urlscan.io logo urlscan.io
SecurityTrails logo

welltherm.de Open in urlscan Pro
85.13.162.180  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://welltherm.de/
Effective URL: https://welltherm.de/
Submission: On April 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 58 HTTP transactions. The main IP is 85.13.162.180, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is welltherm.de.
TLS certificate: Issued by R3 on March 1st 2024. Valid for: 3 months.
This is the only time welltherm.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
45 85.13.162.180 34788 (NMM-AS D)
12 2400:52e0:1e0... 200325 (BUNNYCDN)
58 3
Apex Domain
Subdomains		 Transfer
45 welltherm.de
welltherm.de
1 MB
12 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 30974
73 KB
58 2
Domain Requested by
45 welltherm.de welltherm.de
12 consent.cookiefirst.com welltherm.de
consent.cookiefirst.com
58 2

This site contains links to these domains. Also see Links.

Domain
www.youtube-nocookie.com
cookiefirst.com
Subject Issuer Validity Valid
welltherm.de
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2024-12-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://welltherm.de/
Frame ID: 6D06555135A42CC2475BEC934FB42D68
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Infrarotheizung - beste Qualität vom Spezialisten | welltherm

Page URL History Show full URLs

  1. http://welltherm.de/ HTTP 307
    https://welltherm.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1203 kB
Transfer

2395 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://welltherm.de/ HTTP 307
    https://welltherm.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
welltherm.de/
Redirect Chain
  • http://welltherm.de/
  • https://welltherm.de/
153 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
7b2707c52c54483cd9ba11713ac119aa3c4119595066f08538ab29ba1f46d193
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
br
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-type
text/html
date
Mon, 29 Apr 2024 18:44:50 GMT
expires
Mon, 29 Apr 2024 19:44:50 GMT
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=2592000
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Location
https://welltherm.de/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
welltherm.de/vendor/bootstrap/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
23238
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:09 GMT
server
nginx
etag
"2606e-5b696502a16a6-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
all.min.css
welltherm.de/vendor/fontawesome-free/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/fontawesome-free/css/all.min.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
849a96c1caef3b7b1af3f0bdc40f0ac87d215825fc61d244ab14cfd89d7bab05
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
12071
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:19 GMT
server
nginx
etag
"d783-5b69650c3f565-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
animate.min.css
welltherm.de/vendor/animate/ 		57 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/animate/animate.min.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
4324
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:07 GMT
server
nginx
etag
"e283-5b696500df380-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
theme.min.css
welltherm.de/css/ 		174 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/css/theme.min.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
55745eb190b2563b40ec58d690bf21ac1718180e712ebaf3c488cf1cb7f235d0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
21078
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Mon, 31 Oct 2022 14:42:44 GMT
server
nginx
etag
"2b64f-5ec559ecc8972-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
theme-elements.min.css
welltherm.de/css/ 		249 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/css/theme-elements.min.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
54270ba3e86b3535b74a0d2d0858d042dee1d0859f97f4a495aefaf33efdbe7f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
38880
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:06:54 GMT
server
nginx
etag
"3e5c6-5b69639d044e9-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
default.min.css
welltherm.de/css/skins/ 		145 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/css/skins/default.min.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
d003eb72aedc80354d5954d03472c7a4b1b7a92fdd701ef9d9bb3c6d824956a5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
14388
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:06:54 GMT
server
nginx
etag
"242c8-5b69639cd85c9-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
custom.css
welltherm.de/css/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/css/custom.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
e2b4b6e3cb4b0850b18f69ccfd663e8050d95f86f125db7dd16d534ce35b2edc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
8725
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:06:51 GMT
server
nginx
etag
"9d3d-5b69639a433a1-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
modernizr.min.js
welltherm.de/vendor/modernizr/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/modernizr/modernizr.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
f581de2651bcaf5ce78f0871423cbbaeb957eec2f32051c20928ec9b1920beb1
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
3959
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:14:09 GMT
server
nginx
etag
"24b5-5b69653b0dcbb-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
jquery.min.js
welltherm.de/vendor/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/jquery/jquery.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
30910
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Fri, 18 Dec 2020 15:58:20 GMT
server
nginx
etag
"15d84-5b6bf2d654ab1-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
consent.js
consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/consent.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
39f827199d6aac6120252a9855c99920c92b5af029427c5b396e6030fbea3436

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1079
cdn-storageserver
DE-680
cdn-cachedat
03/26/2024 21:01:19
cdn-pullzone
236985
visitor-location
DE
last-modified
Thu, 07 Mar 2024 22:17:30 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65ea3cfa-daa"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=30
cdn-requestid
460bb08b6e8c5aa14f8d65be24779266
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
welltherm-logo-so.svg
welltherm.de/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/welltherm-logo-so.svg
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
63158aab8fbd80ed3304be6c4b79e99dc5231d037c43eb0f4afdc19eac025d90
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
1009
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:28 GMT
server
nginx
etag
"8f0-5b6967fc774f4-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=31536000, public, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
en.png
welltherm.de/images/ 		600 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/en.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
600
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:18 GMT
server
nginx
etag
"258-5b6967f280854"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
ssl-icon.png
welltherm.de/images/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/ssl-icon.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
7c6de7f45b6d2042d1b4bd20b1aa7f289d2a5db436441ff30ff617821647c844
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
47352
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:27 GMT
server
nginx
etag
"b8f8-5b6967fbb7e72"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
produkte_banner_fussbodenheizung.avif
welltherm.de/images/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/produkte_banner_fussbodenheizung.avif
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
31edf09b47df9188bce60d93c1ccdd90c1ff89d885719fa699b1a08ed3e2d1ba
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
54593
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:57 GMT
server
nginx
etag
"d541-5b6968185fdce"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/avif
cache-control
public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
web-app_planer.avif
welltherm.de/images/startseite/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/startseite/web-app_planer.avif
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
60b83479e940dd9506c1e1c0a757ea6f6f5bdceeeddcfa54050265a8a0cd1183
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
22976
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:07:40 GMT
server
nginx
etag
"59c0-5b6963c864d55"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/avif
cache-control
public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
3D-Tour-Grafik.avif
welltherm.de/images/startseite/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/startseite/3D-Tour-Grafik.avif
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
1693bcc1544c30c551c25fb03056610ce59f773ba067ef411ddecb2d7ddeb436
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
37031
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:07:39 GMT
server
nginx
etag
"90a7-5b6963c7257f1"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/avif
cache-control
public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
icons_ce_white.png
welltherm.de/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_ce_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
36350c4e50b8049756a5458890033b4c56029e576c0b7ed8a0d4797b93635086
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
3164
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"c5c-5b6967f346c37"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icons_vde_white.png
welltherm.de/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_vde_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
ffc800047ed478242c2117c2960e758e4f39234b1f8d55a644eb288747cf00ba
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
3470
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"d8e-5b6967f374a97"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icons_gs_white.png
welltherm.de/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_gs_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
343dcc6254c7ff5f7ac57396f1ebe7a2bbf9ae96497e6df1c305c4b244cc23d8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
4166
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"1046-5b6967f350877"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icons_vde-emc_white.png
welltherm.de/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_vde-emc_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
fe8a517ee511d07980c4ae6e1970b2d4a56d2112e8418d580fac9c1e3a485955
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
4992
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"1380-5b6967f37c797"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icons_rohs_white.png
welltherm.de/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_rohs_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
27d9bd0f417b96cdb8ecaf0ae9c75d6104c4bc692e7a639e3325792b6b6f9d04
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
5409
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"1521-5b6967f368f17"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icons_mig_white.png
welltherm.de/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_mig_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
f95fdaf0716206f8409897f482ec0589ff67cb2b17894866448dfa782caca8a5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
3786
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"eca-5b6967f365097"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icons_iso9001_white.png
welltherm.de/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icons_iso9001_white.png
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
0b1a38e9d527427c0b7623db90361e35369b34ef683cb78778171627a5d30c08
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
5661
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:19 GMT
server
nginx
etag
"161d-5b6967f368f17"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
popup.css
welltherm.de/css/ 		733 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/css/popup.css
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
a940f1acd115ce8704652d1755bea1bef36cf5b97d1cf864e9861adaf31ce737
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
330
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 14:35:09 GMT
server
nginx
etag
"2dd-60c7930cbe14a-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
tn-popup.jpg
welltherm.de/images/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/tn-popup.jpg
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
6d8ac73a4cc98a637e66f8c9d3e57624851b8ba1eca287c894d05645dcef0da1
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
136381
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 11:52:30 GMT
server
nginx
etag
"214bd-60c76eb1810cc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
jquery.appear.min.js
welltherm.de/vendor/jquery.appear/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/jquery.appear/jquery.appear.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
99271224a929a6b7d4f064b6e3276774fb40b37aafc2961942f763815acef6c3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
672
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:24 GMT
server
nginx
etag
"583-5b6965102c391-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
jquery.easing.min.js
welltherm.de/vendor/jquery.easing/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/jquery.easing/jquery.easing.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
817
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:24 GMT
server
nginx
etag
"9e4-5b69651088052-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
bootstrap.min.js
welltherm.de/vendor/bootstrap/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
15437
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:10 GMT
server
nginx
etag
"e2d8-5b696503a1469-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
common.min.js
welltherm.de/vendor/common/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/common/common.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
804345523ac3d194e129ad5f24abf3a6c97aaa4768d1561f368a26f3c830833b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
8998
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:19 GMT
server
nginx
etag
"60d0-5b69650c08a64-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
jquery.lazyload.min.js
welltherm.de/vendor/jquery.lazyload/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/jquery.lazyload/jquery.lazyload.min.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
6b139a7d488115a13e1833e726eed001b0f4e7c9f3b7a75383ed2e945775e049
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
1218
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:25 GMT
server
nginx
etag
"cc7-5b6965112ffd4-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
theme.js
welltherm.de/js/ 		120 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/js/theme.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
6b8a11aa4f8812fdd20e574aa65e0754535e257d31f442834622fad443ac4256
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
22460
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:07:45 GMT
server
nginx
etag
"1e154-5b6963cdc3d66-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
custom.js
welltherm.de/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/js/custom.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
950bc108272efd4e141b771387ef34dbfca30b79f83044921fae2e2fe15cbc7a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
2574
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Fri, 28 Oct 2022 08:43:29 GMT
server
nginx
etag
"22dc-5ec1440899f13-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
views.index.js
welltherm.de/js/views/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/js/views/views.index.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
14a1d6dcedccd97a7cb3ab6744900ceae0271197d0f3c08182b137108a057cfc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
1559
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Thu, 17 Dec 2020 09:49:04 GMT
server
nginx
etag
"1309-5b6a5e6fc5c48-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
theme.init.js
welltherm.de/js/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/js/theme.init.js
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
cf3f7a5cf4e5a1631ab22405f35fbb303781fd99906920b6e66e1dd3c6c3e82c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
1283
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:07:45 GMT
server
nginx
etag
"2d3c-5b6963cda1a85-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
banner.no-autoblock.js
consent.cookiefirst.com/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.no-autoblock.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/consent.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
e310c4e689e7bcf75fda1bde019d6e4fb564d95da0b9a7d04fd7e68d9673a444

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1079
cdn-storageserver
DE-680
cdn-cachedat
03/26/2024 20:58:47
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:06 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ae-faf0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=300
cdn-requestid
b48235930d26f4d57d9088103f264be5
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
eshc-hg.jpg
welltherm.de/images/startseite/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/startseite/eshc-hg.jpg
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
7497e189c3ae5fefb795a05b20afe301df4addd74227096246687f71e5e75101
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://welltherm.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
28257
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:07:39 GMT
server
nginx
etag
"6e61-5b6963c77c692"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
f790e9dd-8840-41d4-99ea-6942b90bac53.woff2
welltherm.de/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/fonts/f790e9dd-8840-41d4-99ea-6942b90bac53.woff2
Requested by
Host: welltherm.de
URL: https://welltherm.de/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
b48ff1c0b8390325f557d432b17a985ab6baf4296e6f9cac9e5637067b0da0dd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://welltherm.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
21232
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:06:57 GMT
server
nginx
etag
"52f0-5b69639fb4c92"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
cache-control
max-age=31536000
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
fa-solid-900.woff2
welltherm.de/vendor/fontawesome-free/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by
Host: welltherm.de
URL: https://welltherm.de/vendor/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://welltherm.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
74256
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:21 GMT
server
nginx
etag
"12210-5b69650db6569"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
cache-control
max-age=31536000
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
10857077-7d7d-4793-81b3-08213bb9c668.woff2
welltherm.de/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/fonts/10857077-7d7d-4793-81b3-08213bb9c668.woff2
Requested by
Host: welltherm.de
URL: https://welltherm.de/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
feff85f6310ec6cc58e57999c0584e10281bf2a2102d27374e8a3b6853eced58
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://welltherm.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
21204
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:06:56 GMT
server
nginx
etag
"52d4-5b69639f04070"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
cache-control
max-age=31536000
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
fa-regular-400.woff2
welltherm.de/vendor/fontawesome-free/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/vendor/fontawesome-free/webfonts/fa-regular-400.woff2
Requested by
Host: welltherm.de
URL: https://welltherm.de/vendor/fontawesome-free/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://welltherm.de
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
13552
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:13:20 GMT
server
nginx
etag
"34f0-5b69650cfad67"
x-frame-options
SAMEORIGIN
content-type
application/x-font-woff2
cache-control
max-age=31536000
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
version.json
consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/ 		44 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/version.json?v=1714416290572
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
0346ecb73bf601beb2805b53107f2e6723749c1bb9802052c41957b4a9be4f7a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-664
cdn-cachedat
04/29/2024 18:44:50
cdn-pullzone
236985
content-length
44
visitor-location
DE
last-modified
Thu, 07 Mar 2024 22:17:30 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65ea3cfa-2c"
content-type
application/json
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=15
cdn-requestid
6720aebb9c70b43e783ee36c6451e710
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
slider_startseite_badezimmer-glasheizung-ral.avif
welltherm.de/images/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/slider_startseite_badezimmer-glasheizung-ral.avif
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
ed57e4f4779dccaff94cf110241de617acf9b6335cb5010f0c973d363cd63af8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://welltherm.de/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
173807
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:27:00 GMT
server
nginx
etag
"2a6ef-5b69681a7aed5"
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
image/avif
cache-control
public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
truncated
/ 		120 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
blaetterkatalog-deckblatt.jpg
welltherm.de/images/startseite/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/startseite/blaetterkatalog-deckblatt.jpg
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
4f0230da38873858e77bc0275b66b2f5d696b60abd47c1e0e5d036cff488a35b
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
58994
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Tue, 12 Sep 2023 11:22:27 GMT
server
nginx
etag
"e672-60527a86acceb"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
energiekostenminimierung.jpg
welltherm.de/images/startseite/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/startseite/energiekostenminimierung.jpg
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
9c682810d928cc91240b5595c55dc4f62d0b9cd57aa82ae53a3a3b598f406922
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
111752
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Tue, 11 Oct 2022 13:50:33 GMT
server
nginx
etag
"1b488-5eac28f5933db"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
lichtrahmen.jpg
welltherm.de/images/startseite/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/startseite/lichtrahmen.jpg
Requested by
Host: welltherm.de
URL: https://welltherm.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
5a7d8acf8cf5343c107152442e66b288e218b387e960a00646baf0be302f43e8
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-length
46900
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Mon, 17 Oct 2022 11:08:15 GMT
server
nginx
etag
"b734-5eb38fdf9e25b"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
lang-widget-de.json
consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/ 		15 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/lang-widget-de.json?v=75e55807-72c2-4b4c-b1fc-f80d342463ea
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
52151b6e87e1e7e131bc9dc36e07a2c6527cd867363f11528fa6e0394aa70127

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-662
cdn-cachedat
03/08/2024 04:03:43
cdn-pullzone
236985
visitor-location
DE
last-modified
Thu, 07 Mar 2024 22:17:30 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65ea3cfa-3b77"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
1c81f40dcdb4bf39b3126da2d5394147
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
162.65cd.c.js
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/162.65cd.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
90c1accb9838c634b79152f98ebd895ce9f3db4502ad8c490e6ecde1780abef7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1079
cdn-storageserver
DE-663
cdn-cachedat
03/26/2024 00:25:49
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:06 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ae-17f8"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
4ea7dcdf96575931819d4f3f15e5b4c8
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
676.5181.c.css
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		19 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/676.5181.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
13c50152eaa08263a1f64ad88ff46d62cac6cd8bc766e5da90f4d4a723004b72

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-383
cdn-cachedat
03/20/2024 15:50:07
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:05 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ad-4beb"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
849d5fc983b134f281bf9acc89c47a7e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
676.ddf0.c.js
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/676.ddf0.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
0defb63aff4d876944c50fed62e546df9aabb248350768ba205beb6a175f0029

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-679
cdn-cachedat
03/20/2024 15:50:07
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:05 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ad-35c5"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
131811c180824e9f21cf74b29c134db1
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
ui.e8db.c.css
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		14 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ui.e8db.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
a8492f0d6803450829df494330669a3a729234edca9378bb52a3c9b38b1232d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-storageserver
DE-661
cdn-cachedat
03/20/2024 15:50:07
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:04 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ac-39c0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
aa056d366ea6b6557ad2625468b4678b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
ui.8a2e.c.js
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ui.8a2e.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
fe721d27777ec8f48c94303e83491ef2b9bd99d4f4738d50d9409b92c8f7f5b9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-661
cdn-cachedat
03/20/2024 15:50:07
cdn-pullzone
236985
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:04 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
728
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65fb05ac-b0ba"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
d3a8f053161f3b720351e9c29981a049
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.362b.c.css
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		127 B
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/233.362b.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-661
cdn-cachedat
03/20/2024 15:50:07
cdn-pullzone
236985
content-length
127
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:05 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
750
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65fb05ad-7f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
7cbfe3433b3bec668ffaac3c9150a1a8
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.8420.c.js
consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/ 		96 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.11/static-main-no-autoblock/233.8420.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-680
cdn-cachedat
04/22/2024 09:38:36
cdn-pullzone
236985
content-length
96
visitor-location
DE
last-modified
Wed, 20 Mar 2024 15:50:05 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
750
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65fb05ad-60"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
89f5eb41dc66daf01e4d85b7639d1d59
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
styles.css
consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/welltherm.de-a018ca81-824e-4d41-9832-54a743da3706/styles.css?v=75e55807-72c2-4b4c-b1fc-f80d342463ea
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
Cookie First CDN-DE1-1081 /
Resource Hash
ea6d024be3ea50cebb11a1f58be44db076209f91ce0546f3ad2bcbb6f97c33c6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-680
cdn-cachedat
03/08/2024 04:03:43
cdn-pullzone
236985
visitor-location
DE
last-modified
Thu, 07 Mar 2024 22:17:29 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
587
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"65ea3cf9-571"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
d7d309ed8f11c8d5c7688a7819824294
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
cookiefirst.svg
consent.cookiefirst.com/branding/ 		0
0
favicon.ico
welltherm.de/images/ 		1 KB
922 B 		Other
General
Check archive.org
Download Go to
Full URL
https://welltherm.de/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:50 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
br
content-length
107
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Wed, 16 Dec 2020 15:26:18 GMT
server
nginx
etag
"47e-5b6967f29ecb5-br"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
image/x-icon
cache-control
max-age=31536000, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:50 GMT
icon-close.svg
welltherm.de/images/ 		689 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://welltherm.de/images/icon-close.svg
Requested by
Host: welltherm.de
URL: https://welltherm.de/css/popup.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.162.180 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd44624.kasserver.com
Software
nginx /
Resource Hash
2753340f59a3b1a0fb234a74d601559c948bbe0c53a92cd65192fc4641f32e5e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:44:54 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
content-encoding
gzip
content-length
319
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
pragma
public
referrer-policy
no-referrer
last-modified
Thu, 14 Dec 2023 12:01:24 GMT
server
nginx
etag
"2b1-60c770af0d3fd-gzip"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=31536000, public, public
feature-policy
geolocation 'self'
permissions-policy
geolocation 'self'
accept-ranges
bytes
expires
Tue, 29 Apr 2025 18:44:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
consent.cookiefirst.com
URL
https://consent.cookiefirst.com/branding/cookiefirst.svg

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| $ function| jQuery string| src object| s object| __COOKIE_BANNER_SETTINGS__ object| bootstrap function| scrollAndFocus undefined| $pageHeaderTitleBorder undefined| $pageHeaderTitle undefined| $window undefined| setPageHeaderTitleBorderWidth string| c function| fontSpy object| theme object| chunkCB function| addCFGTMConsentListener number| __COOKIE_BANNER_INIT_TIME__ function| iconsInfo function| gleicheHoehe function| formate function| openProfiltabs function| ajaxFunktion boolean| initialized boolean| CF_visiblity object| CookieFirst function| cookiefirst_show_settings object| dataLayer function| gtag

0 Cookies

2 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security error URL: https://welltherm.de/
Message:
Refused to load the image 'https://consent.cookiefirst.com/branding/cookiefirst.svg' because it violates the following Content Security Policy directive: "img-src https://welltherm.de https://www.google-analytics.com data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline'; script-src-elem 'unsafe-inline' https:; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; img-src https://welltherm.de https://www.google-analytics.com data:; style-src https://welltherm.de https://fonts.googleapis.com https://fonts.gstatic.com https://consent.cookiefirst.com/ 'self' 'unsafe-inline';
Public-Key-Pins pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

consent.cookiefirst.com
welltherm.de
consent.cookiefirst.com
2400:52e0:1e00::1081:1
85.13.162.180
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
0346ecb73bf601beb2805b53107f2e6723749c1bb9802052c41957b4a9be4f7a
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b1a38e9d527427c0b7623db90361e35369b34ef683cb78778171627a5d30c08
0defb63aff4d876944c50fed62e546df9aabb248350768ba205beb6a175f0029
13c50152eaa08263a1f64ad88ff46d62cac6cd8bc766e5da90f4d4a723004b72
14a1d6dcedccd97a7cb3ab6744900ceae0271197d0f3c08182b137108a057cfc
1693bcc1544c30c551c25fb03056610ce59f773ba067ef411ddecb2d7ddeb436
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
2753340f59a3b1a0fb234a74d601559c948bbe0c53a92cd65192fc4641f32e5e
27d9bd0f417b96cdb8ecaf0ae9c75d6104c4bc692e7a639e3325792b6b6f9d04
31edf09b47df9188bce60d93c1ccdd90c1ff89d885719fa699b1a08ed3e2d1ba
343dcc6254c7ff5f7ac57396f1ebe7a2bbf9ae96497e6df1c305c4b244cc23d8
3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411
36350c4e50b8049756a5458890033b4c56029e576c0b7ed8a0d4797b93635086
39f827199d6aac6120252a9855c99920c92b5af029427c5b396e6030fbea3436
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
4f0230da38873858e77bc0275b66b2f5d696b60abd47c1e0e5d036cff488a35b
52151b6e87e1e7e131bc9dc36e07a2c6527cd867363f11528fa6e0394aa70127
54270ba3e86b3535b74a0d2d0858d042dee1d0859f97f4a495aefaf33efdbe7f
55745eb190b2563b40ec58d690bf21ac1718180e712ebaf3c488cf1cb7f235d0
5a7d8acf8cf5343c107152442e66b288e218b387e960a00646baf0be302f43e8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60b83479e940dd9506c1e1c0a757ea6f6f5bdceeeddcfa54050265a8a0cd1183
63158aab8fbd80ed3304be6c4b79e99dc5231d037c43eb0f4afdc19eac025d90
6b139a7d488115a13e1833e726eed001b0f4e7c9f3b7a75383ed2e945775e049
6b8a11aa4f8812fdd20e574aa65e0754535e257d31f442834622fad443ac4256
6d8ac73a4cc98a637e66f8c9d3e57624851b8ba1eca287c894d05645dcef0da1
7497e189c3ae5fefb795a05b20afe301df4addd74227096246687f71e5e75101
7b2707c52c54483cd9ba11713ac119aa3c4119595066f08538ab29ba1f46d193
7c6de7f45b6d2042d1b4bd20b1aa7f289d2a5db436441ff30ff617821647c844
804345523ac3d194e129ad5f24abf3a6c97aaa4768d1561f368a26f3c830833b
849a96c1caef3b7b1af3f0bdc40f0ac87d215825fc61d244ab14cfd89d7bab05
90c1accb9838c634b79152f98ebd895ce9f3db4502ad8c490e6ecde1780abef7
950bc108272efd4e141b771387ef34dbfca30b79f83044921fae2e2fe15cbc7a
99271224a929a6b7d4f064b6e3276774fb40b37aafc2961942f763815acef6c3
9c682810d928cc91240b5595c55dc4f62d0b9cd57aa82ae53a3a3b598f406922
a8492f0d6803450829df494330669a3a729234edca9378bb52a3c9b38b1232d6
a940f1acd115ce8704652d1755bea1bef36cf5b97d1cf864e9861adaf31ce737
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b48ff1c0b8390325f557d432b17a985ab6baf4296e6f9cac9e5637067b0da0dd
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
cf3f7a5cf4e5a1631ab22405f35fbb303781fd99906920b6e66e1dd3c6c3e82c
d003eb72aedc80354d5954d03472c7a4b1b7a92fdd701ef9d9bb3c6d824956a5
e2b4b6e3cb4b0850b18f69ccfd663e8050d95f86f125db7dd16d534ce35b2edc
e310c4e689e7bcf75fda1bde019d6e4fb564d95da0b9a7d04fd7e68d9673a444
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
ea6d024be3ea50cebb11a1f58be44db076209f91ce0546f3ad2bcbb6f97c33c6
ed57e4f4779dccaff94cf110241de617acf9b6335cb5010f0c973d363cd63af8
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f581de2651bcaf5ce78f0871423cbbaeb957eec2f32051c20928ec9b1920beb1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f95fdaf0716206f8409897f482ec0589ff67cb2b17894866448dfa782caca8a5
fe721d27777ec8f48c94303e83491ef2b9bd99d4f4738d50d9409b92c8f7f5b9
fe8a517ee511d07980c4ae6e1970b2d4a56d2112e8418d580fac9c1e3a485955
feff85f6310ec6cc58e57999c0584e10281bf2a2102d27374e8a3b6853eced58
ffc800047ed478242c2117c2960e758e4f39234b1f8d55a644eb288747cf00ba