{"report_id":"343a5d92-181c-49f6-a670-cd3ad9840be6","version":0,"status":"done","tags":[],"date":"2026-06-28T15:20:00Z","url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"title":"Helm | Built for Global Traders Who Actually Trade","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-02T15:20:00Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"helmtrading.xyz","ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2026-06-18","domain_rank":0,"first_seen":"2026-06-28T15:20:01.929038Z","last_seen":"2026-06-28T15:20:01.929038Z","alert_count":0,"request_count":6,"received_data":6938612,"sent_data":2779,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"572cb94037fffc2a0a53b465972e15f1","sha1":"0d679b041a7c1ca45cc99e2d229fc2b86762838d","sha256":"6487e4bdd0f51bbfd9105810a41755847fdae2c274e2fc325cd22356d7707e35","sha512":"f7c4db7986d362b58ff4b4646cdeb71992c0ce28949773c4471915f2cc8828329445777e228ef248f508f721a33dfea3d5694bc7ec18dc6c00134ee23155ff32","ssdeep":"","tlshash":"e3800455714110004f57115050171c444030007155407cc011c0d4710d51030110545c","size":34,"data":"","first_seen":"2023-04-11T21:16:40Z","last_seen":"2026-06-30T04:49:50.151029Z","times_seen":87048,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"c6de8f5bc607a4646f4de28a1a09d560","sha1":"49df362f2da988e6d6feb6b6dc04fe8ea7f96c21","sha256":"4a0cb9a4025793d2243481607cb79b38948a412f14408a1dff8ecc0392063504","sha512":"d39a801edd8608dce9de852d324db7fc64f98a5ecfbd7c90879461f3050ad8a73693d8cfcd98bbca79a83e2f28ff2a673a2075f233dbd13b86914f98218628ed","ssdeep":"","tlshash":"5fc08044d4a98ef4095c50e61075e2c83454397e56d274dbcdfc9c4795dcfc1458461d","size":180,"data":"","first_seen":"2026-06-28T15:20:06.59757Z","last_seen":"2026-06-28T15:20:06.59757Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"876569d4e649eb2f74f701b3087e5581","sha1":"2569d9470b3ba6117c094d1598825ccdbf49aea5","sha256":"824e65767aacb31ba856c8d87a54b8ab8bc016d4e10da16bc75d6a9f1d462742","sha512":"4eaa051811efaffbedbd15758591a65cbacc24324e20af45645c8bc8743bd67d1f01dc6572127b3b6966461ed61b740e6fe56418071d16bf02a1029d7fa0f661","ssdeep":"","tlshash":"64f0c82df2245b337cbdc47f647366df3eb3612dd2052460245bad0935b4d41aae4e05","size":638,"data":"","first_seen":"2024-08-25T23:33:17Z","last_seen":"2026-06-28T17:01:01.854155Z","times_seen":708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"18cac7103d77db8a2f9fe3c16fedec2e","sha1":"eea484ad237c2466d38003e2275f5e1fbd2c47b9","sha256":"25bd8ca5d868621a21ce82e9697d5ad3db552df81c32ef28366f19c3e7ad400c","sha512":"33f49bdb7bd1c4e280f635b7279c91d1a8bc496984e5e3f4c20f42559ea0fb5e1049a043a727287496e99dacaa828576d0a0dfb45c9cac7ce0def5da9fe22c09","ssdeep":"","tlshash":"4841279953fd2632427b176f539273fd27214052354b89fe2bd88b801ad0f902c6b9a7","size":1909,"data":"","first_seen":"2026-06-28T15:20:06.600404Z","last_seen":"2026-06-28T15:20:06.600404Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"helmtrading.xyz/angular-router.js","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://helmtrading.xyz/","date":"2026-06-28T15:19:19.142Z","timestamp":1782659959142,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"helmtrading.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Jun 2026 16:28:41 GMT","end":"Wed, 16 Sep 2026 17:27:28 GMT"},"fingerprint":{"sha1":"85:8F:5C:17:41:EE:F6:80:F1:61:66:D8:19:71:20:4B:DE:A4:94:31","sha256":"DB:EA:39:12:7F:48:4D:BB:D9:FA:35:D4:37:80:7E:3E:A8:BD:2A:DA:06:59:22:C5:CF:58:66:00:92:85:F8:4C"}}},"request":{"raw":"GET /angular-router.js HTTP/1.1\r\nHost: helmtrading.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://helmtrading.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 15:19:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Thu, 18 Jun 2026 19:59:12 GMT\r\netag: W/\"6a344e10-1d987\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3944\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EX8HVhmsVRnfVPGyTYZrj67%2Fig%2FkVJrQ1p5JoMcyAEALh8swohEdR3zS%2FMSQihWZQHlv5Qe0td%2Fai6P3QFjwOXUxe6j8byPi%2F%2Bygp1oTdsR5AsX2FwjuxCMHOXaV6h79aOk%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\ncf-ray: a12dab48af245697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":121223,"size_decoded":36162,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d0ba4a054cfd30bbe26a2e6ba2592a69","sha1":"56c2bcbbba536ec47004486566f7a4c8b9717e84","sha256":"fa1a38146e25fd9974161ca12bd044cac45f4376d7c323056a1b8b197e2ab1ff","sha512":"f806e975834ea76e1414640110f37440dfdf49b540002fd969573a98e47330a8884e0b38529ae39bc9b6f3f7f1c4a861b78e4ef43682743a4491be5d2f5297c3","ssdeep":"768:rCGjocg/Un20XLMwXijOzIrrR4l2Tec1C5bWiz0Qy7npcBNdfW9Wri5c6Qclm8Ox:OU2075ILrulhcsC/YI1Yq1Ajp0q","tlshash":"c3c386c5992bd4d18e5121ded833ec1ae42409a3cdadf6a7aa3cedc1741df22858713b","first_seen":"2026-06-28T15:20:06.580835Z","last_seen":"2026-06-28T15:20:06.580835Z","times_seen":1,"resource_available":false,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/ultrajs-5.3.8.min.js","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://helmtrading.xyz/","date":"2026-06-28T15:19:19.143Z","timestamp":1782659959143,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"helmtrading.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Jun 2026 16:28:41 GMT","end":"Wed, 16 Sep 2026 17:27:28 GMT"},"fingerprint":{"sha1":"85:8F:5C:17:41:EE:F6:80:F1:61:66:D8:19:71:20:4B:DE:A4:94:31","sha256":"DB:EA:39:12:7F:48:4D:BB:D9:FA:35:D4:37:80:7E:3E:A8:BD:2A:DA:06:59:22:C5:CF:58:66:00:92:85:F8:4C"}}},"request":{"raw":"GET /ultrajs-5.3.8.min.js HTTP/1.1\r\nHost: helmtrading.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://helmtrading.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 15:19:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Thu, 18 Jun 2026 19:59:12 GMT\r\netag: W/\"6a344e10-1e0dd\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3944\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hxo2v%2F7Y4nPSIvEr8zxlGWglIJnTtJmiTkQMi84grakNaLkfr0Ig%2BrdGf7zLvGUuoc2s3DsoXa843B%2F0Tp7lEdVfD%2BJie5e9xnGukD3esa%2FnFNPA9w37QMsBh0RdBOwJwHE%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\ncf-ray: a12dab48af255697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":123101,"size_decoded":37747,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"afb6c898cfd4d205b52c2665d657d22d","sha1":"0ad455c791af0979ac39b5fac696fc72247d7471","sha256":"f4cb549869ad1779eea40ba9f14c478dd7d45ad293cfc5955473b19af142ce0c","sha512":"3e2ba2df57057d93d0e855708cb809d97366a4054207d1e7a7ca946cc4a843d20bc15e42167b0c5ad3ef5798a8abe07bee6782ee3bd7345e0d00db37c0669f73","ssdeep":"1536:P7zDNl7zDNnvMfCI7zEZeMEiJe5Y5pMiVLVzOs7oQFd9L2a+XwEQFQ:TH2fCSzaePIMiVLVym5QAEQa","tlshash":"b4c361d6590ad4ea8e5111cdd477ec08e0684aa3cdacf193fa2cddc2b41ef66844727b","first_seen":"2026-06-28T15:20:06.584664Z","last_seen":"2026-06-28T15:20:06.584664Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/secureproxy?s=%2Fipfs%2FKEfmyVywAtw5VA7LjB_d3w1b3739e0fdddd0eb45afc5ed2d5bb0ea%3Ft%3D1782659959127","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://helmtrading.xyz/","date":"2026-06-28T15:19:19.148Z","timestamp":1782659959148,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /secureproxy?s=%2Fipfs%2FKEfmyVywAtw5VA7LjB_d3w1b3739e0fdddd0eb45afc5ed2d5bb0ea%3Ft%3D1782659959127 HTTP/1.1\r\nHost: helmtrading.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://helmtrading.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-30T05:32:23.484642Z","times_seen":16847014,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-28T15:19:18.753Z","timestamp":1782659958753,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"helmtrading.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Jun 2026 16:28:41 GMT","end":"Wed, 16 Sep 2026 17:27:28 GMT"},"fingerprint":{"sha1":"85:8F:5C:17:41:EE:F6:80:F1:61:66:D8:19:71:20:4B:DE:A4:94:31","sha256":"DB:EA:39:12:7F:48:4D:BB:D9:FA:35:D4:37:80:7E:3E:A8:BD:2A:DA:06:59:22:C5:CF:58:66:00:92:85:F8:4C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: helmtrading.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 15:19:18 GMT\r\ncontent-type: text/html\r\ncast-mode: default\r\nlast-modified: Thu, 18 Jun 2026 19:59:12 GMT\r\nvary: accept-encoding\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\npriority: u=0,i\r\nage: 3944\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OEYpKvSqe0I2baAGdeaNT%2BcNpsCDsXMovGqc0EvSKF6dsRbU9YkeZYZHryvE6HTbFrofUziTfUnY%2BjXtisp%2BSnbfJWPnCLRDQUUeG2IqjDRGsjn5MsLF2T1LMCXZ8VvSy7I%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\ncontent-encoding: zstd\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: a12dab471f155697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":182691,"size_decoded":29087,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (64737)","md5":"cf02b68f0d71e889f00c655d667116d6","sha1":"56468b1f3187f0c1e74005c8fda9fd4b5cde3c63","sha256":"6fa58300149e60a7b9be9d746c8abea7f497469d2ad1955296dd0fb6f3bc55a6","sha512":"ed2a11917aaaa4db8d23502292cce506e05a69a2c70fa4bf753c33157c13d1be9a88451f241baaa9f9d7d910a52ffbfd6b59405f4fd20476740e03965c03b489","ssdeep":"3072:Yaz/OK1qO0CmckjaI55m2lngYpOOl/E5hEq8Ni:wK1qOkN/8ug","tlshash":"5204f91412f0093e2c5381e9a291bf7d565dd283cd7b47a973bd12612fc3dab8e63298","first_seen":"2026-06-28T15:20:06.589001Z","last_seen":"2026-06-28T15:20:06.589001Z","times_seen":1,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":-1,"dns":121,"connect":19,"send":0,"wait":19,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/fancybox-3.5.7.min.js","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://helmtrading.xyz/","date":"2026-06-28T15:19:19.138Z","timestamp":1782659959138,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"helmtrading.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Jun 2026 16:28:41 GMT","end":"Wed, 16 Sep 2026 17:27:28 GMT"},"fingerprint":{"sha1":"85:8F:5C:17:41:EE:F6:80:F1:61:66:D8:19:71:20:4B:DE:A4:94:31","sha256":"DB:EA:39:12:7F:48:4D:BB:D9:FA:35:D4:37:80:7E:3E:A8:BD:2A:DA:06:59:22:C5:CF:58:66:00:92:85:F8:4C"}}},"request":{"raw":"GET /fancybox-3.5.7.min.js HTTP/1.1\r\nHost: helmtrading.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://helmtrading.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 15:19:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Thu, 18 Jun 2026 19:59:12 GMT\r\netag: W/\"6a344e10-33577f\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3944\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OTIDyNuywzdzcXh4iu76lp%2FHfWKA69AC%2BE2gJMdTjlub3XM%2FX1uQ00Q%2BuKVV9pX1I%2FcRi9%2B06M77FFp%2BYSKHf5TjUzOYAmB7LS1M%2FF80f4rAXOLQE6Jhk0DXYO93OPbXV0k%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=3,i=?0\r\nvary: accept-encoding\r\ncf-ray: a12dab48af225697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3364735,"size_decoded":1061296,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4fa4c430be0896f45d0eeaaf541d82f9","sha1":"21bc61bd867a6af62ed4a7b41800e27bb7fe6ec3","sha256":"4575057f1d8f5704621b13a6f6ce5291af5b41388e4b7c32560103861aa42f39","sha512":"5f53d3a74d5660b1bf37971a9583ec5648802eae6b5762d6201621017fd71b6c32a9784cc6bb53211ae9d8e0b25f000ed5a4a9a041d24e75774038891090efa2","ssdeep":"24576:1av32zvdvgzvp1fdaV3CMCeCbC6CLpNb4j9CWCgChCMCCqqbDDX36loUT9FusNFa:y8vd1c3bWar8C2","tlshash":"cc25b503a1d0386604d35fb67a2750daec2d8bef618c6ab9b54df834b8e4154e6ec770","first_seen":"2026-06-28T15:20:06.591624Z","last_seen":"2026-06-28T15:20:06.591624Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"helmtrading.xyz/modern-net-v3.1.min.js","fqdn":"helmtrading.xyz","domain":"helmtrading.xyz","tld":"xyz"},"ip":{"addr":"104.21.23.241","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://helmtrading.xyz/","date":"2026-06-28T15:19:19.140Z","timestamp":1782659959140,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"helmtrading.xyz","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 18 Jun 2026 16:28:41 GMT","end":"Wed, 16 Sep 2026 17:27:28 GMT"},"fingerprint":{"sha1":"85:8F:5C:17:41:EE:F6:80:F1:61:66:D8:19:71:20:4B:DE:A4:94:31","sha256":"DB:EA:39:12:7F:48:4D:BB:D9:FA:35:D4:37:80:7E:3E:A8:BD:2A:DA:06:59:22:C5:CF:58:66:00:92:85:F8:4C"}}},"request":{"raw":"GET /modern-net-v3.1.min.js HTTP/1.1\r\nHost: helmtrading.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://helmtrading.xyz/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 28 Jun 2026 15:19:19 GMT\r\ncontent-type: application/javascript\r\ncast-mode: default\r\nlast-modified: Thu, 18 Jun 2026 19:59:12 GMT\r\netag: W/\"6a344e10-2ff1ea\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\ncontent-security-policy: frame-ancestors http: https:\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-cast-cache: MISS\r\ncontent-encoding: gzip\r\nage: 3944\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YuMHmeh0dR4JGHDTtWBahj5RU%2FKTIBUjBFp0UqjCKuVjaKOjzB4gJUHvVh64aJO1HGAg5btPShAa7RDgOmkIuuzQUv%2FKYff7JSrDwKxPYhCL%2F0MBeDVcxIF8I2aT1CIv508%3D\"}]}\r\ncache-control: max-age=2592000\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=2,i=?0\r\nvary: accept-encoding\r\ncf-ray: a12dab48af235697-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3142122,"size_decoded":884951,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"813c157a64d4593ebbec0b3f917d2529","sha1":"1d22cfdf864d87db6aef65252a955bc066c73dd5","sha256":"cc1285781126a93d8070a009c10e617a328b186cd14b3ba5b5f52052230d718f","sha512":"00bf2134d419cd9eac7182a00c1725a863e2f2034738de2cd20c23fc6bcb38c7cee26b94f74cda71f45733e332f9436df1b6932883839f19a0b24e53e0f3399f","ssdeep":"24576:/8NTMDz9zLTHH7jf/HZ5zUyp7dEXCOfQsocw0YkkTpfp9L5zoJiERHQzX6B1BBz7:/MaPLRYMlnKYtvvtzO","tlshash":"6b259413a2d038d241d75eb1b62750daec2d4bafb48c9afa998cf834fce1054e5d8674","first_seen":"2026-06-28T15:20:06.594765Z","last_seen":"2026-06-28T15:20:06.594765Z","times_seen":1,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}