180ab-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkkMcfYKlkpukFUwA5xdSSHzbtfNA%2B9aVnx33dhIUHVONQRBKADAqDxTPOaVFfcNpGE8Ab3DfGaYoddzMwWgCWIiuyf0M15D2TS7LnVncuarqb%2BUlT2JnCDTeDIl"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=45&recv=29&lost=0&retrans=0&sent_bytes=36735&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2369&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 02:32:18 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2ee25382-DEN
accept-ranges
bytes
content-length
1654
server
cloudflare
blocks.css
heltgo.com/wp-content/themes/mix_v1/assets/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/themes/mix_v1/assets/css/blocks.css?ver=6.7
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4928e6a3d60efcf0672b7754bd9a2b974c7be9c9ac5b0fbe43033c74de6f6097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2f75-62005175bf10c-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2By2RLT6M%2FOa7liS6tLMtPpq4mZ8InYQhptwgD6molmf4I%2FVOZ%2F%2FeT077kbqF8La3soboQb%2FP5BYJmOzU%2FtrpJWpd5OFHp6A4eAcT9s4jex7%2FEbw%2Blp9W0y7Khgc"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=42&recv=29&lost=0&retrans=0&sent_bytes=33303&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2362&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 08:28:19 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2ee55382-DEN
accept-ranges
bytes
content-length
2693
server
cloudflare
style.css
heltgo.com/wp-content/themes/mix_v1/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/themes/mix_v1/style.css?ver=1.0.2
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1e07b2f2917dd6e68a22f20197c1e0920c9165f265044ec2afa35c353c2e06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"6044-62005175d1dd5-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YBAaLaL7U7hZ4QWToxt6bbdQRLZBcJZg0Ml9OCBuSTKKzjiFLCK0yBOqB1I9Xg%2F0%2FEpiHrQKp6JY3w3El7UK%2BIOfCIK8P0Al2LSLW27O28H1q%2FKyX3pPlZ9lpW4"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=47&recv=29&lost=0&retrans=0&sent_bytes=39097&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2386&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 08:28:19 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2ee65382-DEN
accept-ranges
bytes
content-length
4254
server
cloudflare
aos.css
heltgo.com/wp-content/themes/mix_v1/assets/css/ 		31 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/themes/mix_v1/assets/css/aos.css?ver=6.7
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c0124b4ee738548b32108e9e59c29f8e6635a415ef3330a9df0f8a5d87985c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"7c40-62005175bf10c-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQBXL5jxJMMPfptmB8MB3MHOBJtnZKcqUlGzDnbY5Y8Fnz4ruOwFZaTMs85XZhMRwlT3kZDYTaKnZdPhaHbA5C3JpNKFPgL282CrzQTG720S8Vbn%2FTenDVwxOdHE"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=36&recv=29&lost=0&retrans=0&sent_bytes=27043&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2358&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css
last-modified
Mon, 19 Aug 2024 08:28:19 GMT
vary
Accept-Encoding,User-Agent
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2ee75382-DEN
accept-ranges
bytes
content-length
2506
server
cloudflare
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?display=swap&family=Sarabun&family=Prompt
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
f4180f474cbea61481e478bf0b431c592390b7bb2c7eaed088673265a9e3ccdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 18:03:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 18:03:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
heltgo-19-8-2567-2.png
heltgo.com/wp-content/uploads/2024/08/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/08/heltgo-19-8-2567-2.png
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fb9fc72f0974ca336ef1b417455714fa2bceffcc61245e2296c8ca236235db8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"8046-62029f7fe38f6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3lWEvx0QA5vf%2F49%2FAQqoeWbcv8vxPfKmcwlySdJzHKpYX3xQmNcvqojDH08yQEhkzCp13Uqd9pGs%2BZWHTWcuWHLkxL8j7j4QIk6oCDCDJGLQwSfjq8WixXmtHHr"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=58&recv=29&lost=0&retrans=0&sent_bytes=51043&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2402&x=1", cfExtPri, cfHdrFlush;dur=29
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
image/png
last-modified
Wed, 21 Aug 2024 04:28:06 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2eea5382-DEN
accept-ranges
bytes
content-length
32838
server
cloudflare
1595_a27a0-2048x1024.webp
heltgo.com/wp-content/uploads/2024/08/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/08/1595_a27a0-2048x1024.webp
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
179bc43bc26e5f96bf5b7c0a9530a72ae8112f301b4a3105abf79cbb2ee625ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"2cdaa-62019cbfb3401-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhcJtWf5il6aolrqiTC%2B92m4MD00v5efZLCOjI053KcWmOtuL82DXLeK67id6Svr8d5dmE%2Fh0b1XrV0gzjWote0FxlmhlZMKx493yZ6fv0REh9AwDuqPq3SDqA4E"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2eed5382-DEN
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=52&recv=29&lost=0&retrans=0&sent_bytes=44135&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2399&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
image/webp
last-modified
Tue, 20 Aug 2024 09:10:28 GMT
vary
Accept-Encoding,User-Agent
priority
u=2,i
%E0%B8%A2%E0%B8%B7%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%9A%E0%B8%AD%E0%B8%A3%E0%B9%8C-%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%...
heltgo.com/wp-content/uploads/2024/09/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/09/%E0%B8%A2%E0%B8%B7%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%99%E0%B9%80%E0%B8%9A%E0%B8%AD%E0%B8%A3%E0%B9%8C-%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%9F%E0%B8%A3%E0%B8%B5-%E0%B9%84%E0%B8%94%E0%B9%89%E0%B8%88%E0%B8%A3%E0%B8%B4%E0%B8%87-%E0%B9%80%E0%B8%82%E0%B9%89%E0%B8%B2%E0%B8%A1%E0%B8%B2%E0%B8%A3%E0%B8%B1%E0%B8%9A%E0%B8%AA%E0%B8%B4%E0%B8%97%E0%B8%98%E0%B8%B4%E0%B8%9E%E0%B8%B4%E0%B9%80%E0%B8%A8%E0%B8%A9%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B9%80%E0%B8%A3%E0%B8%B2%E0%B9%80%E0%B8%97%E0%B9%88%E0%B8%B2%E0%B8%99%E0%B8%B1%E0%B9%89%E0%B8%99.jpg
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827226fcfb26ce5af4452dbfa393c570e517918a7e3362b26adfc08ecf055341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"14782-6220cea4d6bcb"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMFHFYJ5rCtTggv7tP8W%2FLKQzD%2BQpfpnE8DfxtGWt2KfGT2aOMrD3V02E0sWLZUUWCD66VBYUV33xs%2BzCW8xOHOlYoPTpXi%2BMlZrWC5tp56nho8rlDYUC6FbM%2BxF"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73450&sent=58&recv=29&lost=0&retrans=0&sent_bytes=51043&recv_bytes=8491&delivery_rate=136805&cwnd=24000&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2407&x=1", cfExtPri, cfHdrFlush;dur=27
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
image/jpeg
last-modified
Sat, 14 Sep 2024 04:38:46 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bcc2eef5382-DEN
accept-ranges
bytes
content-length
83842
server
cloudflare
2a45095f-9832-4df8-ae60-d547e63ffc74
https://heltgo.com/ Frame 		0
0
css2
fonts.googleapis.com/ 		3 KB
624 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:wght@400;700&display=swap
Requested by
Host: heltgo.com
URL: https://heltgo.com/wp-content/themes/mix_v1/assets/css/blocks.css?ver=6.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
5d759071d2334f233963dff714f6cb5c5b10e906804b19982b67e975b4101873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 18:03:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 18:03:46 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
nKKZ-Go6G5tXcraBGwCYdA.woff2
fonts.gstatic.com/s/kanit/v15/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraBGwCYdA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
449467
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 13:12:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 13:12:39 GMT
last-modified
Thu, 20 Jul 2023 20:52:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
13260
x-xss-protection
0
server
sffe
DtVjJx26TKEr37c9aAFJn2QN.woff2
fonts.gstatic.com/s/sarabun/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aAFJn2QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Sarabun&family=Prompt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
449349
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 13:14:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 13:14:37 GMT
last-modified
Thu, 24 Aug 2023 20:59:16 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9676
x-xss-protection
0
server
sffe
nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kanit:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
396587
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 03:53:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 03:53:59 GMT
last-modified
Thu, 20 Jul 2023 20:53:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19388
x-xss-protection
0
server
sffe
DtVjJx26TKEr37c9aBVJnw.woff2
fonts.gstatic.com/s/sarabun/v15/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aBVJnw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Sarabun&family=Prompt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.94 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f94.1e100.net
Software
sffe /
Resource Hash
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://heltgo.com
Referer
https://fonts.googleapis.com/

Response headers

age
398347
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 03:24:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 03:24:39 GMT
last-modified
Thu, 24 Aug 2023 21:03:27 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
11452
x-xss-protection
0
server
sffe
%E0%B9%82%E0%B8%9B%E0%B8%A3-%E0%B8%9D%E0%B8%B2%E0%B8%8110%E0%B8%A3%E0%B8%B1%E0%B8%9A100-%E0%B8%96%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AD%E0%B8%B1%E0%B9%89%E0%B8%99-%E0%B8%A5%E0%B9%88...
heltgo.com/wp-content/uploads/2024/08/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heltgo.com/wp-content/uploads/2024/08/%E0%B9%82%E0%B8%9B%E0%B8%A3-%E0%B8%9D%E0%B8%B2%E0%B8%8110%E0%B8%A3%E0%B8%B1%E0%B8%9A100-%E0%B8%96%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AD%E0%B8%B1%E0%B9%89%E0%B8%99-%E0%B8%A5%E0%B9%88%E0%B8%B2%E0%B8%AA%E0%B8%B8%E0%B8%94-%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%9E%E0%B8%99%E0%B8%B1%E0%B8%99%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%E0%B8%84%E0%B8%99%E0%B9%80%E0%B8%A5%E0%B9%88%E0%B8%99%E0%B9%80%E0%B8%A2%E0%B8%AD%E0%B8%B0%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%AA%E0%B8%B8%E0%B8%94.jpg
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21f7dbfb5d77cdcbaae53a8c4da64cc9e77254adae703b2e273f5bd64b0e0eed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"20f79-62029f8e61d57"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XkF1c3HnCxwfmAe9kOo9igMu8MaQz1nX3006kfRgMS9%2BOe%2FC1WklB3TQezf22JF9S26m1xgFGDVEhQA8%2B%2BD90xPBoLPHifUHyQnctsFOn%2B88uqvoYAmuPcWSqPmf"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73453&sent=331&recv=90&lost=0&retrans=0&sent_bytes=364795&recv_bytes=12585&delivery_rate=2358727&cwnd=177600&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2782&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
image/jpeg
last-modified
Wed, 21 Aug 2024 04:28:21 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bce5a775382-DEN
accept-ranges
bytes
content-length
135033
server
cloudflare
wp-emoji-release.min.js
heltgo.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.7
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"4926-6152807fa8e40-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHvq%2Fw1P8O6maY9rhQSEQXawCbRZa8KEtcIu4N5eexN%2BaNPzW%2Bl30YlkT3ydvKAXMRqEXxzfq2kzMfC1nz%2FlApm2NiHmp24StBMTfsIniKKzry8KtnBk%2F%2FmciMTq"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73453&sent=326&recv=90&lost=0&retrans=0&sent_bytes=358944&recv_bytes=12585&delivery_rate=2358727&cwnd=177600&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2712&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
application/javascript
last-modified
Wed, 03 Apr 2024 02:32:17 GMT
vary
Accept-Encoding,User-Agent
priority
u=3,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bce5a7f5382-DEN
accept-ranges
bytes
content-length
5062
server
cloudflare
main.js
heltgo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 9220
Redirect Chain
  • https://heltgo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://heltgo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
Requested by
Host: heltgo.com
URL: https://heltgo.com/
Protocol
H3
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff28be0d373b90f042e7ab8ea9eb5752eae3c5c94bb2fa453aad0665de12dcc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tmk76EHe59bIcgn6ntCtJWknI8isWYcJrBLfMGp8qnFR6A6suOff0PNYwm2VpP%2FxPhPxMcHfX%2Bb8ipp04y9wK7tE7tQ6uB23MgVuMsdCCx7vgXfD29RreFAe%2Fps6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e5a5bceeb435382-DEN
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73453&sent=322&recv=90&lost=0&retrans=0&sent_bytes=354296&recv_bytes=12585&delivery_rate=2358727&cwnd=177600&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2700&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azXlog7ifL2hC9CroTjbN7%2BhTUicxwtJZ2qZ9geWY%2FdcxpzcVfkXbRVJSWCFytbby0g2u2G6f081fLETQ8P9U8S2%2FG57JGK8e6CAC8DFJzRsEV9U%2Beuahj32e%2Bf0"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5a5bce5a805382-DEN
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=75301&sent=300&recv=74&lost=0&retrans=0&sent_bytes=329777&recv_bytes=11623&delivery_rate=1056803&cwnd=177600&unsent_bytes=0&cid=6a9191b99e6311bc&ts=2615&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8e5a5bc03a0a5382
heltgo.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9220 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/cdn-cgi/challenge-platform/h/g/jsd/r/8e5a5bc03a0a5382
Requested by
Host: heltgo.com
URL: https://heltgo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J23fIWELKQtjKZA%2FrAakJV3t3L9jbjzxx%2FlTxdb2rtFyJ%2BqNKxWyDb7o8X2HbOUFSbYJO7Zcy1XMhEFkJRFHWC%2FhAuooYNBjOFZUAoxEqyETvpSGus%2FD0RcWNs25"}],"group":"cf-nel","max_age":604800}
cf-ray
8e5a5bd0ae1a5382-DEN
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73550&sent=453&recv=118&lost=0&retrans=0&sent_bytes=503634&recv_bytes=30293&delivery_rate=1400254&cwnd=177600&unsent_bytes=0&cid=6a9191b99e6311bc&ts=3000&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
cropped-heltgo-19-8-2567-2-32x32.png
heltgo.com/wp-content/uploads/2024/08/ 		625 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://heltgo.com/wp-content/uploads/2024/08/cropped-heltgo-19-8-2567-2-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89350b63d9f3f4fcbfbea7c43c07c8631bd743c840d9735fb97320e277db1b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://heltgo.com/

Response headers

cf-cache-status
MISS
etag
"271-62029f6d84978"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KknAogAp%2FKRJk6uS4p8GnXBEY7TzNQZJAVaMpdHhOUq8eYTpqc3fW6FSZp6xuUhlEGWnQr6oq%2FahW4tbMdHHNKj4t1VNVebBA89Jseu5WjBXDZbddVxwDQuUqilT"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=73351&sent=455&recv=120&lost=0&retrans=0&sent_bytes=504818&recv_bytes=31078&delivery_rate=9645&cwnd=177600&unsent_bytes=0&cid=6a9191b99e6311bc&ts=3211&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 18:03:46 GMT
content-type
image/png
last-modified
Wed, 21 Aug 2024 04:27:47 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e5a5bd17f935382-DEN
accept-ranges
bytes
content-length
625
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
heltgo.com
URL
blob:https://heltgo.com/2a45095f-9832-4df8-ae60-d547e63ffc74

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| twemoji object| wp

1 Cookies

Domain/Path Name / Value
.heltgo.com/ Name: cf_clearance
Value: yGE79lkAiKpEvoiX.txbSoKfKL8OpL.Gy8BfbLDAjJM-1732125826-1.2.1.1-FEXf5AP3d.9Omj4hYF8PQRywzLeNw2gvk2dwuGQYHKWNFFiOwwQy1XdxmVuK_sI47GP4RHKQaVd_scyxrHKrphsiODaDgEAqrh07pHOe__Lr3f0M95OxbdsiyRj0nlYchGxYslxlbAgCZh71v1fhzZLmHU0smoqLRw1KRdDZn_TwzGc5sIvLmQAT.dTY0ak64e1.WT.J56spy0Fwru0o1tFVtPP3XFUeUh2GeH4eghFS4DFX1m9LJzqrKa8lnofg.UiVXtzAaXmBrdWTcd1zScfSejY.wZvHV30UstoryhyfFj.W8VGmdIqc.TWgS_pJTLdEcQySqK5QX6n.8lOu2S0SX07fd.mNu9kcdb2d3Q4IQvjspF4xPN1NOr82FQNI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fidelity-investment.heltgo.com
fonts.googleapis.com
fonts.gstatic.com
heltgo.com
heltgo.com
104.21.27.232
142.251.167.94
172.253.115.95
01c0124b4ee738548b32108e9e59c29f8e6635a415ef3330a9df0f8a5d87985c
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
179bc43bc26e5f96bf5b7c0a9530a72ae8112f301b4a3105abf79cbb2ee625ef
21f7dbfb5d77cdcbaae53a8c4da64cc9e77254adae703b2e273f5bd64b0e0eed
3fb9fc72f0974ca336ef1b417455714fa2bceffcc61245e2296c8ca236235db8
4928e6a3d60efcf0672b7754bd9a2b974c7be9c9ac5b0fbe43033c74de6f6097
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5d759071d2334f233963dff714f6cb5c5b10e906804b19982b67e975b4101873
5f1e07b2f2917dd6e68a22f20197c1e0920c9165f265044ec2afa35c353c2e06
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
76da51a554586607d28c148123db62d9294b55d022be5ae4ab84a9f3d0199c49
827226fcfb26ce5af4452dbfa393c570e517918a7e3362b26adfc08ecf055341
837b6cb608d918fcd1361fb556d54f0a80d0dd10172790698504b2054535589e
a89350b63d9f3f4fcbfbea7c43c07c8631bd743c840d9735fb97320e277db1b5
ae2fda6956af570d41234ace1c27901233700f61db942a0b94e30916aa3fa878
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
bff28be0d373b90f042e7ab8ea9eb5752eae3c5c94bb2fa453aad0665de12dcc
d03834de65cdb3ea45008ab88ba319d2fe3b47c26e145a79347043e18e36e7af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4180f474cbea61481e478bf0b431c592390b7bb2c7eaed088673265a9e3ccdd