# Restricted targets helodata blocks a small set of destinations at the gateway. Requests to a restricted target return `403 Forbidden` from the gateway (not the target) with header `X-Helodata-Block-Reason`. ## Permanently blocked These categories are blocked **on every account** with no exception path: * **Child sexual abuse material (CSAM)** and any domain on the IWF or NCMEC lists * **Sanctioned-jurisdiction services** as required by US, EU, and UK sanctions law * **Distribution of malware, ransomware, or exploit kits** * **Phishing kits and credential-harvesting infrastructure** * **DDoS-for-hire services** * **Government identity-fraud services** (forged passports, driver's licenses) If you operate threat-intel research that legitimately needs to fetch from blocked categories, contact — we can route specific domains through an audited research channel after a compliance review. ## Restricted by default (per-account exception possible) Blocked unless you explicitly request an exception in writing: * **Major banking and brokerage logins** (account-aggregation use cases) * **Healthcare patient portals** (HIPAA scope) * **Government tax-filing portals** * **Streaming services' premium endpoints** (when ToS forbids automated access) * **Sneaker drops and ticket-resale sites** *during* drop windows on Trial plans To request an exception: 1. Email with subject `Restricted-target exception: {your domain list}`. 2. Include your sub-user, the domains, and a brief description of the use case. 3. Expect a response within 2 business days. Exceptions are scoped to specific sub-users. ## Trial-only restrictions Trial accounts have stricter limits — these additional categories are blocked until you upgrade: * All social media DMs and posting endpoints (read-only public pages are fine) * Account-creation flows on any major site * Payment-processor (Stripe, PayPal, Adyen) test or live endpoints ## Operational blocks (temporary) The gateway also enforces short-lived blocks for operational reasons: * A target whose abuse complaints exceed our threshold gets a 24–72h cool-off * A target with active legal action against helodata gets a block until resolved * A target experiencing an outage that's causing high error rates may get a 5-minute back-off Operational blocks are listed live in **Dashboard → Status → Active blocks**. ## Detecting a block ``` HTTP/1.1 403 Forbidden X-Helodata-Block-Reason: restricted-category-banking X-Helodata-Block-Detail: account-aggregation requires per-account exception X-Helodata-Block-Contact: support@helodata.com ``` Blocked requests do **not** consume traffic credits. ## Reporting abuse If you receive an abuse complaint involving helodata IPs, forward it to with the offending IP, timestamp (UTC), and full headers. We respond to abuse reports within 1 business day. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.helodata.com/products/overview/restricted-targets.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.