urlscan.io logo urlscan.io
SecurityTrails logo

rise-painting.myhelcim.com Open in urlscan Pro
104.17.69.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://payments.risepainting.com/
Effective URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Submission: On February 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 104.17.69.61, located in and belongs to CLOUDFLARENET, US. The main domain is rise-painting.myhelcim.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2022. Valid for: a year.
This is the only time rise-painting.myhelcim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.208.197.101 15169 (GOOGLE)
14 104.17.69.61 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.64.144.122 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
2 104.17.70.61 13335 (CLOUDFLAR...)
28 5
1    35.208.197.101 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 101.197.208.35.bc.googleusercontent.com
payments.risepainting.com
14    104.17.69.61 (None, )

ASN13335 (CLOUDFLARENET, US)
rise-painting.myhelcim.com
resources.myhelcim.com
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    172.64.144.122 (United States)

ASN13335 (CLOUDFLARENET, US)
cloud-files.helcim.com
signal.helcim.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
2    104.17.70.61 (None, )

ASN13335 (CLOUDFLARENET, US)
resources.myhelcim.com
Domain Requested by
10 rise-painting.myhelcim.com rise-painting.myhelcim.com
6 resources.myhelcim.com rise-painting.myhelcim.com
resources.myhelcim.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.com rise-painting.myhelcim.com
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 signal.helcim.com rise-painting.myhelcim.com
signal.helcim.com
1 cloud-files.helcim.com rise-painting.myhelcim.com
1 payments.risepainting.com 1 redirects
28 8

This site contains links to these domains. Also see Links.

Domain
www.helcim.com
Subject Issuer Validity Valid
myhelcim.com
Cloudflare Inc ECC CA-3		 2022-08-15 -
2023-08-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
helcim.com
Cloudflare Inc ECC CA-3		 2022-05-02 -
2023-05-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Frame ID: EA9BD05A075EF48616706F5A471AE9DA
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Frame ID: 46DD8E2596DDE177D9719ED4A187C0BA
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RISE PAINTING

Page URL History Show full URLs

  1. https://payments.risepainting.com/ HTTP 301
    https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

28
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

8
Subdomains

5
IPs

3
Countries

696 kB
Transfer

1465 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://payments.risepainting.com/ HTTP 301
    https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rise-painting.myhelcim.com/hosted/
Redirect Chain
  • https://payments.risepainting.com/
  • https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.13
Resource Hash
79ebc1b0387f2c64802c17b434e4a1927d6af1417e2a422dd4950b6f23318964
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
79a5d6f90bfe37c6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Feb 2023 11:10:57 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.13

Redirect headers

content-length
279
content-type
text/html; charset=iso-8859-1
date
Thu, 16 Feb 2023 11:10:57 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
server
nginx
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:
hcm-fonts.css
resources.myhelcim.com/assets/css/helcim/ 		5 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.myhelcim.com/assets/css/helcim/hcm-fonts.css
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dae730f2cb24d16096aa9e0674ef3c0cd5af5f54ac5acc0f499c0e6a3cbcfd7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Aug 2022 17:16:01 GMT
server
cloudflare
etag
W/"144e-5e68722b7d640"
content-type
text/css
access-control-allow-origin
*
cf-ray
79a5d6fca8f737c6-FRA
hcm-css-paypages.css
resources.myhelcim.com/assets/css/helcim/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://resources.myhelcim.com/assets/css/helcim/hcm-css-paypages.css
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50b706161508be7d145f991f27586b71c5687bfb8d4be6a51e87286e1393f7cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Aug 2022 17:16:01 GMT
server
cloudflare
etag
W/"8db1-5e68722b7d640"
content-type
text/css
access-control-allow-origin
*
cf-ray
79a5d6fcb8f937c6-FRA
hcm-css-modal.css
rise-painting.myhelcim.com/themes/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rise-painting.myhelcim.com/themes/css/hcm-css-modal.css
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46eec4960913c2a9b0381f73e3005fc256a77a5f4ce695faee18577741ab7068
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
W/"1055-5f4c46c22bac7"
content-type
text/css
cf-ray
79a5d6fc689737c6-FRA
jquery-3.6.0.min.js
resources.myhelcim.com//cdn/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.myhelcim.com//cdn/jquery/jquery-3.6.0.min.js
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 30 Sep 2022 18:08:06 GMT
server
cloudflare
etag
W/"15d9c-5e9e8e028ad80"
content-type
application/javascript
access-control-allow-origin
*
cf-ray
79a5d6fcb8fa37c6-FRA
payment-page-icons.min.js
rise-painting.myhelcim.com/dist/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rise-painting.myhelcim.com/dist/payment-page-icons.min.js
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
428cd920c0a794f2e73e0a37748c7a0dad0e59ccf5abe6bd34c6c9f41e4c3cf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
W/"b2d5-5f4c46c1dbd58"
content-type
application/javascript
cf-ray
79a5d6fc689a37c6-FRA
hcm-payment-pages.js
rise-painting.myhelcim.com/hosted/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rise-painting.myhelcim.com/hosted/hcm-payment-pages.js
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2de51df9af1da9ce787006cc77f0327550acc86f6a7d7575907acbb9b101a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
W/"65c0-5f4c46c1e9c04"
content-type
application/javascript
cf-ray
79a5d6fc689b37c6-FRA
hcm-shipping.js
rise-painting.myhelcim.com/admin/admin-includes/hcm-shipping/ 		2 KB
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rise-painting.myhelcim.com/admin/admin-includes/hcm-shipping/hcm-shipping.js
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62e8348283ede68b3bc9e785dd37ca6ecc9c932dd66de388225bbd5c7ff8489b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
W/"990-5f4c46c1acb62"
content-type
application/javascript
cf-ray
79a5d6fc689f37c6-FRA
api.js
www.google.com/recaptcha/ 		884 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eb4767389f84a854bf5c46f333dc5976086b075f3ab90add10d8d128d288071b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
582
x-xss-protection
1; mode=block
expires
Thu, 16 Feb 2023 11:10:58 GMT
cd7951b57a4542be99b25bf1e5c9f29c.png
cloud-files.helcim.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud-files.helcim.com/cd7951b57a4542be99b25bf1e5c9f29c.png
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ad35e6763f79c9521d8208d6e76509b57a1c37fe852aa2d705ea9ccda05590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-guploader-uploadid
ADPycds-x3Op9LAT_Szkfr4WSoK3Jam8dV6kXonHCVTI4lRgG7cA9tlxMJ9r_OFlCMOSz8alBmpfuVBpA0HZbLMZ399fsKNnpXnB
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
17094
last-modified
Sat, 24 Sep 2022 16:26:55 GMT
server
cloudflare
etag
"ad199045f758db7991cba75a754f5502"
x-goog-generation
1664036815496051
content-type
image/png
x-goog-hash
crc32c=/0uMJA==, md5=rRmQRfdY23mRy6dadU9VAg==
cache-control
public,max-age=3600
x-goog-stored-content-length
17094
accept-ranges
bytes
cf-ray
79a5d700ece790ee-FRA
HcmComm-CardBrands-1A.png
rise-painting.myhelcim.com/images-generic/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rise-painting.myhelcim.com/images-generic/HcmComm-CardBrands-1A.png
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e84355cc0484442033d061f4444cc827a16ab0d442c7649e4acd09d42039a4e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
"732f-5f4c46c1eb374"
content-type
image/png
accept-ranges
bytes
cf-ray
79a5d700bed137c6-FRA
content-length
29487
HcmComm-CardBrands-3A.png
rise-painting.myhelcim.com/images-generic/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rise-painting.myhelcim.com/images-generic/HcmComm-CardBrands-3A.png
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d42b6c3bf50065650251997ee9453113259f3da7b644df8b9013cba8d8b2e1c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
"7829-5f4c46c1eb75c"
content-type
image/png
accept-ranges
bytes
cf-ray
79a5d700bed237c6-FRA
content-length
30761
HcmComm-CardBrands-5A.png
rise-painting.myhelcim.com/images-generic/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rise-painting.myhelcim.com/images-generic/HcmComm-CardBrands-5A.png
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1f6163b3e9ce183df2e4dc20d24f343cc4705a7ee601b7f127224b93e2e6eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
"75d4-5f4c46c1ebf2c"
content-type
image/png
accept-ranges
bytes
cf-ray
79a5d700bed437c6-FRA
content-length
30164
HcmComm-CardBrands-6A.png
rise-painting.myhelcim.com/images-generic/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rise-painting.myhelcim.com/images-generic/HcmComm-CardBrands-6A.png
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b955000feaaca1cd25e3981a5f9bc20032f4aa5cac45dd41eabd3a080898984f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
last-modified
Wed, 15 Feb 2023 22:15:48 GMT
server
cloudflare
etag
"b1ac-5f4c46c1ec314"
content-type
image/png
accept-ranges
bytes
cf-ray
79a5d700bed637c6-FRA
content-length
45484
spinner-white.svg
resources.myhelcim.com/helcim-ui/assets/images/ 		3 KB
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.myhelcim.com/helcim-ui/assets/images/spinner-white.svg
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e4f4e7c59df0c20265cab39029929060dc0cad93050b9e48c2e824bcbbf97e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Aug 2022 17:16:01 GMT
server
cloudflare
etag
W/"d56-5e68722b7d640"
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
79a5d700bed737c6-FRA
email-decode.min.js
rise-painting.myhelcim.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rise-painting.myhelcim.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.69.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2023 11:11:08 GMT
server
cloudflare
content-encoding
gzip
etag
W/"63ecbdcc-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
79a5d6fffd9a37c6-FRA
expires
Sat, 18 Feb 2023 11:10:58 GMT
signal-v1.js
signal.helcim.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal.helcim.com/js/signal-v1.js
Requested by
Host: rise-painting.myhelcim.com
URL: https://rise-painting.myhelcim.com/hosted/?token=95ffdbabc568bf7b374c7a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f380cc289d6f2f82d01ad6f1d9b01a41fb89300cdde5d24f5ebcff00b075fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rise-painting.myhelcim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 14 Dec 2022 19:13:07 GMT
server
cloudflare
etag
W/"19cb-5efce86cf525b"
content-type
application/javascript
x-envoy-upstream-service-time
0
cf-ray
79a5d7006c6290ee-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ 		406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rise-painting.myhelcim.com/
Origin
https://rise-painting.myhelcim.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166252
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Feb 2024 11:02:52 GMT
HelveticaNeue-Medium.ttf
resources.myhelcim.com/helcim-ui/assets/styles/fonts/helvetica/ 		104 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.myhelcim.com/helcim-ui/assets/styles/fonts/helvetica/HelveticaNeue-Medium.ttf
Requested by
Host: resources.myhelcim.com
URL: https://resources.myhelcim.com/assets/css/helcim/hcm-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.70.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daf601101dbdeaaacdfbd3b3c292bc37d95ee04ea20f8f11d94338f212360abd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://resources.myhelcim.com/assets/css/helcim/hcm-fonts.css
Origin
https://rise-painting.myhelcim.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Aug 2022 17:16:01 GMT
server
cloudflare
etag
W/"1a180-5e68722b7d640"
content-type
font/ttf
access-control-allow-origin
*
cf-ray
79a5d700d826914d-FRA
HelveticaNeue.ttf
resources.myhelcim.com/helcim-ui/assets/styles/fonts/helvetica/ 		22 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://resources.myhelcim.com/helcim-ui/assets/styles/fonts/helvetica/HelveticaNeue.ttf
Requested by
Host: resources.myhelcim.com
URL: https://resources.myhelcim.com/assets/css/helcim/hcm-fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.70.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e57d8774d30893e8b34fa7479f50515be5225b6e56d327ce66b7771c5d3cb0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://resources.myhelcim.com/assets/css/helcim/hcm-fonts.css
Origin
https://rise-painting.myhelcim.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 18 Aug 2022 17:16:01 GMT
server
cloudflare
etag
W/"5718-5e68722b7d640"
content-type
font/ttf
access-control-allow-origin
*
cf-ray
79a5d700d828914d-FRA
api.php
signal.helcim.com/js/ 		1 B
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://signal.helcim.com/js/api.php
Requested by
Host: signal.helcim.com
URL: https://signal.helcim.com/js/signal-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://rise-painting.myhelcim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 16 Feb 2023 11:10:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.30
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
x-envoy-upstream-service-time
201
cf-ray
79a5d7029ad63a74-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 46DD 		42 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
31816cab1f7c08929e455246e86dafa426b93251da8172d8ae8264bdc0071a4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JsAmXJflLQFDtk-T_w4SyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rise-painting.myhelcim.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22527
content-security-policy
script-src 'report-sample' 'nonce-JsAmXJflLQFDtk-T_w4SyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 11:10:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 46DD 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Feb 2024 11:08:36 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/ Frame 46DD 		406 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166252
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 03:04:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Feb 2024 11:02:52 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 46DD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:56:35 GMT
x-content-type-options
nosniff
age
58464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Wed, 22 Feb 2023 18:56:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 46DD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:35:04 GMT
x-content-type-options
nosniff
age
92155
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 09:35:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 46DD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:44 GMT
x-content-type-options
nosniff
age
60135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 18:28:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 46DD 		102 B
133 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tNAc29ZZrpcOCErva2nr4BS9
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjRH8UAAAAANLCYSAzjksyh2vo6Ag6gMfs09dG&co=aHR0cHM6Ly9yaXNlLXBhaW50aW5nLm15aGVsY2ltLmNvbTo0NDM.&hl=de&v=tNAc29ZZrpcOCErva2nr4BS9&size=invisible&cb=8g85fv86bjhp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 11:10:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Thu, 16 Feb 2023 11:10:59 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| hcmCardOnFile function| hcmDisableButton function| sendRequest function| triggerNotification function| removeNotification function| setShippingMethodHTML function| changeCountry function| setProvince function| setPostalCode function| setTotalsHTML function| setShippingMethod function| setSameAsBilling function| setDiscountTotal function| updateProductQuantity function| updateAddOn function| checkout function| processPayment function| getCaptchaToken function| toggleModal function| watchAmount function| getNewAmount function| autoExpandingHeight function| initAmountFieldPosition function| updateAmountFieldPosition function| updateAVSFields function| updateBankFields function| checkAVSFields function| togglePaymentOption function| highlightBankInfoField function| getDeviceType function| getDeviceInfo function| hcmShippingGetRates function| hcmShippingProvinceDropDownUpdate object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| raaHrjNajpacnh object| hcmSignal object| recaptcha string| pageUrl object| urlObject string| cookieName function| imprintClick function| getDomain function| getCookieToken function| getCookie function| setCookie function| generateCookieToken function| getTimezone function| getScreenColor function| getScreenResolution function| getScreenViewPortResolution function| getPageTitle function| getPageViewed function| getPageReferrer function| getStoreProductSKU function| getStoreCategoryName function| getStoreBrandName function| getStorePageName function| getUtmSource function| getUtmMedium function| getUtmCampaign function| getUtmContent function| getUtmTerm function| getLeadId function| getBusinessId function| getUserId function| getInterestPoints function| getAbExperimentId function| getAbLayoutId object| closure_lm_304858

4 Cookies

Domain/Path Name / Value
rise-painting.myhelcim.com/ Name: PHPSESSID
Value: e2ff96d15ba7091aa738978379de6cbb
.myhelcim.com/ Name: __cf_bm
Value: B7k0vYNRQa6KcJz_RIcivn3DkMVi6WF3qMdjH91cWNc-1676545857-0-AQlIhURVyNo5GjC88K8X9oNW0IZQf5ThKVE/ag+7NRm61PNLD32fyQ5JFLXOFDvVxxJ+4bpzu731BZG7dfCtdmk=
rise-painting.myhelcim.com/ Name: hcmSignal
Value: vqRzyCJoK0Sk4XXQ4LbstT9nVVB
.helcim.com/ Name: __cf_bm
Value: G52g1SoZxrMTW2k8L8D8PM5Eg7VsJICieK6mFeyJrCM-1676545859-0-ATPHmkcm4dQpkem0v3zLzAJv8uov2BnMiQLIx66BKIXiSLjQODFYTHDcmc8XInfYlP8Mb/F9D6I7VlSUknO0B4nj8jYI9eqGdMbU9C13Goq5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud-files.helcim.com
fonts.gstatic.com
payments.risepainting.com
resources.myhelcim.com
rise-painting.myhelcim.com
signal.helcim.com
www.google.com
www.gstatic.com
104.17.69.61
104.17.70.61
172.64.144.122
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2003
35.208.197.101
0924e5af960e9110d8424b1a364b61a5bcd949d53bcca312d0474dcb8c64a478
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25ad35e6763f79c9521d8208d6e76509b57a1c37fe852aa2d705ea9ccda05590
31816cab1f7c08929e455246e86dafa426b93251da8172d8ae8264bdc0071a4a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f2de51df9af1da9ce787006cc77f0327550acc86f6a7d7575907acbb9b101a7
428cd920c0a794f2e73e0a37748c7a0dad0e59ccf5abe6bd34c6c9f41e4c3cf4
46eec4960913c2a9b0381f73e3005fc256a77a5f4ce695faee18577741ab7068
50b706161508be7d145f991f27586b71c5687bfb8d4be6a51e87286e1393f7cc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c1f6163b3e9ce183df2e4dc20d24f343cc4705a7ee601b7f127224b93e2e6eb
62e8348283ede68b3bc9e785dd37ca6ecc9c932dd66de388225bbd5c7ff8489b
65f380cc289d6f2f82d01ad6f1d9b01a41fb89300cdde5d24f5ebcff00b075fb
66e4f4e7c59df0c20265cab39029929060dc0cad93050b9e48c2e824bcbbf97e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79ebc1b0387f2c64802c17b434e4a1927d6af1417e2a422dd4950b6f23318964
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8e57d8774d30893e8b34fa7479f50515be5225b6e56d327ce66b7771c5d3cb0a
9345880ada178d9c36ed991525ff3c0671594be63500a61313d2ac1d35f3a51c
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
b955000feaaca1cd25e3981a5f9bc20032f4aa5cac45dd41eabd3a080898984f
d42b6c3bf50065650251997ee9453113259f3da7b644df8b9013cba8d8b2e1c4
dae730f2cb24d16096aa9e0674ef3c0cd5af5f54ac5acc0f499c0e6a3cbcfd7b
daf601101dbdeaaacdfbd3b3c292bc37d95ee04ea20f8f11d94338f212360abd
e84355cc0484442033d061f4444cc827a16ab0d442c7649e4acd09d42039a4e0
eb4767389f84a854bf5c46f333dc5976086b075f3ab90add10d8d128d288071b