urlscan.io logo urlscan.io
SecurityTrails logo

www.theunderfloorheatingstore.com Open in urlscan Pro
192.124.249.62  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.theunderfloorheatingstore.com/
Submission: On April 17 via api from RU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 20 domains to perform 266 HTTP transactions. The main IP is 192.124.249.62, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.theunderfloorheatingstore.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on August 19th 2020. Valid for: a year.
This is the only time www.theunderfloorheatingstore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
211 192.124.249.62 30148 (SUCURI-SEC)
2 104.111.228.123 16625 (AKAMAI-AS)
2 143.204.245.116 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.16.210.86 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 216.58.212.162 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 54.239.36.254 16509 (AMAZON-02)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
266 28
211    192.124.249.62 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10062.sucuri.net
www.theunderfloorheatingstore.com
2    104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com
www.paypalobjects.com
2    143.204.245.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-116.cph50.r.cloudfront.net
static-eu.payments-amazon.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
www.google-analytics.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.16.210.86 (United States)

ASN13335 (CLOUDFLARENET, US)
r1-t.trackedlink.net
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.de
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
static-v.tawk.to
va.tawk.to
1    2a02:26f0:7100:48a::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2104:5200:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
3    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
8    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    54.239.36.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
payments-uk.amazon.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Domain Requested by
211 www.theunderfloorheatingstore.com www.theunderfloorheatingstore.com
8 www.google.com apis.google.com
www.google.com
www.theunderfloorheatingstore.com
7 apis.google.com www.theunderfloorheatingstore.com
apis.google.com
accounts.google.com
www.google.com
5 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 va.tawk.to static-v.tawk.to
2 www.google.de www.theunderfloorheatingstore.com
2 www.facebook.com www.theunderfloorheatingstore.com
2 px.ads.linkedin.com 1 redirects www.theunderfloorheatingstore.com
2 payments-uk.amazon.com static-eu.payments-amazon.com
2 bat.bing.com www.googletagmanager.com
www.theunderfloorheatingstore.com
2 static-eu.payments-amazon.com www.theunderfloorheatingstore.com
static-eu.payments-amazon.com
2 www.paypalobjects.com www.theunderfloorheatingstore.com
1 static-v.tawk.to embed.tawk.to
1 play.google.com www.google.com
1 ssl.gstatic.com accounts.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.gstatic.com www.google.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 accounts.google.com apis.google.com
1 www.linkedin.com 1 redirects
1 www.dwin1.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 snap.licdn.com www.theunderfloorheatingstore.com
1 embed.tawk.to www.theunderfloorheatingstore.com
1 r1-t.trackedlink.net www.theunderfloorheatingstore.com
1 www.googletagmanager.com www.theunderfloorheatingstore.com
1 fonts.googleapis.com www.theunderfloorheatingstore.com
266 29
Subject Issuer Validity Valid
theunderfloorheatingstore.com
Starfield Secure Certificate Authority - G2		 2020-08-19 -
2021-08-19		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-13 -
2022-01-11		 a year crt.sh
static-eu.payments-amazon.com
Amazon		 2020-08-20 -
2021-09-19		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
r1-t.trackedlink.net
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.dwin1.com
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
payments-uk.amazon.com
Amazon		 2020-11-10 -
2021-10-11		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
accounts.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.theunderfloorheatingstore.com/
Frame ID: 3EE3596EEC40B73E2341F1A98F61A6AF
Requests: 252 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=6150655&origin=https%3A%2F%2Fwww.theunderfloorheatingstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: D3FD8233F7859A76D6B388CD074B125A
Requests: 10 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.theunderfloorheatingstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Frame ID: 3F0A1B7308335D7B681F29E80A1418D0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /js\/mage/i
Overall confidence: 100%
Detected patterns
  • script /js\/mage/i
Overall confidence: 100%
Detected patterns
  • script /js\/mage/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/embed\.tawk\.to/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/(?:scriptaculous|protoaculous)(?:\.js|\/)/i

Page Statistics

266
Requests

100 %
HTTPS

79 %
IPv6

20
Domains

29
Subdomains

28
IPs

4
Countries

8135 kB
Transfer

10775 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 231
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=418233&time=1618623396788&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D418233%26time%3D1618623396788%26url%3Dhttps%253A%252F%252Fwww.theunderfloorheatingstore.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=418233&time=1618623396788&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&liSync=true

266 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theunderfloorheatingstore.com/ 		121 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
8715e67c7ae06b7d1da59de813dc8cffb5a27038f2754081cc54e446bd6a5e96
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.theunderfloorheatingstore.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Sat, 17 Apr 2021 01:36:35 GMT
content-type
text/html; charset=UTF-8
x-sucuri-id
13012
vary
Accept-Encoding
set-cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; path=/ frontend=p7enavm4eb5v4mbhk33fd4g3nh; expires=Sat, 17-Apr-2021 02:36:36 GMT; Max-Age=3600; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly frontend_cid=AldIO3WWvYLQYFon; expires=Sat, 17-Apr-2021 02:36:36 GMT; Max-Age=3600; path=/; domain=www.theunderfloorheatingstore.com; secure; HttpOnly CUSTOMER_SEGMENT_IDS=2; expires=Sat, 17-Apr-2021 02:36:36 GMT; Max-Age=3600; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly CUSTOMER=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly CUSTOMER_INFO=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly CUSTOMER_AUTH=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly CUSTOMER_RATES=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly NEWMESSAGE=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=www.theunderfloorheatingstore.com; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
p3p
CP="CAO PSA OUR"
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
x-xss-protection
1; mode=block
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-sucuri-cache
MISS
amazonpayments.css
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/creativestyle/css/ 		5 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/creativestyle/css/amazonpayments.css?q=1576738578
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c01ad564024b34264eb92f9be22f365e7e9cbb6bc1a3571be2ce0c563b3762a6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/creativestyle/css/amazonpayments.css?q=1576738578
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:18 GMT
server
nginx
etag
W/"5dfb1f12-13dd"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
amazonpayments-responsive-widgets.css
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/creativestyle/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/creativestyle/css/amazonpayments-responsive-widgets.css?q=1576738578
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6691aa186da042fc9c48cf4e2209ad844225691ea468c7ae920c4a61a3574405
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/creativestyle/css/amazonpayments-responsive-widgets.css?q=1576738578
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:18 GMT
server
nginx
etag
W/"5dfb1f12-842"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
flint_feefo.css
www.theunderfloorheatingstore.com/skin/frontend/base/default/css/ 		157 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/base/default/css/flint_feefo.css?q=1576738579
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
f58e3cf2dbe97ed96f991dc095331d699b7e8f8b75470aedd7eab5d4c6fa38f6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/base/default/css/flint_feefo.css?q=1576738579
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
157
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:19 GMT
server
nginx
etag
"5dfb1f13-9d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style_v148.css
www.theunderfloorheatingstore.com/skin/frontend/base/default/css/magebird_popup/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/base/default/css/magebird_popup/style_v148.css?q=1576738578
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
cd13d65660712d9332288e2c7240e5762ef342aa35b3a8167c31c7d84a56eb6b
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/base/default/css/magebird_popup/style_v148.css?q=1576738578
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:18 GMT
server
nginx
etag
W/"5dfb1f12-1fda"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
elasticsearch.css
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/css/wyomind/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/css/wyomind/elasticsearch.css?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
09d148642020480b971f4cf57e797365841a02dc7176fbe0a38804e5476623c4
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/css/wyomind/elasticsearch.css?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-48d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookiealert.css
www.theunderfloorheatingstore.com/skin/frontend/base/default/css/zero1/gdpr/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/base/default/css/zero1/gdpr/cookiealert.css?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
1dc026ffa557869ff8e7f308c3cc1f86958af1a4706ef4054f5fca3aaa538455
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/base/default/css/zero1/gdpr/cookiealert.css?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-73a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
sagePaySuite.css
www.theunderfloorheatingstore.com/skin/frontend/base/default/sagepaysuite/css/ 		816 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/base/default/sagepaysuite/css/sagePaySuite.css?q=1576738579
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
013fff9bfb963d505db7792deab40e1dd0ecfc392e7544d729446af289f1136e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/base/default/sagepaysuite/css/sagePaySuite.css?q=1576738579
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
816
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:19 GMT
server
nginx
etag
"5dfb1f13-330"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
prototype.js
www.theunderfloorheatingstore.com/js/prototype/ 		159 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/prototype/prototype.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
dedea3aa22a087b3745c9635e7a3d65e772d57ce590b541a6a32069a0b1d60b9
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/prototype/prototype.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-27df1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.12.1.min.js
www.theunderfloorheatingstore.com/js/lib/jquery/ 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/lib/jquery/jquery-1.12.1.min.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/lib/jquery/jquery-1.12.1.min.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-17c7b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
noconflict.js
www.theunderfloorheatingstore.com/js/lib/jquery/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/lib/jquery/noconflict.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
bbe1675c06e0f3d57b2614b2523c7f0818bbd518b4bfd912b363d388e517986d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/lib/jquery/noconflict.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1044
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
"5dfb1f10-414"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ccard.js
www.theunderfloorheatingstore.com/js/lib/ 		747 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/lib/ccard.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
71efc700b9091f1449e2c952536cf7281aded3a30a96e44be5d06e606e2904bd
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/lib/ccard.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
747
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
"5dfb1f10-2eb"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
validation.js
www.theunderfloorheatingstore.com/js/prototype/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/prototype/validation.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4aa58699835300a9571e2488d656e0e89406173e8519fb40592eaa6b5b5c3775
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/prototype/validation.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-acee"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
builder.js
www.theunderfloorheatingstore.com/js/scriptaculous/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/scriptaculous/builder.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
8a2e4f92cba8509d0d26255bb950e4a53345fad6c1b38da13448b9c7a561832a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/scriptaculous/builder.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-1288"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
effects.js
www.theunderfloorheatingstore.com/js/scriptaculous/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/scriptaculous/effects.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
328cab78ebb3e3c4e94e23b87630a56ae7ad2db686ecd1d69f93176318b6f82d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/scriptaculous/effects.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-9759"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
dragdrop.js
www.theunderfloorheatingstore.com/js/scriptaculous/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/scriptaculous/dragdrop.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
1b88542d1458cd86dacd3de3cb9635ded83c01edcae01be5f49451611985cff8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/scriptaculous/dragdrop.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-795a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
controls.js
www.theunderfloorheatingstore.com/js/scriptaculous/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/scriptaculous/controls.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
394ee4643d5c3fc7d0a671052576e3e7250e6cbccc407772679a359ce59f2794
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/scriptaculous/controls.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-87ed"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
slider.js
www.theunderfloorheatingstore.com/js/scriptaculous/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/scriptaculous/slider.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
727ee107a8036e193fef85e1faf9e1eb145d25d03a4aa73d6db7c5ad71118797
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/scriptaculous/slider.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-285b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
js.js
www.theunderfloorheatingstore.com/js/varien/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/varien/js.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
834d26888b405e6a5788142159cec7b7a350c01989e4ccc775a32f03384dac52
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/varien/js.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-60a3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
form.js
www.theunderfloorheatingstore.com/js/varien/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/varien/form.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9fad5cd08dc30b810416bd4a496709695a538e65a64ed999d76672144cb497a0
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/varien/form.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-3aed"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
translate.js
www.theunderfloorheatingstore.com/js/mage/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/mage/translate.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
afe81d950e8d1ffd662af1a17383b87c48097d66bb682fb55fbf4c5ec7a57da6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/mage/translate.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-63b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookies.js
www.theunderfloorheatingstore.com/js/mage/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/mage/cookies.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
354ccee9a1629779dd81baea3db5714c785ffb99035a8f7376b6d72400142794
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/mage/cookies.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-a34"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
tooltip.js
www.theunderfloorheatingstore.com/js/prototype/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/prototype/tooltip.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a0859df49117b5ea1c1873f4bc07db7fadd8ab5be1e0309773834a28da014c5a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/prototype/tooltip.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-1c1f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr.custom.min.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/modernizr.custom.min.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
231a3be56e9321ed6447fe41538a3e1767fa38dff907d15154fb9bfc3a663a13
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/js/lib/modernizr.custom.min.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-22ac"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
matchMedia.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/matchMedia.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/js/lib/matchMedia.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-6a4"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
matchMedia.addListener.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/matchMedia.addListener.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/js/lib/matchMedia.addListener.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-b00"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
enquire.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/enquire.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
69cb6de7d8d6fce3527d119c2e798fafb347fde40a342e34442173686101654d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/js/lib/enquire.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-2530"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.js
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/app.js?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
e7f806ec3cec60a2efb858f33d7e53f1ec5e48b5b1bb1d3a050c3ef170cd78af
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/js/app.js?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-c15e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
imagesloaded.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/lib/imagesloaded.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
bf2ec382ec4d64a132be318e0c96ee0a523e121cf79df0f50c0c884162eef03a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/js/lib/imagesloaded.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-1aee"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/enterprise/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/enterprise/js/scripts.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
cf8a65e0d32c60960f5cfeeaf4fe989ad20bc51acc0bc2354067cf72f5d17ce9
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/enterprise/js/scripts.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-8708"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
minicart.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/default/js/minicart.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6e01d05c86bb83380fa587400b7e8f0eaef74fcac4cf47519c7c060d80bde200
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/default/js/minicart.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-1df9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
catalogevent.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/enterprise/js/enterprise/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/enterprise/js/enterprise/catalogevent.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
ec2acded891ba36c11c3d002066f4206c03937e22f7b2bcbdd6f2bdced71dcea
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/enterprise/js/enterprise/catalogevent.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-c24"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
wishlist.js
www.theunderfloorheatingstore.com/skin/frontend/rwd/enterprise/js/enterprise/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/rwd/enterprise/js/enterprise/wishlist.js?q=1576738576
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4d3e0e5850c28d2c6756aeea4f53b6b725416b99df387c06ad304687eb439d65
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/rwd/enterprise/js/enterprise/wishlist.js?q=1576738576
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:16 GMT
server
nginx
etag
W/"5dfb1f10-33a2"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-cookies.js
www.theunderfloorheatingstore.com/skin/frontend/base/default/js/mywetroom/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/base/default/js/mywetroom/jquery-cookies.js?q=1576738580
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
096989a128ad3bdc7182124c576a000d4036b77b08e7efa4eabc72530d71efc9
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/base/default/js/mywetroom/jquery-cookies.js?q=1576738580
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:20 GMT
server
nginx
etag
W/"5dfb1f14-c33"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
ufhs-mywetroom.js
www.theunderfloorheatingstore.com/skin/frontend/base/default/js/mywetroom/ 		736 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/base/default/js/mywetroom/ufhs-mywetroom.js?q=1576738580
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a8dcdaa83bb066affc93d362a2c519cddef1aad33dd3d66d6cb96a2e12382602
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/base/default/js/mywetroom/ufhs-mywetroom.js?q=1576738580
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
736
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:20 GMT
server
nginx
etag
"5dfb1f14-2e0"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
plugins.js
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/plugins.js?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
aec6f1f7b7769e8665706a3008aecb6682afe1f36376fcf88def7284565b5561
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/js/plugins.js?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-6684"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
theme.js
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/theme.js?q=1584116714
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
32b18b3ded27d60c1113b3dc170979ed1168d4a15c51f8fac7e33936c1d6c356
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/js/theme.js?q=1584116714
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 16:25:14 GMT
server
nginx
etag
W/"5e6bb3ea-2310"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
core.js
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/ufhs/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/ufhs/core.js?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
db348268e58c9d22535f56164228e79696a02da23bfc3d2a8d70c0d3fe59fc97
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/js/ufhs/core.js?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-8420"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
responsive.js
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/thirdparty/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/thirdparty/responsive.js?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
d741959ce98eafc81489d96b17632d2edc6a58d3365da98e614049bc4f41ef10
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/js/thirdparty/responsive.js?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-551a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.fancybox.pack.js
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/thirdparty/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/js/thirdparty/jquery.fancybox.pack.js?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/js/thirdparty/jquery.fancybox.pack.js?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-5a5f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/ 		822 KB
140 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5a62679314a88767dce91fc235ff249f6241ef4a15134df4465a425a010e2a8f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/css/styles.css?q=1616769302
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Mar 2021 14:35:02 GMT
server
nginx
etag
W/"605df116-cd744"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
responsive.css
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/stylesheets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/stylesheets/responsive.css?q=1576738581
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
e69aaf684183f313d3d40b44b0c8118fb9131364d18f50bb0ab9d7ca52e5ce37
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/stylesheets/responsive.css?q=1576738581
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
W/"5dfb1f15-b0d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-square.jpg
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/logo-square.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
83b9a74e7b13f0752391d6daca8b9567a0bf6283a34803aa5a71b57d3ebbc8c8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/images/logo-square.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
14533
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
"5dfb1f15-38c5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_medium.png
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/logo_medium.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b676ac07cefa29a597f9ca7b51d23da96126e9f198b113c238283bc8ae9995e6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/images/logo_medium.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4805
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
"5dfb1f15-12c5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_small.png
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/ 		19 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/logo_small.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a77676a20134bc2a3f90432e9d208a5894385848986984d291ac06645948b594
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/images/logo_small.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
19795
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
"5dfb1f15-4d53"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
stars.svg
www.theunderfloorheatingstore.com/media/wysiwyg/pages/header/trustpilot/ 		2 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/pages/header/trustpilot/stars.svg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a2ee5b8d80425194a58046b27d605c3fbdfd8b511cfbdbf8149debfc6c1726e4
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/pages/header/trustpilot/stars.svg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2507
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Jul 2020 11:05:21 GMT
server
nginx
etag
"5f1185f1-9cb"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
www.theunderfloorheatingstore.com/media/wysiwyg/pages/header/trustpilot/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/pages/header/trustpilot/logo.svg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
ba2db60b8c78b249a0ebae4c4cc017c36314bfbec32441d37951279464f2948d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/pages/header/trustpilot/logo.svg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5109
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Jul 2020 11:05:21 GMT
server
nginx
etag
"5f1185f1-13f5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		65 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
d7c92a27bb4233643a1a4e702207c7b96e4440822d5324dcd347baaf11865b8a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
66895
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:45 GMT
server
nginx
etag
"58cbb175-1054f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric-mats.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		153 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric-mats.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4f93144029773ecdd3521a24bb27edf9bd51734f1ee15d7070ae44cb9bcd2901
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric-mats.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
157057
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:52:26 GMT
server
nginx
etag
"5dbc46aa-26581"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric-cables.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric-cables.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
3cb10859a77dcb4246e3b25d77d85498446aa56cf14ab1d96f47b002cec4ebf1
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric-cables.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
137862
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:52:26 GMT
server
nginx
etag
"5dbc46aa-21a86"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric-wood.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric-wood.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
efb50f9b3150d47c57238863a91ceed0b82635c5f3211536ad502f39197aadf3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric-wood.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
163853
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:52:26 GMT
server
nginx
etag
"5dbc46aa-2800d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric-carpet.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric-carpet.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
176f7c83ab65e11a8f6c8fdd30146e1034eb1d7599d2a05db8a8b5ed64e0cb30
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric-carpet.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
158653
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:52:26 GMT
server
nginx
etag
"5dbc46aa-26bbd"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric-screed.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric-screed.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4a17874bcb68c851c3c07329f9afcd0427fbf2fc3b74a0ce01880a721fcca50f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric-screed.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
169043
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:52:26 GMT
server
nginx
etag
"5dbc46aa-29453"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-electric-insulation.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-electric-insulation.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
23084d3e598bfde41b9a029adacc7d2dac9e485ff2eb01e71c347c7fa43abaa8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-electric-insulation.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
89268
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Mar 2018 14:34:44 GMT
server
nginx
etag
"5a9ea704-15cb4"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
manual-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/manual-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7e08a9351a0521d1f6ba41356a5e11b55258f7ea58008150782326a4c2bc67b3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/manual-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
11038
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-2b1e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
program-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/program-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
47417ef90f0f9df77cefd38b95de9a50e2f7dfacb6f777443f3a38728fcc5d34
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/program-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
21254
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:56:42 GMT
server
nginx
etag
"5dbc47aa-5306"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
touch-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		34 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/touch-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
19f29982c412e1d174ffe3c10512c4963c3c6afde804d9b78d2a7e029c40ba98
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/touch-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
35287
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Apr 2020 07:49:00 GMT
server
nginx
etag
"5e995f6c-89d7"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
smart-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/smart-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
08170ab2776ddbb39b467f472afecb64a4de015e3c052bd4d9d79e3be3797083
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/smart-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
39688
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Mar 2019 11:30:48 GMT
server
nginx
etag
"5c9cb068-9b08"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wiring.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/wiring.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a59c143f45369231b36ba5a6126f7d732848cfe052a297155889aa6491dc9d69
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/wiring.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
10873
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:10 GMT
server
nginx
etag
"58db7a2e-2a79"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tiling.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/tiling.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
076f1a62f9d5244342029601f446c2ffd05d33099667f4cc792e52ceff324a2d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/tiling.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
11149
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-2b8d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
installation.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/installation.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
af1f05851e0881ed46bf148f956fd434c38e3618c3d45fd11f6a1ede32f4aca8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/installation.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
11937
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-2ea1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fixings.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/fixings.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
331d02a3006ffa388bfc8390be476d67804a3a3a0ed3da1b12ca6e20f5a04d1a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/fixings.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
16462
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-404e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
devi.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/devi.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2ad44ea4870ae4f4ab46fb93d9af24f29b24ca3cf120148b939af15930e3e7d1
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/devi.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
13355
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:23 GMT
server
nginx
etag
"58db7a3b-342b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
thermoflex.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/thermoflex.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
df9111f0e9912ff0bb023b694fa91b9d395b6ad59712689a221f4583a2dd1c8f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/thermoflex.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
11983
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:23 GMT
server
nginx
etag
"58db7a3b-2ecf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
warmup.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/warmup.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b7be0dc6d394b25d38f79ca6e7e30cf53097a951dab2de2bfdf01fa1b5e54b16
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/warmup.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
38570
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Oct 2017 12:14:10 GMT
server
nginx
etag
"59e9e892-96aa"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
prowarm-elec.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/prowarm-elec.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
1c4ef54234804fc0e511201b83441598e7ef6f1d3268f3d3d587f02d94769dd0
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/prowarm-elec.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
45079
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 15:18:58 GMT
server
nginx
etag
"5dbc4ce2-b017"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		60 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
d2845c86a714f33d71194662d110e2be43fccbdc88b765a25f0bdd0b0016e824
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
61802
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-f16a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water-high.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		98 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water-high.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
e29399fc40fb6b528c19a2eb66654a484ec57e7b75d8bcfb2e39a387a2a41923
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water-high.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
99843
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-18603"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water-standard.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water-standard.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
013acd3c7db055442ef883ecf3a862086aa117160ae06e2e95119d32fd09a206
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water-standard.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
82111
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-140bf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water-profile.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water-profile.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7a3f012b9a7aa14219d61931b3f59afd74f6aedcf7585436e0c2cc042ec3eab2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water-profile.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
90116
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Sep 2017 11:29:53 GMT
server
nginx
etag
"59b916b1-16004"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water-multi.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water-multi.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2ec9796e5d40aae2462f523bc2f9eb9491d1da72100677b310ab329a36571e6f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water-multi.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
80838
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Sep 2017 11:29:54 GMT
server
nginx
etag
"59b916b2-13bc6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water-insulation.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water-insulation.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b75a698fce24cee6cf9116ba05e8fb28f3f63dc3f2f4d78fdfcbe51f4c1f75be
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water-insulation.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
70582
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 May 2018 10:02:43 GMT
server
nginx
etag
"5af95ec3-113b6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-water-manifolds.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-water-manifolds.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
0babe67f4147899c30aec73fef519e43fa5c6743a00e1901e8b57b2956d7ed54
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-water-manifolds.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
54427
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Sep 2017 11:32:12 GMT
server
nginx
etag
"59b9173c-d49b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
water-program-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/water-program-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
0e358e3513994ec13bb7321c12e18c28a9171c4d49db7f49520951723c05c2ac
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/water-program-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3715
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-e83"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
water-touch-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/water-touch-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a1265b6eb5e33fbd8a931d5e10a5a7ebfa49460a8c0009b6c8d9f82c172708ec
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/water-touch-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2997
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-bb5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
water-wireless-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/water-wireless-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
04513f71b60258460af947ebb43ef96a957a88ed3c4a6161bd23329c2531b11d
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/water-wireless-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3715
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-e83"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
water-smart-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/water-smart-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
593bbce28facc038c137ecd14b6bc1c73339b289e071beaf99bd289f8bfdda84
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/water-smart-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6473
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-1949"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
water-network-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/water-network-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
aa3600912333ad2c839ed5ef793682f16a77c975ab495a41fb9ee38aa267f400
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/water-network-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3763
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-eb3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
hot-water-therm.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/hot-water-therm.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6ddaa939fd8786e9bc8fb639cce3fad3f4d487f7ed7ef5a925ee081755b110ff
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/hot-water-therm.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2118
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-846"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wiring-centres.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/wiring-centres.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5666740acb4a223e96e15c622b7becae5f07763447190cb27263984e8ac33d79
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/wiring-centres.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5787
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:10 GMT
server
nginx
etag
"58db7a2e-169b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
actuator.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/actuator.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9ef6c4a1bf670e85f3d9f8f8732f57c496f9f5009332c5cb6d1933e3ff6f33b8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/actuator.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5991
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-1767"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
couplings.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/couplings.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
ba383718c65086d3eaf351479a1ecd5c39e2bad739c7168c67042afae147e235
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/couplings.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7898
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-1eda"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pipe.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/pipe.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7965f0586b87cadc7fdc72d1a579459479c806563c57bd4dc469a83540ef47d7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/pipe.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7798
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-1e76"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wfixings.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/wfixings.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
508a22dbc591bf34976632b74491e0af0323b72af7065ab4f3e4f9dfdce393c2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/wfixings.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6213
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-1845"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pumps.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/pumps.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
55cfd5c8c49f1225cb5b9f4a7929c9a67b2d08a7b29d236cce7c613163b235c8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/pumps.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
26164
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Sep 2017 11:27:45 GMT
server
nginx
etag
"59b91631-6634"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
valves.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/valves.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
baf97e8318cb460d271b802858f5d7aa553a7e4664a53f9a9637565ec0fdeaf6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/valves.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6327
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-18b7"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tools.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/tools.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9afdebe90283849feb8f159b7e273c57236be66a45e111838f4a47a24d5785a3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/tools.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5633
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-1601"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
spreader.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/spreader.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
1e339a5c9fdda167d1172bbfdbbece082ec0a670a74c5a051b812debd472ae31
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/spreader.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5800
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:09 GMT
server
nginx
etag
"58db7a2d-16a8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
polypipe.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/polypipe.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7fe5d32728f78391f77003f2d869525c5af42290b3fad8bc7adbf4fa84c3574c
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/polypipe.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
15333
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 13 Aug 2018 08:40:06 GMT
server
nginx
etag
"5b7143e6-3be5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
john-guest-water.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/john-guest-water.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9d16e1818e16fb571b9e79a111a2bcd0e15a144ec1da5cd25ed5461d48d585d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/john-guest-water.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
15329
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 13 Aug 2018 08:36:29 GMT
server
nginx
etag
"5b71430d-3be1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wavin-water.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/wavin-water.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
42bf54088639af1e367ff495ed4088a7fcdc9a58c3e4aeb9ce9bf1105df84ad6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/wavin-water.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
56267
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Mar 2020 15:29:41 GMT
server
nginx
etag
"5e7e1be5-dbcb"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
prowarm-water.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/prowarm-water.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a2d9c543ac2fbd8bd93b41036a6144d069d77719b6739d84e98199b0f85b6534
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/prowarm-water.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
14914
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 13 Aug 2018 08:36:29 GMT
server
nginx
etag
"5b71430d-3a42"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-themostats.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-themostats.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
67ba9479fcf47e9a23251a07079453aa907814fde1b4e797c1ab5d9a2be274bf
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-themostats.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
80872
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Mar 2019 11:09:19 GMT
server
nginx
etag
"5c9cab5f-13be8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-home-control.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-home-control.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c2c20710d23b84b023f97288bb61a47b954845155565ef946bdf5800c36b38b6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-home-control.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
64755
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-fcf3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-insulation.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		149 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-insulation.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2aa169baef4f95fa33ee60f4d067d7650ce6397e39d38a004ef5500b34db731f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-insulation.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
152078
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Mar 2018 14:34:44 GMT
server
nginx
etag
"5a9ea704-2520e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-adhesives-new.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-adhesives-new.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4a657e1719b5ef2a255ad90a7f0b1095df4700e24f9170c3ea1cca8c2aaa9d54
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-adhesives-new.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
154809
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Apr 2018 10:10:35 GMT
server
nginx
etag
"5ad4769b-25cb9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-adhesives-adhesives.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-adhesives-adhesives.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
3c6e81db4c34121ba1fd28089484c78207a5e04c984e5eeb64d0e3fe70fadaa6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-adhesives-adhesives.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
88901
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Apr 2018 09:29:57 GMT
server
nginx
etag
"5ad46d15-15b45"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-adhesives-levellers.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-adhesives-levellers.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
bf1ee50d5562c30a73c6dd05ef24203c1ca32cc9a7fbfb7655a8b390fd988966
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-adhesives-levellers.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
61156
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 13:44:26 GMT
server
nginx
etag
"5ae71dba-eee4"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-adhesives-primers.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-adhesives-primers.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
cca4312df263c994d252ea89e55866862d4c5a5e2e6a5d04ee85b5324b979d09
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-adhesives-primers.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
59986
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Apr 2018 09:29:56 GMT
server
nginx
etag
"5ad46d14-ea52"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-adhesives-grouts.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-adhesives-grouts.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
0ebc7b39f58b4c5965edb410388f13bb50947f1ced28a954b6a44846bebca281
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-adhesives-grouts.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
64274
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Apr 2018 09:29:56 GMT
server
nginx
etag
"5ad46d14-fb12"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-adhesives-uncoupling.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-adhesives-uncoupling.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2cc87c700434133aa030b9a4b19de3dfbf66ee2e2a9a9dc5a6910c7b6dc616c3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-adhesives-uncoupling.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
62467
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Mar 2020 09:58:07 GMT
server
nginx
etag
"5e60cd2f-f403"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ultra-adhes.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ultra-adhes.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
991c8488bc950128810e71342f4b496feaa323ab122bc7d8c1848d2d15221b2a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/ultra-adhes.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
15988
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Apr 2018 09:40:52 GMT
server
nginx
etag
"5ad46fa4-3e74"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
bal-adhes.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/bal-adhes.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
13b8bd50a4554211409114696af3abec88a8b7f06ebe506fcc439b74bebeac98
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/bal-adhes.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
13976
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:22 GMT
server
nginx
etag
"58db7a3a-3698"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
mapei-adhes.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/sub/brands/mapei-adhes.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c936abcf06efca6af9070a7cb92b1456e03d2272810b1ca852940ac34e13bfc7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/sub/brands/mapei-adhes.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
21155
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:23 GMT
server
nginx
etag
"58db7a3b-52a3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetrooms.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetrooms.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5e0970e66d34be7885e9844708580dbe87dfea5abb4de30b2060feab45dd08f7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetrooms.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
167958
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 13:51:53 GMT
server
nginx
etag
"5ae71f79-29016"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-drains.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		91 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-drains.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
778abf5d0055d55a704c47b9522bb64e714418ab4d3bd46d78ed60c6a08f08c6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-drains.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
93644
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-16dcc"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-lustrolite.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		70 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-lustrolite.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
e692a6d8a5621ca97dea21285ad381927a32d2931630942ac5c5825bbe4296b9
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-lustrolite.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
72133
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-119c5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-backer.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-backer.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b31a8e6d859f02f97105202fca369ec75ff6eec0c870100ad509b6e9a7cc3e31
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-backer.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
68787
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-10cb3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-towel.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-towel.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
36d3679cca3d939ea395dbe44f8ff9d5795650ad0b47d65406713683f0348776
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-towel.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
55866
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-da3a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-showers.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		59 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-showers.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
dd9ce2d9768fadc5a5f5a520a9c347dc1609e3099ee49199c3e5f94d5dfc33f0
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-showers.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
60812
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 13:46:38 GMT
server
nginx
etag
"5ae71e3e-ed8c"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-installation.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-installation.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
757ce508c431b71c65582d1dc02f3527e8fc8f81590eb20b1d6f20f25847ef80
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-installation.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
69327
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:47 GMT
server
nginx
etag
"58cbb177-10ecf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-basins-toilets.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-basins-toilets.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6b00be6cc35a0cf25227a05566c2b75fbc5b92bc8d720970375a50a476392917
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-basins-toilets.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
46659
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 13:44:32 GMT
server
nginx
etag
"5ae71dc0-b643"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-accessories.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		61 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-accessories.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
37d06a3694e4728b47b1e208a99e1fb016e8282ee657a775ec885bfbc4a8bc01
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-accessories.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
62953
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 13:44:34 GMT
server
nginx
etag
"5ae71dc2-f5e9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-taps.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-taps.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5c7ace2b859beb8ec6e4597db2b9641be2279f04e4de958fee5d7cd410408645
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-taps.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
53380
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 13:44:28 GMT
server
nginx
etag
"5ae71dbc-d084"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-wetroom-electricals.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		54 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-wetroom-electricals.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
dcc592a30ea421834289a22ce6c83e82e81cda583a89c129d933aa86613f08c6
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-wetroom-electricals.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
55685
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 05 Apr 2018 16:01:06 GMT
server
nginx
etag
"5ac64842-d985"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-heat-pump.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-heat-pump.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4483dddd0cf7719c4e692d216ec2872aa941dfa344fbf39634d011dec3c7be59
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-heat-pump.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
72865
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-11ca1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-renewable-pumps.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		60 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-renewable-pumps.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
0a65ba4f8b7b0753fd06db13bdfadf01b710d79c623aa96d50ab13d4607d7e46
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-renewable-pumps.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
61927
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-f1e7"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-renewable-accessory.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-renewable-accessory.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2e021a86217afd2b3f80ecdc63ad244d87cfffcc5fea3ca1e1b6b199e9766bca
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-renewable-accessory.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
44055
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-ac17"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-renewable-boiler.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		63 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-renewable-boiler.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
120caad0919773c1bfafaa42df0dd74a5afd6bc440b11d40c2cf03ece435fb89
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-renewable-boiler.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
64987
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-fddb"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-renewable-cylinder.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-renewable-cylinder.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b5e733d64c971d8b0ad8887cc744ee13ad07d6e8691f034af6f6ef2a36de8561
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-renewable-cylinder.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30640
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-77b0"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fo-renewable-solar-thermal.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/fo-renewable-solar-thermal.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b5d172cc38e4545422f47a24afd5c24652e572f92538fcdf95e5ce1e59a37d40
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/fo-renewable-solar-thermal.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
86758
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:50:46 GMT
server
nginx
etag
"58cbb176-152e6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
new-black.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/new-black.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
534620356486b66461a79e2322b94464c82158a52bd6c4abb697a4d5f708790a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/common/new-black.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1179
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Oct 2018 14:18:46 GMT
server
nginx
etag
"5bc4a1c6-49b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
product.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-v2/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-v2/product.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5c24612fcd9c32a2ad065a8153775a094c8fe871dedd5a029573738177510289
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/protouch-v2/product.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
33513
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Aug 2020 09:52:17 GMT
server
nginx
etag
"5f2a8151-82e9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-v2/ 		6 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-v2/logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
54ec77e290793026365c7381affd71d358ed775a464fa4a70627bfd2ea90410b
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/protouch-v2/logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6504
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Aug 2020 09:30:34 GMT
server
nginx
etag
"5f2a7c3a-1968"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprint.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-v2/ 		9 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-v2/fingerprint.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
18a42515cb6eca5d1e76d8fa8b71c0f6af7633baeeebac2d5a4d9f3729561647
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/protouch-v2/fingerprint.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
9592
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Aug 2020 09:30:34 GMT
server
nginx
etag
"5f2a7c3a-2578"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
button-in-stock-now.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/button-in-stock-now.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
aa9acc781287b05e0830fbadb1d53a91eb27cf10326c7793e4994ea298e36e00
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/common/button-in-stock-now.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1623
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Aug 2020 09:30:21 GMT
server
nginx
etag
"5f2a7c2d-657"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner-lg.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/loflo-lite/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/loflo-lite/banner-lg.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a57192d2c7749c9720fd183c8ef2afc4386a8671a8e309f8ad3a9761932a3e27
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/loflo-lite/banner-lg.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
70870
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 25 Jun 2020 14:37:01 GMT
server
nginx
etag
"5ef4b68d-114d6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
coronavirus.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/coronavirus.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
55a5ad271669bf124135881be702c4a8a674e4ccba192ef7d86db67e8560c254
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/coronavirus.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
41969
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 24 Mar 2020 09:58:54 GMT
server
nginx
etag
"5e79d9de-a3f1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
kit.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/kit.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5cd19a37c73848e91dd15f182abadec907194bba4da5d9b2f773441ed34b1f98
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/wavin/kit.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
85867
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Mar 2020 08:52:55 GMT
server
nginx
etag
"5e675567-14f6b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9804e602748c877c7f04678303ecea4537b57211a47350f5c7b98748c4c42b05
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/wavin/logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
9531
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Mar 2020 08:52:56 GMT
server
nginx
etag
"5e675568-253b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pipe-heart.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/pipe-heart.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
465dafe944f6b170677834cc570f6d3c5680124d2d315a5f9ebdbdffe00822af
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/wavin/pipe-heart.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
106211
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Mar 2020 08:52:55 GMT
server
nginx
etag
"5e675567-19ee3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
view-all-kits-button.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/wavin/view-all-kits-button.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
079981c8cfc50618db24f606febad78bde1211b294a9ecd3ba21a9912c4ad0ea
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/wavin/view-all-kits-button.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1980
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Mar 2020 08:52:55 GMT
server
nginx
etag
"5e675567-7bc"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
now-in-stock-orange.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/now-in-stock-orange.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
193fb2b894780d607e71e22d30f2ba1f1ac6f1887666693aeb913dbe561067ff
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/common/now-in-stock-orange.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6067
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Feb 2019 12:39:39 GMT
server
nginx
etag
"5c5ad58b-17b3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
intro.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-wifi/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-wifi/intro.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
ebdea829c1cbb752143dbedeeef7399a77186c1e00a1a1311193709f655faa98
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/protouch-wifi/intro.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1772
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Feb 2019 12:39:32 GMT
server
nginx
etag
"5c5ad584-6ec"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-wifi/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-wifi/logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
934dfdaa48bbe6eaedc9041a705490e5ab54084686d21c73baf12b0919fc2b4a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/protouch-wifi/logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4324
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Feb 2019 12:39:32 GMT
server
nginx
etag
"5c5ad584-10e4"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slice-image.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-wifi/ 		53 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/protouch-wifi/slice-image.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
3d7eaa76f7e1c6ab91c85acc8ff329c7384cccafaa8e7e61da44602bc2c156b3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/protouch-wifi/slice-image.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
54637
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Feb 2019 12:39:32 GMT
server
nginx
etag
"5c5ad584-d56d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
button-buy-now-orange.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/button-buy-now-orange.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
d22326d67bf2e8ca0e2b2407ee8b7a30c5e6c83850bba01b662290c5e6865b71
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/common/button-buy-now-orange.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3994
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Feb 2019 12:39:39 GMT
server
nginx
etag
"5c5ad58b-f9a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/backer-boards/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/backer-boards/logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
81f417fef96de090190eb6d24083e0005174695350346e3f18a3e007bc0a5a63
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/backer-boards/logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2998
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Oct 2018 14:18:45 GMT
server
nginx
etag
"5bc4a1c5-bb6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
price.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/backer-boards/ 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/backer-boards/price.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9bd2754f65de6e31f6888b5079c07a8797d8b965fe519b4746815d724eeff210
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/backer-boards/price.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5481
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Oct 2018 14:18:45 GMT
server
nginx
etag
"5bc4a1c5-1569"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slice-image.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/backer-boards/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/backer-boards/slice-image.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2a1065028d46a7255e9bf627b9acc5ef518ddc3df45022c84dbd48fbffb791f5
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/backer-boards/slice-image.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
45007
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Oct 2018 14:18:45 GMT
server
nginx
etag
"5bc4a1c5-afcf"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
best-seller.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/ 		974 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/best-seller.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
55c3f11c27d2e823423283afeda40eaf70dbb9a6f7e253a04afabf0a4068be02
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/common/best-seller.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
974
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Oct 2018 14:18:45 GMT
server
nginx
etag
"5bc4a1c5-3ce"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
button-see-full-range.png
www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/mobile/common/button-see-full-range.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
f36192f3148f6ebeab0125d9d019c00551965706279ce835f95a0ce0966a8892
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/mobile/common/button-see-full-range.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1597
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Oct 2018 14:18:46 GMT
server
nginx
etag
"5bc4a1c6-63d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
protouch-v2.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/protouch-v2.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
33d600e129a241a756080d20400c8ac080a1ea164d4e020b57cd5dc1ab33b19a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/protouch-v2.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
88939
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Aug 2020 14:31:21 GMT
server
nginx
etag
"5f297139-15b6b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
loflo-lite.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/loflo-lite.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
d46893944624e38cad56a7d06baeb1f70fe3f4fa698f20ca6eaece97e1979fca
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/loflo-lite.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
126493
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 17 Jun 2020 11:58:50 GMT
server
nginx
etag
"5eea057a-1ee1d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
coronavirus.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/coronavirus.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
69ed8b42733bcbc8850c04f728f8c21d4f0728a9607510e03f623726f9d8d0cc
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/coronavirus.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
71882
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Jun 2020 14:01:07 GMT
server
nginx
etag
"5eeb73a3-118ca"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wavin-coming-soon.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/wavin-coming-soon.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
8e55233cf5a8bb044ee331faada0609d54988b5cda2d68fe5085302b6712119f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/wavin-coming-soon.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
103279
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Mar 2020 08:52:48 GMT
server
nginx
etag
"5e675560-1936f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
loflo.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/loflo.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4630a85a458ac45fd0222700eba90e49a5eaeca96ddfc7f73413b19972d83539
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/loflo.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
115729
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 Feb 2020 14:39:44 GMT
server
nginx
etag
"5e4e9a30-1c411"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
prodigital-thermostat.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/prodigital-thermostat.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
33e0284235567d3832d20f620033b985f0b455301aee17693189ce4b5bf771a3
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/prodigital-thermostat.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
70368
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Nov 2019 09:56:48 GMT
server
nginx
etag
"5dc298e0-112e0"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
protouch-wifi.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/protouch-wifi.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
f6fa40244e4757c7524dd7a6e783e46f6e863d2fbd7d9fa9ad431a766074cce8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/protouch-wifi.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
80107
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Mar 2019 11:52:54 GMT
server
nginx
etag
"5c9cb596-138eb"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Water-Hero-Image2.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		112 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/Water-Hero-Image2.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
dda7f9ffd1f6a0ae61968200adda1002458550f0fdd92e0ab084ccaa7124289a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/Water-Hero-Image2.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
115042
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Sep 2017 11:25:17 GMT
server
nginx
etag
"59b9159d-1c162"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
electric-underfloor-heating-mats_1.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/electric-underfloor-heating-mats_1.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
67399f5551e4d7b8a201ddc8d7690eab1673c3df631b8776d9f301875a85d930
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/electric-underfloor-heating-mats_1.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
115657
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:30:31 GMT
server
nginx
etag
"5dbc4187-1c3c9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cable-cat_6.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		85 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/cable-cat_6.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6f5338d3451599b246f750be88210bbf0ff3dcba87288f3d6cd76ad5c9994116
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/cable-cat_6.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
87338
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:34:30 GMT
server
nginx
etag
"5dbc4276-1552a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
foil-cat-pic_1_5.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/foil-cat-pic_1_5.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7f410ee0877d8284e439b57edc1aae7a9e35755877446a350fe9e78a5346600f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/foil-cat-pic_1_5.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
99321
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2019 14:34:31 GMT
server
nginx
etag
"5dbc4277-183f9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
hp-stats.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/hp-stats.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
8a93882c20b5adb5bda95877870a6f95d4cd6a1fdb46cf3408268195bdb87460
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/hp-stats.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
56170
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Mar 2019 11:27:10 GMT
server
nginx
etag
"5c9caf8e-db6a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wetroom_1.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/wetroom_1.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
01b976f870c039a23b17135909b0dab7305dfc5f132edf4e025a5d818674058b
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/wetroom_1.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
87777
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Dec 2015 15:02:28 GMT
server
nginx
etag
"56702b84-156e1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
new-boards-img.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		84 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/new-boards-img.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c581514597ce23b826d5c5d8c91b6d281f5545957cefedc1224295c6aca1dcab
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/new-boards-img.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
86325
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Jul 2016 08:42:37 GMT
server
nginx
etag
"578f397d-15135"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
adhesives-category_1.png
www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/adhesives-category_1.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
396ce1e6e4f1423d3a462cd2ec1c399d958f01da304d3c9fb645a50c140952dd
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/catalog/category/cache/1/thumbnail/9df78eab33525d08d6e5fb8d27136e95/adhesives-category_1.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
86144
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Apr 2018 10:29:58 GMT
server
nginx
etag
"5ad47b26-15080"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
beeny-arms-crossed.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		25 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/beeny-arms-crossed.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b6bd70c06f1d6dfdf22abf79c234cb8935ea11f7d37caea159b001850c32af35
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/beeny-arms-crossed.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
26090
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Jan 2018 09:43:36 GMT
server
nginx
etag
"5a4b5448-65ea"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
these-guys-quote.png
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/these-guys-quote.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
86bc43ffa63b6a3e925c2d64b8f1ddde103aba67b6ddec17854d915f492a5468
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/these-guys-quote.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2217
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:36 GMT
server
nginx
etag
"59df1080-8a9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
builder.png
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/quote-panel/ 		18 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/quote-panel/builder.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
fbf5da438554e2343262f428f24a27243e2209edc9d8a458a731b359529eddc4
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/quote-panel/builder.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
18869
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:37 GMT
server
nginx
etag
"59df1081-49b5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
lifestyle.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/quote-panel/ 		42 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/quote-panel/lifestyle.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
188e903071bf9244127264e79731a15cf80c94ca3be47e8135d3e1e721ac61c4
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/quote-panel/lifestyle.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
43510
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:37 GMT
server
nginx
etag
"59df1081-a9f6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
help-and-advice-strip.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		27 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/help-and-advice-strip.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
90aa9520d5b95aeb0d587d625cdedf46904c1b49211ddb27743521c271347908
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/help-and-advice-strip.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
28034
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:36 GMT
server
nginx
etag
"59df1080-6d82"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
help-and-advice-strip-mobile.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/help-and-advice-strip-mobile.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
64512da06ce7ae3804eaa6a09a485bdbb7f7ed53f9db3da4965531128c20dd8b
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/help-and-advice-strip-mobile.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30963
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:36 GMT
server
nginx
etag
"59df1080-78f3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
trustpilot-reviews.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		18 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/trustpilot-reviews.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c81debc4a7e218629c21a929342f5a23e762c6853daa5bd9c84b095033e863ae
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/trustpilot-reviews.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
18810
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Jul 2020 11:12:53 GMT
server
nginx
etag
"5f1187b5-497a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gold-feefo-reviews.png
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/gold-feefo-reviews.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b3687c5c24bf8730ed63babea28b3ac5e2b239f361e3dee2ecb91eb21f497e81
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/gold-feefo-reviews.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6714
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:36 GMT
server
nginx
etag
"59df1080-1a3a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tbc.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/tbc.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
ee4ba0ec3d2f264cbb49054ff4e6e56225050852806e407ff8655f8339dbc5ee
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/news-articles/tbc.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
26618
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Apr 2020 08:53:55 GMT
server
nginx
etag
"5ea157a3-67fa"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
homebuilding-and-renovating-logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/homebuilding-and-renovating-logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4b8f0f9f69149a2918a5cb521eae1a60d68b5babd662c81c0f014571b6b7e996
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/news-articles/homebuilding-and-renovating-logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1917
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:37 GMT
server
nginx
etag
"59df1081-77d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
amazon.png
www.theunderfloorheatingstore.com/media/wysiwyg/awards/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/awards/amazon.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
f206c91da67b83f71f1d6d2e2de1551c3ecfdc0288aaa4826455307000e5dfac
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/awards/amazon.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4369
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:04:49 GMT
server
nginx
etag
"58db78b1-1111"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
new-bathroom-range.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/new-bathroom-range.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9204bbba9b087a4520642211ac68f8a7a5a89e2fe07d4b8a303e4841fb58cfab
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/news-articles/new-bathroom-range.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
18097
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 30 Apr 2018 14:51:58 GMT
server
nginx
etag
"5ae72d8e-46b1"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
diy-sos-crew.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/diy-sos-crew.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
095c0fc1a55acb2ed5164bf5720744be7961efca72b4080b36633d1180a045ca
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/news-articles/diy-sos-crew.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
25331
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Mar 2018 16:56:46 GMT
server
nginx
etag
"5aa019ce-62f3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
diy-sos.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/diy-sos.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
af791df78fd2cd475195d40957ef17e978cfc8679592ca2c9c4bf4b062f05d6a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/news-articles/diy-sos.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7295
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Mar 2018 16:56:46 GMT
server
nginx
etag
"5aa019ce-1c7f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
talksport-jingle.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/news-articles/talksport-jingle.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
62804088c6d76caf2bca40ba80d4d75f38ec54925037abdc6a21d28daf756336
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/news-articles/talksport-jingle.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
17488
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2017 06:49:37 GMT
server
nginx
etag
"59df1081-4450"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
paypal-strip.png
www.theunderfloorheatingstore.com/media/wysiwyg/homepage/ 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/homepage/paypal-strip.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
35ccb9f798d72137788402026ab9f37d7a3d76e045af3575632f306afb055fb8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/homepage/paypal-strip.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
127631
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 26 Mar 2021 16:11:12 GMT
server
nginx
etag
"605e07a0-1f28f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
as-seen-in-left.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/as-seen-in-left.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5a7005b98fbd2695c2c509ab0ce3ff3283ef4f727fd0eca138eaea2eb2e24632
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/as-seen-in-left.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
12865
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:40 GMT
server
nginx
etag
"58cbb134-3241"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
as-seen-in-right.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/as-seen-in-right.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
bb5430f63d59d96b02b875aed90b4a8e3f23bae87b2d1ae9d2bae5b3662fcc27
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/as-seen-in-right.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
16639
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-40ff"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
as-seen-on-left.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/as-seen-on-left.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
62e44d1153b7b98bdf7f06d7c772f1d60b29c160833fe16f33313037ef6eeca7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/as-seen-on-left.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
14279
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-37c7"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
as-seen-on-right.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/as-seen-on-right.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c9cd52ffcd5dddb61070cf25292e8812e73c508ee598e778baf4de77945dc8c0
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/as-seen-on-right.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
16105
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Sep 2017 15:21:09 GMT
server
nginx
etag
"59ce64e5-3ee9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
were-rated-excellent.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/were-rated-excellent.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
795067792fe4113e2c6e3c79eb2516376918940d7e14d5872f7e2b494f08d946
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/were-rated-excellent.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
14292
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Oct 2017 15:38:23 GMT
server
nginx
etag
"59de3aef-37d4"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
block-trader.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/block-trader.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
2c26a5e7d436214dd0a43d0e8e303d35c53f835813bc3236d9efa326aeddac32
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/block-trader.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
46764
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-b6ac"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
our-promise-panel.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/our-promise-panel.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b8852ef4541cc6b854bca3867294d791a62a7e001d3dd0bda1ef3a1d5bb61583
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/our-promise-panel.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
23197
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Oct 2017 15:38:23 GMT
server
nginx
etag
"59de3aef-5a9d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-amazon-growing-business.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		32 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-amazon-growing-business.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c4aa9fb1445f056fb5bbff6fc1afdd2ae7072aac096f228810bd3788abcdc5f7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-amazon-growing-business.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
33274
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 Dec 2018 17:21:21 GMT
server
nginx
etag
"5c056611-81fa"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-amazon-growing-business-mobile.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		32 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-amazon-growing-business-mobile.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
33fb113c788de38b7b3461ea781579f77273b424ecfe032df3221564df5cd0e5
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-amazon-growing-business-mobile.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
33169
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 Dec 2018 17:21:19 GMT
server
nginx
etag
"5c05660f-8191"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-lloyds-2018.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-lloyds-2018.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
145988bdc1f7eff444b4d85e9cfb3d17aaff944f8841dcecab64a3934ddc48ea
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-lloyds-2018.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
11027
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 Dec 2018 17:21:21 GMT
server
nginx
etag
"5c056611-2b13"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-smarta.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-smarta.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
858e4b6b8f2dd497dfeece5cc3dec30a471275a04cb604ffebf17063b10f0579
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-smarta.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
10456
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-28d8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-2012.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-2012.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7b4ffe9fab0547702bb2945fcae1264c5d8e491f91776418459a6e5aaa03dfdb
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-2012.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
8664
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-21d8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-breakthrough.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-breakthrough.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
abb08b8e18f80cef1f5b9a361721ad6cb4fae63519b4ebb3a2db6ac9950e6cde
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-breakthrough.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5414
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-1526"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-buildit-2018.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-buildit-2018.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
75c7173e0ceff55548633a14cdbbefccb1f145e37d59fbc183daa51ce4ec3961
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-buildit-2018.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5969
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 Dec 2018 17:21:19 GMT
server
nginx
etag
"5c05660f-1751"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-ics.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-ics.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c39fd1abda454252fb8522e7445ad7dfa59fa64d37d798af34a41b44722ec3ac
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-ics.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
17996
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-464c"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
awards-fasttrack.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/awards-fasttrack.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
eab0f16a773f174ec6e88d476e2611423ba3fc6f107f74596bec9c3a2e8e5938
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/awards-fasttrack.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
9130
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:41 GMT
server
nginx
etag
"58cbb135-23aa"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
little-havens-full.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/little-havens-full.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6e85f87aa92607f7d8e5420f39b62b83a8e4180c8441dfa145342ae23947aa0c
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/little-havens-full.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30515
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Jul 2020 09:11:17 GMT
server
nginx
etag
"5f195435-7733"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
little-havens-small.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/little-havens-small.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
10c566edb673aff29e871a2b64511482014828a76c43a2150f932e99b9a5aa51
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/little-havens-small.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
22119
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Jul 2020 09:11:17 GMT
server
nginx
etag
"5f195435-5667"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
bargain-corner.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/bargain-corner.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
31f7474a8bf6567289a3e9650172ca9a2240c758ae129a761d3deca1ca57e5fa
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/bargain-corner.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1612
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:05:08 GMT
server
nginx
etag
"58db78c4-64c"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
help-and-advice.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/help-and-advice.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
0a2f622173010389d1ba6729e8dff646fcb4a2bfa433ec5a71a46accbb97a9da
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/help-and-advice.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
49178
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Mar 2017 09:49:42 GMT
server
nginx
etag
"58cbb136-c01a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c6a806c08ca76099913d58d18d94ddeb614d15134d69fb392ea0529f17ca3964
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7003
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:05:09 GMT
server
nginx
etag
"58db78c5-1b5b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gas-safe.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/gas-safe.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
c21cd61b25693f120b2c4399282508c010e77fd7e6401a06c4a6c7acf9de33b7
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/gas-safe.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5544
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 17 Dec 2019 12:38:06 GMT
server
nginx
etag
"5df8cc2e-15a8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tp-logo.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/tp-logo.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
5cf45adecb0981eef5e0de613df94d883f39f8de323da1a7535053efbef0e49e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/tp-logo.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3369
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:05:09 GMT
server
nginx
etag
"58db78c5-d29"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		667 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/visa.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b054fd69d7f9b86ff1db7f110b28aee0b17594f9aaac7611dd1e5dc6f8e224cd
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/visa.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
667
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-29b"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
mastercard.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/mastercard.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
9fb7cc778e5a0403e8b6e3daa7b22970ee02770293755a9058e9ed8520bc36ed
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/mastercard.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1134
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-46e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
maestro.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/maestro.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
ba9a6c572b26afbc15b528cc9b610b19f51d90f5cbcad9a2522f8e50b8e2b659
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/maestro.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1157
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-485"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
visa-electron.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		782 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/visa-electron.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
bd1044a25c283ca5ef4d60f1d9de25d87a7521f7c0479c4afe92d8617f3ec1bd
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/visa-electron.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
782
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-30e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
american-express.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		963 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/american-express.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
4b2b3517e8c986ec267a9772014c90fef7ae02b032719d5d50f09e0f320b4435
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/american-express.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
963
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-3c3"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
PP_logo_h_100x26.png
www.paypalobjects.com/webstatic/en_US/i/buttons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/en_US/i/buttons/PP_logo_h_100x26.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4a11a123bded64520ccf7410ab86ef9bf8affdcfc2b4d32e28d77215e2fd44dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1644
etag
"5Z49zmqov5ogzgVlc+lnTFBAj7qO44cRNP6Qou9uxhY"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
last-modified
Wed, 24 Mar 2021 12:01:34 GMT
content-length
1553
server
Akamai Image Manager
expires
Sat, 17 Apr 2021 13:36:36 GMT
PP_credit_logo_h_150x38.png
www.paypalobjects.com/webstatic/en_US/i/buttons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/webstatic/en_US/i/buttons/PP_credit_logo_h_150x38.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
559e8f08bca57ef2fa2459f6b41e1e6143bc03798c38da1015795692e7fb9491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 05:20:08 GMT
server
Akamai Image Manager
etag
"ffFLOJLO+FccxPDgEqY5MqC4VZDPXwwkq+Q7RvMEWoA"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
2488
expires
Sat, 17 Apr 2021 13:36:36 GMT
amazon-payments.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/amazon-payments.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
fb66ee70b34d516ba528fb372f53c0e05b1e09e215a755e16ed2947353b42e28
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/amazon-payments.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1977
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-7b9"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sage.png
www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/ 		557 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/footer/payment-logos/sage.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
7ceca25e2b9476cfdabedb9485bbcc153cb45d0ca8bc96a3b306c3d0f670ee9e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/footer/payment-logos/sage.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
557
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 29 Mar 2017 09:11:12 GMT
server
nginx
etag
"58db7a30-22d"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
amazonpayments.min.js
www.theunderfloorheatingstore.com/js/creativestyle/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/js/creativestyle/amazonpayments.min.js?v=3.0.12
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
80bf9242e153aa52dc4f7a9584a4d0e678313481ad15c6bb7e11dc0b674dc0f4
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/js/creativestyle/amazonpayments.min.js?v=3.0.12
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:18 GMT
server
nginx
etag
W/"5dfb1f12-4236"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
expires
Thu, 31 Dec 2037 23:55:55 GMT
Widgets.js
static-eu.payments-amazon.com/OffAmazonPayments/uk/lpa/js/ 		293 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-eu.payments-amazon.com/OffAmazonPayments/uk/lpa/js/Widgets.js
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-116.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a21a68014e75edc619aae7be63c123796b997fc1a44b38c94ec4f0c63c503062

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YRGlE8DfdERySBv57FWHftJMINZ6c_M0
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 00:47:01 GMT
server
AmazonS3
age
983
etag
W/"692f8da04f29bec547feb0ab2dbf36f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a6387c40eaa6a8c2b04e192223469762.cloudfront.net (CloudFront)
cache-control
max-age=1200,public
date
Sat, 17 Apr 2021 01:20:14 GMT
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
w91Q51cpq9taV_vhcf0gwtjwKYO5UY-aNpPVf7Lh07dxLAxX0zUYMQ==
platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f427108a3bb3749fe663df4b7ae84de3a12794354a6c3398a26d6d32f652a8db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Mg8PE+FzCAnxVACpTM4Tkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"a0e179a80c4f41212101b070b49b61ba"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Mg8PE+FzCAnxVACpTM4Tkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 17 Apr 2021 01:36:36 GMT
css
fonts.googleapis.com/ 		12 KB
935 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,latin-ext
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 23:49:35 GMT
server
ESF
date
Sat, 17 Apr 2021 01:36:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Apr 2021 01:36:36 GMT
gtm.js
www.googletagmanager.com/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHNT7V6
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f4082e6956637f6697adaf1d6dd7b8215b40824dc015b4b7309ab1ca5914642b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51562
x-xss-protection
0
last-modified
Sat, 17 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 17 Apr 2021 01:36:36 GMT
_dmpt.js
r1-t.trackedlink.net/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r1-t.trackedlink.net/_dmpt.js
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.210.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39744d01f0fe3dd7423ab9d22556825f605923f370546678dcf8b1c1a2920228

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1608
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-dm-activity-id
c8f20b6a2cc44ba6b6ec9f65abb1dd02
cache-control
public, max-age=2055
accept-ranges
bytes
cf-ray
6411ec63a999cdc3-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1120
cf-request-id
097f12124c0000cdc3c038b000000001
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
282071
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 13 Apr 2022 19:15:25 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
361247
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
361276
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:20 GMT
uhs.ttf
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/fonts/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/fonts/uhs.ttf
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
132a2a640a7313f24193cb6a25c63019b95d9a6fea4e57f4e7eb36357683de53

Request headers

sec-fetch-mode
cors
origin
https://www.theunderfloorheatingstore.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
:path
/skin/frontend/ufhs/default/fonts/uhs.ttf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.theunderfloorheatingstore.com
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
"5dfb1f15-11108"
content-type
application/octet-stream
access-control-allow-origin
*
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
13012
accept-ranges
bytes
content-length
69896
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
361247
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:49 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&subset=latin,latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:16:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:29 GMT
server
sffe
age
361198
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15712
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:16:38 GMT
icon_sprite.png
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/icon_sprite.png
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
8d973e541ea02533f5389ad061b4213316fb33697daea355487d1c44ed5a9fde
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/images/icon_sprite.png
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
78686
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
"5dfb1f15-1335e"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
default
embed.tawk.to/5efc4cdc9e5f69442291a4f0/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5efc4cdc9e5f69442291a4f0/default
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70a13348f56937d666d7f3523c0a7245694248c6a6948d2c4738eb28ee7f2da
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
356
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097f12131b00004a9d498b7000000001
server
cloudflare
etag
W/"stable-v3-709-en"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400, s-maxage=3600
cf-ray
6411ec64f9664a9d-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:48a::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 01:36:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=34239
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
bx_loader.gif
www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/bxslider/ 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/images/bxslider/bx_loader.gif
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/skin/frontend/ufhs/default/images/bxslider/bx_loader.gif
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
8581
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 19 Dec 2019 06:56:21 GMT
server
nginx
etag
"5dfb1f15-2185"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
protouch-v2-background.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		655 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/protouch-v2-background.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
a00e9184233800bf5ce976992504a157285aa2b1bc0ef5b02d86d5d2bc00135a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/protouch-v2-background.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
655
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Aug 2020 14:31:21 GMT
server
nginx
etag
"5f297139-28f"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHNT7V6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13879
x-xss-protection
0
server
cafe
etag
4168474919333271250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 17 Apr 2021 01:36:36 GMT
bat.js
bat.bing.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHNT7V6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:35 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref
Ref A: 93BFAEA8712741F19A23CF9A7F90835E Ref B: FRAEDGE1206 Ref C: 2021-04-17T01:36:36Z
etag
"0c77652ec27d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8885
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHNT7V6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2602
date
Sat, 17 Apr 2021 00:53:14 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 17 Apr 2021 02:53:14 GMT
6229.js
www.dwin1.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/6229.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHNT7V6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:5200:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41360fc9aaa41fe5c9e38c78b2d0948c718f1422358dead91d026441158db3a0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nzp_JoSAUlLJO5AGC2tPlE957g.fKLsI
content-encoding
gzip
last-modified
Fri, 09 Apr 2021 08:49:06 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
W/"0a491df6b249c96ccc122df8bc2d6d72"
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
date
Sat, 17 Apr 2021 01:36:36 GMT
x-amz-replication-status
COMPLETED
x-cache
Hit from cloudfront
x-amz-cf-id
gEZmixTNvpzutPPMs1BDEsGExZLmfwsq3m4LGw51aeZyEkgzY291cA==
via
1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KHNT7V6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23963
x-fb-rlafr
0
pragma
public
x-fb-debug
DsoPrxh5gVFr5d9nUspXb8ATDw5IfhdSxYCWNw11HrEpMKrB6LfIf7/FIkT0AEVJ763oZe1q4core/g9PBj8Ug==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 17 Apr 2021 01:36:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4f441a8cf6fee144a66e07ce2b716d4f8e9807939570d473ac93033201a72b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:31:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 18:53:53 GMT
server
sffe
age
180315
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54517
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:31:21 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9bfa502441ea6b3aaa3ae61e1fc6b0ded95db0d7bc7ee2e138e300d14da523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:55:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 18:53:53 GMT
server
sffe
age
196852
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29739
x-xss-protection
0
expires
Thu, 14 Apr 2022 18:55:44 GMT
badge
www.google.com/shopping/customerreviews/ Frame D3FD 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=6150655&origin=https%3A%2F%2Fwww.theunderfloorheatingstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
365c9a4e26d545d883344028fd67464821572c9c43c38fbbc4f1009366657147
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UgDi1ycBc6Gtzaarwizf+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-UgDi1ycBc6Gtzaarwizf+w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/shopping/customerreviews/badge?usegapi=1&merchant_id=6150655&origin=https%3A%2F%2Fwww.theunderfloorheatingstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.theunderfloorheatingstore.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=213=M_iVIS6awopWwSrKleeaj-FiAijr8cFXI-ZIjLsIAMvJvx_LbkmLOsqUe6QYEjg7_xQitRjo7c_x3oV6bXXhdJSK9jk-HulsBAicGk7eoc-zrWjP7MZYLdHykZVzrZ-C7awfZiWxNB5uHIVvlIFvWEt7Wv321fG1XZz-t7PM76Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.theunderfloorheatingstore.com/

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires
Sat, 17 Apr 2021 01:36:36 GMT
date
Sat, 17 Apr 2021 01:36:36 GMT
cache-control
private, max-age=900
content-security-policy
script-src 'report-sample' 'nonce-UgDi1ycBc6Gtzaarwizf+w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-UgDi1ycBc6Gtzaarwizf+w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport
cross-origin-resource-policy
same-site
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sessionstabilizer
payments-uk.amazon.com/gp/widgets/ 		89 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments-uk.amazon.com/gp/widgets/sessionstabilizer?countryOfEstablishment=UK&ledgerCurrency=GBP&isSandbox=false
Requested by
Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/uk/lpa/js/Widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.36.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
53063a1d9856ad857c84b6dc814d3a80d5acc147c99420537274de77e0ece5a8

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 01:36:36 GMT
Server
Server
x-amz-rid
XF9080XVNJ49TK8TJCBW
x-amzn-RequestId
XF9080XVNJ49TK8TJCBW
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theunderfloorheatingstore.com
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
login.js
static-eu.payments-amazon.com/v2/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-eu.payments-amazon.com/v2/login.js
Requested by
Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/uk/lpa/js/Widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-116.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6614ff09ec9347683ed42bfe66c85c7f6990800cbb30d620184bf176521642ef

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zJX.jE1.nkH6eIhm6VS0o16h7sGhlusN
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 00:46:47 GMT
server
AmazonS3
age
946
etag
W/"bd9a11803b3a387cb6e14c06df4c3145"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a6387c40eaa6a8c2b04e192223469762.cloudfront.net (CloudFront)
cache-control
max-age=1200,public
date
Sat, 17 Apr 2021 01:20:51 GMT
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
bl-WsuXCt0AkDWXS7VEA-BkZx3SvnYYisD1PhIvGUFu3xJzhMjszzA==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=418233&time=1618623396788&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D418233%26time%3D1618623396788%26url%3Dhttps%253A%252F%252Fwww.theunderfloorheatin...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=418233&time=1618623396788&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&liSync=true
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=418233&time=1618623396788&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&liSync=true
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
uFDbfmeBdhbwyZ3THisAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
hYwSc2eBdhZQbhvmOysAAA==
pragma
no-cache
x-li-pop
afd-prod-esv5
x-msedge-ref
Ref A: 4007D3E4A36745DEB4168EAD1610C517 Ref B: FRAEDGE1107 Ref C: 2021-04-17T01:36:37Z
x-frame-options
sameorigin
date
Sat, 17 Apr 2021 01:36:36 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=418233&time=1618623396788&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 00:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
2639
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Sat, 17 Apr 2021 01:52:37 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
byv8zXDdDgbeDfAsjEtz0365fCeKeTzasdpQE73aZAioHy0UaiKMXn7588rsAzHR3JmWa3aROIDhvljeAygydQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Sat, 17 Apr 2021 01:36:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
524220455151635
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/524220455151635?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
74cac4991fa80a98e10c1368170080d266867e6a2bdaebdb2d0227531008417e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
m5/vRg35MGHmAr9iMYQNZ511OVzd32TvJv8dajs4UqCJ9QOSUbKgjb4PAzP2XN3AnLVFZY7g6mXiibJMn/qifA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Sat, 17 Apr 2021 01:36:36 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
bat.bing.com/action/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5151521&tm=gtm001&Ver=2&mid=32b92720-9a43-47ee-ac2b-7b42a93a4ed7&sid=5974e5409f1d11eb851017475dd6ac51&vid=59750e909f1d11ebb2e203055153469e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Underfloor%20Heating%20Systems%20%7C%20The%20Underfloor%20Heating%20Store&kw=electric%20underfloor%20heating%20systems,%20water%20underfloor%20heating%20systems,%20heating%20mats,%20manifolds,%20water%20pumps,%20thermostats,%20insulation%20boards,%20wetrooms,%20air%20source%20heat%20pumps&p=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&r=&lt=823&evt=pageLoad&msclkid=N&sv=1&rn=10108
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 17 Apr 2021 01:36:36 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: AA3D4A45F13D49628F1576846FD9C1E5 Ref B: FRAEDGE1206 Ref C: 2021-04-17T01:36:36Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 3F0A 		566 B
860 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.theunderfloorheatingstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth/exm=ratingbadge/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3efd6363efb43534b1e86a3229cab2f60b31d8cb86e39e0648827f42a7745211
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vre9xJGpdu1GKqc6l7sNrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.theunderfloorheatingstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.theunderfloorheatingstore.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=213=M_iVIS6awopWwSrKleeaj-FiAijr8cFXI-ZIjLsIAMvJvx_LbkmLOsqUe6QYEjg7_xQitRjo7c_x3oV6bXXhdJSK9jk-HulsBAicGk7eoc-zrWjP7MZYLdHykZVzrZ-C7awfZiWxNB5uHIVvlIFvWEt7Wv321fG1XZz-t7PM76Y
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.theunderfloorheatingstore.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 17 Apr 2021 01:36:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-vre9xJGpdu1GKqc6l7sNrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wavin-coming-soon-background.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		551 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/wavin-coming-soon-background.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
62601f51abdce15666322abc2fafaa6a9f3093ac33b4e27967bc3a9d089b4979
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/wavin-coming-soon-background.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2; _gcl_au=1.1.347732045.1618623397; _ga=GA1.3.683127451.1618623397; _gid=GA1.3.673952744.1618623397; _uetsid=5974e5409f1d11eb851017475dd6ac51; _uetvid=59750e909f1d11ebb2e203055153469e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
551
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Feb 2020 15:08:19 GMT
server
nginx
etag
"5e42c363-227"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
prodigital-thermostat-background.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		598 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/prodigital-thermostat-background.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
6c33ca56d3f4ca79cafb8d96e0d33f32b8ce252e8657bb814f9b7964890e6bfd
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/prodigital-thermostat-background.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2; _gcl_au=1.1.347732045.1618623397; _ga=GA1.3.683127451.1618623397; _gid=GA1.3.673952744.1618623397; _uetsid=5974e5409f1d11eb851017475dd6ac51; _uetvid=59750e909f1d11ebb2e203055153469e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
598
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Nov 2019 09:56:48 GMT
server
nginx
etag
"5dc298e0-256"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
protouch-wifi-background.jpg
www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/ 		599 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theunderfloorheatingstore.com/media/wysiwyg/banner/homepage/protouch-wifi-background.jpg
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.62 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10062.sucuri.net
Software
nginx /
Resource Hash
b1ec516023c5a45ee2aafb0b5c445dc29945857ba37d960884f50702e46d1315
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/media/wysiwyg/banner/homepage/protouch-wifi-background.jpg
pragma
no-cache
cookie
CACHED_FRONT_FORM_KEY=nn1VUnF8JivzvyFV; frontend=p7enavm4eb5v4mbhk33fd4g3nh; frontend_cid=AldIO3WWvYLQYFon; CUSTOMER_SEGMENT_IDS=2; _gcl_au=1.1.347732045.1618623397; _ga=GA1.3.683127451.1618623397; _gid=GA1.3.673952744.1618623397; _uetsid=5974e5409f1d11eb851017475dd6ac51; _uetvid=59750e909f1d11ebb2e203055153469e
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.theunderfloorheatingstore.com
referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.theunderfloorheatingstore.com/skin/frontend/ufhs/default/css/styles.css?q=1616769302
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:36 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
599
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Feb 2019 11:29:52 GMT
server
nginx
etag
"5c5ac530-257"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=315360000
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'self';
x-sucuri-id
13012
content-security-policy
base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
uedata
payments-uk.amazon.com/cs/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments-uk.amazon.com/cs/uedata
Requested by
Host: static-eu.payments-amazon.com
URL: https://static-eu.payments-amazon.com/OffAmazonPayments/uk/lpa/js/Widgets.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.36.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Sat, 17 Apr 2021 01:36:37 GMT
Server
Server
x-amz-rid
WNFQSV3Y7A32P5QW1PH7
x-amzn-RequestId
WNFQSV3Y7A32P5QW1PH7
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.theunderfloorheatingstore.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070305483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070305483/?random=1618623396978&cv=9&fst=1618623396978&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&data=ecomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&tiba=Underfloor%20Heating%20Systems%20%7C%20The%20Underfloor%20Heating%20Store&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adbe35be777a67cedb5a9b0451d1c1a17ead639de4f7ee4389d67c955e46d475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 01:36:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1080389249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&ul=en-us&de=UTF-8&dt=Underfloor%20Heating%20Systems%20%7C%20The%20Underfloor%20Heating%20Store&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAALAAAAAC~&jid=1177228487&gjid=1545783240&cid=683127451.1618623397&tid=UA-3394169-1&_gid=673952744.1618623397&_r=1&gtm=2wg472KHNT7V6&z=1010695514
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 01:36:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theunderfloorheatingstore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=524220455151635&ev=PageView&dl=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&rl=&if=false&ts=1618623397062&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618623397060.822267317&it=1618623396823&coo=false&tm=1&rqm=GET
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 17 Apr 2021 01:36:37 GMT
m=_b,_tp
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=... Frame D3FD 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=AC8lLkQg9eGU3EaVdpXGFIXl3bmQ_jR3jQ/m=_b,_tp
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=6150655&origin=https%3A%2F%2Fwww.theunderfloorheatingstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c572e5d961c940afeaf8796cde171a147c3f411a675c775d03c4769b614cca13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 11:08:47 GMT
server
sffe
age
35769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49996
x-xss-protection
0
expires
Sat, 16 Apr 2022 15:40:28 GMT
no_rating.png
www.gstatic.com/verifiedreviews/en/ Frame D3FD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/verifiedreviews/en/no_rating.png
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=6150655&origin=https%3A%2F%2Fwww.theunderfloorheatingstore.com&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
487972
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1551
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:45 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-3394169-1&cid=683127451.1618623397&jid=1177228487&gjid=1545783240&_gid=673952744.1618623397&_u=aGBAAAAKAAAAAC~&z=1088705717
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 17 Apr 2021 01:36:37 GMT
content-type
text/plain
access-control-allow-origin
https://www.theunderfloorheatingstore.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1070305483/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1070305483/?random=1618623396978&cv=9&fst=1618621200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&data=ecomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&tiba=Underfloor%20Heating%20Systems%20%7C%20The%20Underfloor%20Heating%20Store&async=1&fmt=3&is_vtc=1&random=2389961847&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 01:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1070305483/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1070305483/?random=1618623396978&cv=9&fst=1618621200000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&data=ecomm_pagetype%3Dhome%3Becomm_totalvalue%3D0&frm=0&url=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&tiba=Underfloor%20Heating%20Systems%20%7C%20The%20Underfloor%20Heating%20Store&async=1&fmt=3&is_vtc=1&random=2389961847&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 01:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2038943760-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 3F0A 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.theunderfloorheatingstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 10:43:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 00:25:08 GMT
server
sffe
age
139961
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4265
x-xss-protection
0
expires
Fri, 15 Apr 2022 10:43:56 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 3F0A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.theunderfloorheatingstore.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.MWM3Xj_RD9s.O%2Fam%3DAQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7010f14d8f1b1421908adffc1e92ee8a2aabc41721d91c3a815636a1fef7b928
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gcDVDiWA5AeCSXN+r+geWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"0ddb10a2b3ff08e343231747939b301e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-gcDVDiWA5AeCSXN+r+geWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 17 Apr 2021 01:36:37 GMT
m=byfTOb,lsjVmc,LEikZe
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_... Frame D3FD 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_lKceigR8.L.B1.O/am=AkA/d=1/exm=_b,_tp/excm=_b,_tp,badgeview/ed=1/wt=2/ct=zgms/rs=AC8lLkQuRK4njqEH6aNi0g5z3h-3Jrz5OQ/m=byfTOb,lsjVmc,LEikZe
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=AC8lLkQg9eGU3EaVdpXGFIXl3bmQ_jR3jQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bdd6dc209d19c2b9edb6bce8041a487c09329b371b467a514a36688d2065cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 22:48:36 GMT
server
sffe
age
35769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13460
x-xss-protection
0
expires
Sat, 16 Apr 2022 15:40:28 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-3394169-1&cid=683127451.1618623397&jid=1177228487&_u=aGBAAAAKAAAAAC~&z=1611965433
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 01:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-3394169-1&cid=683127451.1618623397&jid=1177228487&_u=aGBAAAAKAAAAAC~&z=1611965433
Requested by
Host: www.theunderfloorheatingstore.com
URL: https://www.theunderfloorheatingstore.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Apr 2021 01:36:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,SF3gsd,NpD4ec,gychg,hc6Ubd,vhDjqd
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_... Frame D3FD 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_lKceigR8.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/ed=1/wt=2/ct=zgms/rs=AC8lLkQuRK4njqEH6aNi0g5z3h-3Jrz5OQ/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,SF3gsd,NpD4ec,gychg,hc6Ubd,vhDjqd
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=AC8lLkQg9eGU3EaVdpXGFIXl3bmQ_jR3jQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
938f7866d42f36221c418697fe1e0ee3f3fc8a32261117827c4906338ff52d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 22:48:36 GMT
server
sffe
age
35769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22041
x-xss-protection
0
expires
Sat, 16 Apr 2022 15:40:28 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame 3F0A 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14576ad51a7f423f731ee7f2dc168694b192f30cd34c68c4623f879c4a8b2e5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 23:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
180449
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17794
x-xss-protection
0
expires
Thu, 14 Apr 2022 23:29:08 GMT
api.js
apis.google.com/js/ Frame D3FD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_lKceigR8.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,badgeview/ed=1/wt=2/ct=zgms/rs=AC8lLkQuRK4njqEH6aNi0g5z3h-3Jrz5OQ/m=xUdipf,n73qwf,UUJqVe,IZT63,vfuNJf,ws9Tlc,NwH0H,MpJwZc,PrPYRd,SF3gsd,NpD4ec,gychg,hc6Ubd,vhDjqd
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1/blYIPHSHQLmHNTUh83yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"6873478039673be44cc70fd23da24c6e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-1/blYIPHSHQLmHNTUh83yQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sat, 17 Apr 2021 01:36:37 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ Frame D3FD 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45e713a20df33e0ae79c9cd5adf8f1a0fafd83410a0501fd35b98d05d37ba7de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 05:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 17:21:52 GMT
server
sffe
age
158339
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41446
x-xss-protection
0
expires
Fri, 15 Apr 2022 05:37:38 GMT
m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_... Frame D3FD 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_lKceigR8.L.B1.O/am=AkA/d=1/exm=IZT63,LEikZe,MpJwZc,NpD4ec,NwH0H,PrPYRd,SF3gsd,UUJqVe,_b,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/ed=1/wt=2/ct=zgms/rs=AC8lLkQuRK4njqEH6aNi0g5z3h-3Jrz5OQ/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=AC8lLkQg9eGU3EaVdpXGFIXl3bmQ_jR3jQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67cb111129a4c9865017167f8e92777b005af29184ae8ebad0f45533919d203c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 22:48:36 GMT
server
sffe
age
35769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13230
x-xss-protection
0
expires
Sat, 16 Apr 2022 15:40:28 GMT
m=lwddkf
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_... Frame D3FD 		221 B
182 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.1b_lKceigR8.L.B1.O/am=AkA/d=1/exm=EFQ78c,FCpbqb,IZT63,LEikZe,MpJwZc,NpD4ec,NwH0H,PrPYRd,SF3gsd,UUJqVe,WhJNk,Wt6vjf,_b,_latency,_tp,byfTOb,gychg,hc6Ubd,lsjVmc,n73qwf,vfuNJf,vhDjqd,ws9Tlc,xUdipf/excm=_b,_tp,badgeview/ed=1/wt=2/ct=zgms/rs=AC8lLkQuRK4njqEH6aNi0g5z3h-3Jrz5OQ/m=lwddkf
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=AC8lLkQg9eGU3EaVdpXGFIXl3bmQ_jR3jQ/m=_b,_tp
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae9aa595cc21956039cb0f3d5b5c50b6a22d2c9c776c1b88c9424e793242dc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 22:48:36 GMT
server
sffe
age
35769
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159
x-xss-protection
0
expires
Sat, 16 Apr 2022 15:40:28 GMT
log
play.google.com/ Frame D3FD 		131 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.YaTDgAbA5NI.es5.O/am=AkA/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ct=zgms/rs=AC8lLkQg9eGU3EaVdpXGFIXl3bmQ_jR3jQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://www.google.com
cache-control
private
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 17 Apr 2021 01:36:37 GMT
app.js
static-v.tawk.to/709/ 		503 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-v.tawk.to/709/app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5efc4cdc9e5f69442291a4f0/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.theunderfloorheatingstore.com
Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
51296
x-cache-status
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097f12175100004a9d5b1df000000001
last-modified
Fri, 15 Jan 2021 22:41:20 GMT
server
cloudflare
etag
W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=2592000, immutable
cf-ray
6411ec6bbf574a9d-FRA
widget-settings
va.tawk.to/v1/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=5efc4cdc9e5f69442291a4f0&widgetId=default
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e16bb1d8f81a07f1f9d4ebae5991a199b69ca2edf164eaec4882c12629fce852
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
353
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097f12179400004a9d32b03000000001
x-served-by
visitor-application-preemptive-87l8
server
cloudflare
etag
W/"1-58-0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=14400, s-maxage=14400
cf-ray
6411ec6c2fa94a9d-FRA
access-control-allow-headers
content-type,x-tawk-token
1618623397783
va.tawk.to/register/ 		22 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1618623397783
Requested by
Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89bf425c78befc7c3c4d74b8b9e93557d17310bbbbfdee91b01a6f09f7dbbc3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 17 Apr 2021 01:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097f1217a80000dfdb5bbc7000000001
x-served-by
visitor-application-preemptive-9fsh
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.theunderfloorheatingstore.com
vary
Accept-Encoding
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
6411ec6c3f7bdfdb-FRA
access-control-allow-headers
content-type,x-tawk-token
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=524220455151635&ev=Microdata&dl=https%3A%2F%2Fwww.theunderfloorheatingstore.com%2F&rl=&if=false&ts=1618623398565&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Underfloor%20Heating%20Systems%20%7C%20The%20Underfloor%20Heating%20Store%22%2C%22meta%3Adescription%22%3A%22Underfloor%20heating%20is%20one%20of%20the%20most%20cost%20effective%20ways%20to%20heat%20your%20home.%20Call%20us%20now%20to%20ask%20about%20our%20lifetime%20warranty%20and%20free%20next%20day%20delivery.%22%2C%22meta%3Akeywords%22%3A%22electric%20underfloor%20heating%20systems%2C%20water%20underfloor%20heating%20systems%2C%20heating%20mats%2C%20manifolds%2C%20water%20pumps%2C%20thermostats%2C%20insulation%20boards%2C%20wetrooms%2C%20air%20source%20heat%20pumps%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1618623398565.1397074711&it=1618623396823&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theunderfloorheatingstore.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 01:36:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 17 Apr 2021 01:36:38 GMT

Verdicts & Comments Add Verdict or Comment

191 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $$ undefined| Sizzle function| Selector function| jQuery function| $j function| validateCreditCard function| Validator function| Validation function| removeDelimiters function| parseNumber object| Builder object| Effect object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable object| Autocompleter object| Control function| popWin function| setLocation function| setPLocation function| setLanguageCode function| decorateGeneric function| decorateTable function| decorateList function| decorateDataList function| parseSidUrl function| formatCurrency function| expandDetails boolean| isIE object| Varien function| truncateOptions function| fireEvent function| modulo function| customFormSubmit function| customFormSubmitToParent function| VarienForm function| RegionUpdater function| ZipUpdater function| Translate object| Mage function| Tooltip object| html5 object| Modernizr function| yepnope object| enquire object| breakpoint object| PointerManager object| MenuManager object| ProductMediaManager function| EventEmitter object| eventie function| imagesLoaded function| popUpMenu object| Enterprise function| Minicart function| mywetroomOutstandingBasket object| client object| rbd string| bp function| show_preloader function| hide_preloader function| set_max_height function| install_arrow_resizer function| set_breakpoint function| activate_tab function| return_last_uri_segment function| prepare_spConfig function| display_minimum_qty function| getTimeRemaining function| isDate function| initializeClock function| scrollToElement function| setHeightToMatchWidth function| setElemHeight function| resetElemHeight function| UpdatePriceInGoogleTagParams object| jQuery1121090802899412382 boolean| RESPONSIVE_MODAL object| dataLayer object| optionalZipCountries function| emailCapture object| newsletterEmailCapture function| loadCookieScript object| Translator function| closeCookieAlert function| acceptCookieAlert function| declineCookieAlert object| searchForm object| car object| hpCarousel object| newsScroller object| google_tag_manager object| AmazonPayments function| onAmazonPaymentsReady function| onAmazonLoginReady object| Tawk_API object| Tawk_LoadStart string| _linkedin_partner_id object| _linkedin_data_partner_ids object| emailcapture object| google_tag_data object| uetq string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids function| _dmTrack function| _dmSetDomain function| _dmSend object| gapi object| ___jsl object| OffAmazonPayments object| LOGIN_STATE function| lintrk boolean| _already_called_lintrk string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| gaplugins object| gaGlobal object| gaData function| UET object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| AWIN function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| amazon number| totalHeight object| $jscomp function| $jscomp$lookupPolyfilledValue function| $__TawkEngine function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| slideIndex

13 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 213=M_iVIS6awopWwSrKleeaj-FiAijr8cFXI-ZIjLsIAMvJvx_LbkmLOsqUe6QYEjg7_xQitRjo7c_x3oV6bXXhdJSK9jk-HulsBAicGk7eoc-zrWjP7MZYLdHykZVzrZ-C7awfZiWxNB5uHIVvlIFvWEt7Wv321fG1XZz-t7PM76Y
.theunderfloorheatingstore.com/ Name: _fbp
Value: fb.1.1618623397060.822267317
.www.theunderfloorheatingstore.com/ Name: CUSTOMER_SEGMENT_IDS
Value: 2
.theunderfloorheatingstore.com/ Name: _gcl_au
Value: 1.1.347732045.1618623397
.www.theunderfloorheatingstore.com/ Name: _gat_UA-3394169-1
Value: 1
www.theunderfloorheatingstore.com/ Name: apay-session-set
Value: BcSbnhJmUYwsGqaLvqp3wTWXNGpl%2FcoMrxoCmqJmRFSd4cDlP399EhE2eW7uqxo%3D
.www.theunderfloorheatingstore.com/ Name: frontend_cid
Value: AldIO3WWvYLQYFon
.theunderfloorheatingstore.com/ Name: _uetsid
Value: 5974e5409f1d11eb851017475dd6ac51
.www.theunderfloorheatingstore.com/ Name: _gid
Value: GA1.3.673952744.1618623397
.theunderfloorheatingstore.com/ Name: _uetvid
Value: 59750e909f1d11ebb2e203055153469e
.www.theunderfloorheatingstore.com/ Name: frontend
Value: p7enavm4eb5v4mbhk33fd4g3nh
.www.theunderfloorheatingstore.com/ Name: _ga
Value: GA1.3.683127451.1618623397
www.theunderfloorheatingstore.com/ Name: CACHED_FRONT_FORM_KEY
Value: nn1VUnF8JivzvyFV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; default-src https:; form-action 'self' payments.amazon.co.uk va.tawk.to www.facebook.com; connect-src https: wss:; script-src 'self' 'unsafe-eval' 'unsafe-inline' ajax.googleapis.com apis.google.com bat.bing.com cdn.jsdelivr.net cdn.syndication.twimg.com chatserver.comm100.com connect.facebook.net embed.tawk.to googleads.g.doubleclick.net maps.google.com maps.googleapis.com platform.linkedin.com platform.twitter.com productreviewswidgets.trustpilot.com r1-t.trackedlink.net snap.licdn.com static-eu.payments-amazon.com t.trackedlink.net webinsight.s3.amazonaws.com widget.trustpilot.com www.dwin1.com www.google-analytics.com www.google.com www.googleadservices.com www.googletagmanager.com www.gstatic.com www.zenaps.com static-v.tawk.to; object-src 'self'; img-src 'self' https: data:; style-src https: 'unsafe-eval' 'unsafe-inline'; font-src 'self' data: https:; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
bat.bing.com
connect.facebook.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
payments-uk.amazon.com
play.google.com
px.ads.linkedin.com
r1-t.trackedlink.net
snap.licdn.com
ssl.gstatic.com
static-eu.payments-amazon.com
static-v.tawk.to
stats.g.doubleclick.net
va.tawk.to
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.paypalobjects.com
www.theunderfloorheatingstore.com
104.111.228.123
104.16.210.86
143.204.245.116
192.124.249.62
216.58.212.162
2600:9000:2104:5200:f:8ce2:fb80:93a1
2606:4700:10::ac43:2642
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200d
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9c
2a02:26f0:7100:48a::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
54.239.36.254
013acd3c7db055442ef883ecf3a862086aa117160ae06e2e95119d32fd09a206
013fff9bfb963d505db7792deab40e1dd0ecfc392e7544d729446af289f1136e
01b976f870c039a23b17135909b0dab7305dfc5f132edf4e025a5d818674058b
04513f71b60258460af947ebb43ef96a957a88ed3c4a6161bd23329c2531b11d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
076f1a62f9d5244342029601f446c2ffd05d33099667f4cc792e52ceff324a2d
079981c8cfc50618db24f606febad78bde1211b294a9ecd3ba21a9912c4ad0ea
08170ab2776ddbb39b467f472afecb64a4de015e3c052bd4d9d79e3be3797083
095c0fc1a55acb2ed5164bf5720744be7961efca72b4080b36633d1180a045ca
096989a128ad3bdc7182124c576a000d4036b77b08e7efa4eabc72530d71efc9
09d148642020480b971f4cf57e797365841a02dc7176fbe0a38804e5476623c4
0a2f622173010389d1ba6729e8dff646fcb4a2bfa433ec5a71a46accbb97a9da
0a65ba4f8b7b0753fd06db13bdfadf01b710d79c623aa96d50ab13d4607d7e46
0ae9aa595cc21956039cb0f3d5b5c50b6a22d2c9c776c1b88c9424e793242dc1
0b93183bcc5bda42dc9db65084d052ca8fdb7eb3e3b08a75e5f3884a888cf035
0babe67f4147899c30aec73fef519e43fa5c6743a00e1901e8b57b2956d7ed54
0e358e3513994ec13bb7321c12e18c28a9171c4d49db7f49520951723c05c2ac
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebc7b39f58b4c5965edb410388f13bb50947f1ced28a954b6a44846bebca281
10c566edb673aff29e871a2b64511482014828a76c43a2150f932e99b9a5aa51
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
120caad0919773c1bfafaa42df0dd74a5afd6bc440b11d40c2cf03ece435fb89
132a2a640a7313f24193cb6a25c63019b95d9a6fea4e57f4e7eb36357683de53
13b8bd50a4554211409114696af3abec88a8b7f06ebe506fcc439b74bebeac98
14576ad51a7f423f731ee7f2dc168694b192f30cd34c68c4623f879c4a8b2e5a
145988bdc1f7eff444b4d85e9cfb3d17aaff944f8841dcecab64a3934ddc48ea
176f7c83ab65e11a8f6c8fdd30146e1034eb1d7599d2a05db8a8b5ed64e0cb30
188e903071bf9244127264e79731a15cf80c94ca3be47e8135d3e1e721ac61c4
18a42515cb6eca5d1e76d8fa8b71c0f6af7633baeeebac2d5a4d9f3729561647
193fb2b894780d607e71e22d30f2ba1f1ac6f1887666693aeb913dbe561067ff
19f29982c412e1d174ffe3c10512c4963c3c6afde804d9b78d2a7e029c40ba98
1a9bfa502441ea6b3aaa3ae61e1fc6b0ded95db0d7bc7ee2e138e300d14da523
1b88542d1458cd86dacd3de3cb9635ded83c01edcae01be5f49451611985cff8
1c4ef54234804fc0e511201b83441598e7ef6f1d3268f3d3d587f02d94769dd0
1dc026ffa557869ff8e7f308c3cc1f86958af1a4706ef4054f5fca3aaa538455
1e339a5c9fdda167d1172bbfdbbece082ec0a670a74c5a051b812debd472ae31
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
22482584aeaa7b1d74de072793246c65e38b402ac231f38bb0d9102802543230
23084d3e598bfde41b9a029adacc7d2dac9e485ff2eb01e71c347c7fa43abaa8
231a3be56e9321ed6447fe41538a3e1767fa38dff907d15154fb9bfc3a663a13
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2a1065028d46a7255e9bf627b9acc5ef518ddc3df45022c84dbd48fbffb791f5
2aa169baef4f95fa33ee60f4d067d7650ce6397e39d38a004ef5500b34db731f
2ad44ea4870ae4f4ab46fb93d9af24f29b24ca3cf120148b939af15930e3e7d1
2c26a5e7d436214dd0a43d0e8e303d35c53f835813bc3236d9efa326aeddac32
2cc87c700434133aa030b9a4b19de3dfbf66ee2e2a9a9dc5a6910c7b6dc616c3
2e021a86217afd2b3f80ecdc63ad244d87cfffcc5fea3ca1e1b6b199e9766bca
2ec9796e5d40aae2462f523bc2f9eb9491d1da72100677b310ab329a36571e6f
31f7474a8bf6567289a3e9650172ca9a2240c758ae129a761d3deca1ca57e5fa
328cab78ebb3e3c4e94e23b87630a56ae7ad2db686ecd1d69f93176318b6f82d
32b18b3ded27d60c1113b3dc170979ed1168d4a15c51f8fac7e33936c1d6c356
331d02a3006ffa388bfc8390be476d67804a3a3a0ed3da1b12ca6e20f5a04d1a
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33d600e129a241a756080d20400c8ac080a1ea164d4e020b57cd5dc1ab33b19a
33e0284235567d3832d20f620033b985f0b455301aee17693189ce4b5bf771a3
33fb113c788de38b7b3461ea781579f77273b424ecfe032df3221564df5cd0e5
354ccee9a1629779dd81baea3db5714c785ffb99035a8f7376b6d72400142794
35ccb9f798d72137788402026ab9f37d7a3d76e045af3575632f306afb055fb8
365c9a4e26d545d883344028fd67464821572c9c43c38fbbc4f1009366657147
36d3679cca3d939ea395dbe44f8ff9d5795650ad0b47d65406713683f0348776
37d06a3694e4728b47b1e208a99e1fb016e8282ee657a775ec885bfbc4a8bc01
394ee4643d5c3fc7d0a671052576e3e7250e6cbccc407772679a359ce59f2794
396ce1e6e4f1423d3a462cd2ec1c399d958f01da304d3c9fb645a50c140952dd
39744d01f0fe3dd7423ab9d22556825f605923f370546678dcf8b1c1a2920228
3bdd6dc209d19c2b9edb6bce8041a487c09329b371b467a514a36688d2065cb4
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c6e81db4c34121ba1fd28089484c78207a5e04c984e5eeb64d0e3fe70fadaa6
3cb10859a77dcb4246e3b25d77d85498446aa56cf14ab1d96f47b002cec4ebf1
3d7eaa76f7e1c6ab91c85acc8ff329c7384cccafaa8e7e61da44602bc2c156b3
3efd6363efb43534b1e86a3229cab2f60b31d8cb86e39e0648827f42a7745211
41360fc9aaa41fe5c9e38c78b2d0948c718f1422358dead91d026441158db3a0
42bf54088639af1e367ff495ed4088a7fcdc9a58c3e4aeb9ce9bf1105df84ad6
4483dddd0cf7719c4e692d216ec2872aa941dfa344fbf39634d011dec3c7be59
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
45e713a20df33e0ae79c9cd5adf8f1a0fafd83410a0501fd35b98d05d37ba7de
4630a85a458ac45fd0222700eba90e49a5eaeca96ddfc7f73413b19972d83539
465dafe944f6b170677834cc570f6d3c5680124d2d315a5f9ebdbdffe00822af
47417ef90f0f9df77cefd38b95de9a50e2f7dfacb6f777443f3a38728fcc5d34
4a11a123bded64520ccf7410ab86ef9bf8affdcfc2b4d32e28d77215e2fd44dd
4a17874bcb68c851c3c07329f9afcd0427fbf2fc3b74a0ce01880a721fcca50f
4a657e1719b5ef2a255ad90a7f0b1095df4700e24f9170c3ea1cca8c2aaa9d54
4aa58699835300a9571e2488d656e0e89406173e8519fb40592eaa6b5b5c3775
4b2b3517e8c986ec267a9772014c90fef7ae02b032719d5d50f09e0f320b4435
4b8f0f9f69149a2918a5cb521eae1a60d68b5babd662c81c0f014571b6b7e996
4d3e0e5850c28d2c6756aeea4f53b6b725416b99df387c06ad304687eb439d65
4f93144029773ecdd3521a24bb27edf9bd51734f1ee15d7070ae44cb9bcd2901
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
508a22dbc591bf34976632b74491e0af0323b72af7065ab4f3e4f9dfdce393c2
53063a1d9856ad857c84b6dc814d3a80d5acc147c99420537274de77e0ece5a8
534620356486b66461a79e2322b94464c82158a52bd6c4abb697a4d5f708790a
54ec77e290793026365c7381affd71d358ed775a464fa4a70627bfd2ea90410b
559e8f08bca57ef2fa2459f6b41e1e6143bc03798c38da1015795692e7fb9491
55a5ad271669bf124135881be702c4a8a674e4ccba192ef7d86db67e8560c254
55c3f11c27d2e823423283afeda40eaf70dbb9a6f7e253a04afabf0a4068be02
55cfd5c8c49f1225cb5b9f4a7929c9a67b2d08a7b29d236cce7c613163b235c8
5666740acb4a223e96e15c622b7becae5f07763447190cb27263984e8ac33d79
593bbce28facc038c137ecd14b6bc1c73339b289e071beaf99bd289f8bfdda84
5a62679314a88767dce91fc235ff249f6241ef4a15134df4465a425a010e2a8f
5a7005b98fbd2695c2c509ab0ce3ff3283ef4f727fd0eca138eaea2eb2e24632
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5c24612fcd9c32a2ad065a8153775a094c8fe871dedd5a029573738177510289
5c7ace2b859beb8ec6e4597db2b9641be2279f04e4de958fee5d7cd410408645
5cd19a37c73848e91dd15f182abadec907194bba4da5d9b2f773441ed34b1f98
5cf45adecb0981eef5e0de613df94d883f39f8de323da1a7535053efbef0e49e
5e0970e66d34be7885e9844708580dbe87dfea5abb4de30b2060feab45dd08f7
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
62601f51abdce15666322abc2fafaa6a9f3093ac33b4e27967bc3a9d089b4979
62804088c6d76caf2bca40ba80d4d75f38ec54925037abdc6a21d28daf756336
62e44d1153b7b98bdf7f06d7c772f1d60b29c160833fe16f33313037ef6eeca7
63d9e1fb392138badd064ac8014c98a52d5009ff79ba86acce4103289e63687b
64512da06ce7ae3804eaa6a09a485bdbb7f7ed53f9db3da4965531128c20dd8b
6614ff09ec9347683ed42bfe66c85c7f6990800cbb30d620184bf176521642ef
6691aa186da042fc9c48cf4e2209ad844225691ea468c7ae920c4a61a3574405
67399f5551e4d7b8a201ddc8d7690eab1673c3df631b8776d9f301875a85d930
67ba9479fcf47e9a23251a07079453aa907814fde1b4e797c1ab5d9a2be274bf
67cb111129a4c9865017167f8e92777b005af29184ae8ebad0f45533919d203c
69cb6de7d8d6fce3527d119c2e798fafb347fde40a342e34442173686101654d
69ed8b42733bcbc8850c04f728f8c21d4f0728a9607510e03f623726f9d8d0cc
6b00be6cc35a0cf25227a05566c2b75fbc5b92bc8d720970375a50a476392917
6c33ca56d3f4ca79cafb8d96e0d33f32b8ce252e8657bb814f9b7964890e6bfd
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
6ddaa939fd8786e9bc8fb639cce3fad3f4d487f7ed7ef5a925ee081755b110ff
6e01d05c86bb83380fa587400b7e8f0eaef74fcac4cf47519c7c060d80bde200
6e85f87aa92607f7d8e5420f39b62b83a8e4180c8441dfa145342ae23947aa0c
6f5338d3451599b246f750be88210bbf0ff3dcba87288f3d6cd76ad5c9994116
7010f14d8f1b1421908adffc1e92ee8a2aabc41721d91c3a815636a1fef7b928
71efc700b9091f1449e2c952536cf7281aded3a30a96e44be5d06e606e2904bd
727ee107a8036e193fef85e1faf9e1eb145d25d03a4aa73d6db7c5ad71118797
74cac4991fa80a98e10c1368170080d266867e6a2bdaebdb2d0227531008417e
757ce508c431b71c65582d1dc02f3527e8fc8f81590eb20b1d6f20f25847ef80
75c7173e0ceff55548633a14cdbbefccb1f145e37d59fbc183daa51ce4ec3961
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
778abf5d0055d55a704c47b9522bb64e714418ab4d3bd46d78ed60c6a08f08c6
795067792fe4113e2c6e3c79eb2516376918940d7e14d5872f7e2b494f08d946
7965f0586b87cadc7fdc72d1a579459479c806563c57bd4dc469a83540ef47d7
7a3f012b9a7aa14219d61931b3f59afd74f6aedcf7585436e0c2cc042ec3eab2
7b4ffe9fab0547702bb2945fcae1264c5d8e491f91776418459a6e5aaa03dfdb
7ceca25e2b9476cfdabedb9485bbcc153cb45d0ca8bc96a3b306c3d0f670ee9e
7e08a9351a0521d1f6ba41356a5e11b55258f7ea58008150782326a4c2bc67b3
7f410ee0877d8284e439b57edc1aae7a9e35755877446a350fe9e78a5346600f
7fe5d32728f78391f77003f2d869525c5af42290b3fad8bc7adbf4fa84c3574c
80bf9242e153aa52dc4f7a9584a4d0e678313481ad15c6bb7e11dc0b674dc0f4
81f417fef96de090190eb6d24083e0005174695350346e3f18a3e007bc0a5a63
834d26888b405e6a5788142159cec7b7a350c01989e4ccc775a32f03384dac52
83b9a74e7b13f0752391d6daca8b9567a0bf6283a34803aa5a71b57d3ebbc8c8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858e4b6b8f2dd497dfeece5cc3dec30a471275a04cb604ffebf17063b10f0579
86bc43ffa63b6a3e925c2d64b8f1ddde103aba67b6ddec17854d915f492a5468
8715e67c7ae06b7d1da59de813dc8cffb5a27038f2754081cc54e446bd6a5e96
8a2e4f92cba8509d0d26255bb950e4a53345fad6c1b38da13448b9c7a561832a
8a93882c20b5adb5bda95877870a6f95d4cd6a1fdb46cf3408268195bdb87460
8d973e541ea02533f5389ad061b4213316fb33697daea355487d1c44ed5a9fde
8e55233cf5a8bb044ee331faada0609d54988b5cda2d68fe5085302b6712119f
90aa9520d5b95aeb0d587d625cdedf46904c1b49211ddb27743521c271347908
9204bbba9b087a4520642211ac68f8a7a5a89e2fe07d4b8a303e4841fb58cfab
934dfdaa48bbe6eaedc9041a705490e5ab54084686d21c73baf12b0919fc2b4a
938f7866d42f36221c418697fe1e0ee3f3fc8a32261117827c4906338ff52d36
9804e602748c877c7f04678303ecea4537b57211a47350f5c7b98748c4c42b05
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
991c8488bc950128810e71342f4b496feaa323ab122bc7d8c1848d2d15221b2a
9afdebe90283849feb8f159b7e273c57236be66a45e111838f4a47a24d5785a3
9bd2754f65de6e31f6888b5079c07a8797d8b965fe519b4746815d724eeff210
9d16e1818e16fb571b9e79a111a2bcd0e15a144ec1da5cd25ed5461d48d585d2
9ef6c4a1bf670e85f3d9f8f8732f57c496f9f5009332c5cb6d1933e3ff6f33b8
9fad5cd08dc30b810416bd4a496709695a538e65a64ed999d76672144cb497a0
9fb7cc778e5a0403e8b6e3daa7b22970ee02770293755a9058e9ed8520bc36ed
a00e9184233800bf5ce976992504a157285aa2b1bc0ef5b02d86d5d2bc00135a
a0859df49117b5ea1c1873f4bc07db7fadd8ab5be1e0309773834a28da014c5a
a1265b6eb5e33fbd8a931d5e10a5a7ebfa49460a8c0009b6c8d9f82c172708ec
a21a68014e75edc619aae7be63c123796b997fc1a44b38c94ec4f0c63c503062
a2d9c543ac2fbd8bd93b41036a6144d069d77719b6739d84e98199b0f85b6534
a2ee5b8d80425194a58046b27d605c3fbdfd8b511cfbdbf8149debfc6c1726e4
a57192d2c7749c9720fd183c8ef2afc4386a8671a8e309f8ad3a9761932a3e27
a59c143f45369231b36ba5a6126f7d732848cfe052a297155889aa6491dc9d69
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a77676a20134bc2a3f90432e9d208a5894385848986984d291ac06645948b594
a8dcdaa83bb066affc93d362a2c519cddef1aad33dd3d66d6cb96a2e12382602
aa3600912333ad2c839ed5ef793682f16a77c975ab495a41fb9ee38aa267f400
aa9acc781287b05e0830fbadb1d53a91eb27cf10326c7793e4994ea298e36e00
abb08b8e18f80cef1f5b9a361721ad6cb4fae63519b4ebb3a2db6ac9950e6cde
adbe35be777a67cedb5a9b0451d1c1a17ead639de4f7ee4389d67c955e46d475
aec6f1f7b7769e8665706a3008aecb6682afe1f36376fcf88def7284565b5561
af1f05851e0881ed46bf148f956fd434c38e3618c3d45fd11f6a1ede32f4aca8
af791df78fd2cd475195d40957ef17e978cfc8679592ca2c9c4bf4b062f05d6a
afe81d950e8d1ffd662af1a17383b87c48097d66bb682fb55fbf4c5ec7a57da6
b054fd69d7f9b86ff1db7f110b28aee0b17594f9aaac7611dd1e5dc6f8e224cd
b1ec516023c5a45ee2aafb0b5c445dc29945857ba37d960884f50702e46d1315
b31a8e6d859f02f97105202fca369ec75ff6eec0c870100ad509b6e9a7cc3e31
b3687c5c24bf8730ed63babea28b3ac5e2b239f361e3dee2ecb91eb21f497e81
b4f441a8cf6fee144a66e07ce2b716d4f8e9807939570d473ac93033201a72b8
b5d172cc38e4545422f47a24afd5c24652e572f92538fcdf95e5ce1e59a37d40
b5e733d64c971d8b0ad8887cc744ee13ad07d6e8691f034af6f6ef2a36de8561
b676ac07cefa29a597f9ca7b51d23da96126e9f198b113c238283bc8ae9995e6
b6bd70c06f1d6dfdf22abf79c234cb8935ea11f7d37caea159b001850c32af35
b75a698fce24cee6cf9116ba05e8fb28f3f63dc3f2f4d78fdfcbe51f4c1f75be
b7be0dc6d394b25d38f79ca6e7e30cf53097a951dab2de2bfdf01fa1b5e54b16
b8852ef4541cc6b854bca3867294d791a62a7e001d3dd0bda1ef3a1d5bb61583
ba2db60b8c78b249a0ebae4c4cc017c36314bfbec32441d37951279464f2948d
ba383718c65086d3eaf351479a1ecd5c39e2bad739c7168c67042afae147e235
ba9a6c572b26afbc15b528cc9b610b19f51d90f5cbcad9a2522f8e50b8e2b659
baf97e8318cb460d271b802858f5d7aa553a7e4664a53f9a9637565ec0fdeaf6
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5430f63d59d96b02b875aed90b4a8e3f23bae87b2d1ae9d2bae5b3662fcc27
bbe1675c06e0f3d57b2614b2523c7f0818bbd518b4bfd912b363d388e517986d
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
bd1044a25c283ca5ef4d60f1d9de25d87a7521f7c0479c4afe92d8617f3ec1bd
bf1ee50d5562c30a73c6dd05ef24203c1ca32cc9a7fbfb7655a8b390fd988966
bf2ec382ec4d64a132be318e0c96ee0a523e121cf79df0f50c0c884162eef03a
c01ad564024b34264eb92f9be22f365e7e9cbb6bc1a3571be2ce0c563b3762a6
c21cd61b25693f120b2c4399282508c010e77fd7e6401a06c4a6c7acf9de33b7
c2c20710d23b84b023f97288bb61a47b954845155565ef946bdf5800c36b38b6
c39fd1abda454252fb8522e7445ad7dfa59fa64d37d798af34a41b44722ec3ac
c4aa9fb1445f056fb5bbff6fc1afdd2ae7072aac096f228810bd3788abcdc5f7
c572e5d961c940afeaf8796cde171a147c3f411a675c775d03c4769b614cca13
c581514597ce23b826d5c5d8c91b6d281f5545957cefedc1224295c6aca1dcab
c6a806c08ca76099913d58d18d94ddeb614d15134d69fb392ea0529f17ca3964
c81debc4a7e218629c21a929342f5a23e762c6853daa5bd9c84b095033e863ae
c936abcf06efca6af9070a7cb92b1456e03d2272810b1ca852940ac34e13bfc7
c9cd52ffcd5dddb61070cf25292e8812e73c508ee598e778baf4de77945dc8c0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cca4312df263c994d252ea89e55866862d4c5a5e2e6a5d04ee85b5324b979d09
cd13d65660712d9332288e2c7240e5762ef342aa35b3a8167c31c7d84a56eb6b
cf8a65e0d32c60960f5cfeeaf4fe989ad20bc51acc0bc2354067cf72f5d17ce9
d22326d67bf2e8ca0e2b2407ee8b7a30c5e6c83850bba01b662290c5e6865b71
d2845c86a714f33d71194662d110e2be43fccbdc88b765a25f0bdd0b0016e824
d46893944624e38cad56a7d06baeb1f70fe3f4fa698f20ca6eaece97e1979fca
d741959ce98eafc81489d96b17632d2edc6a58d3365da98e614049bc4f41ef10
d7c92a27bb4233643a1a4e702207c7b96e4440822d5324dcd347baaf11865b8a
db348268e58c9d22535f56164228e79696a02da23bfc3d2a8d70c0d3fe59fc97
dcc592a30ea421834289a22ce6c83e82e81cda583a89c129d933aa86613f08c6
dd9ce2d9768fadc5a5f5a520a9c347dc1609e3099ee49199c3e5f94d5dfc33f0
dda7f9ffd1f6a0ae61968200adda1002458550f0fdd92e0ab084ccaa7124289a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedea3aa22a087b3745c9635e7a3d65e772d57ce590b541a6a32069a0b1d60b9
df9111f0e9912ff0bb023b694fa91b9d395b6ad59712689a221f4583a2dd1c8f
e16bb1d8f81a07f1f9d4ebae5991a199b69ca2edf164eaec4882c12629fce852
e29399fc40fb6b528c19a2eb66654a484ec57e7b75d8bcfb2e39a387a2a41923
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e692a6d8a5621ca97dea21285ad381927a32d2931630942ac5c5825bbe4296b9
e69aaf684183f313d3d40b44b0c8118fb9131364d18f50bb0ab9d7ca52e5ce37
e70a13348f56937d666d7f3523c0a7245694248c6a6948d2c4738eb28ee7f2da
e7f806ec3cec60a2efb858f33d7e53f1ec5e48b5b1bb1d3a050c3ef170cd78af
e89bf425c78befc7c3c4d74b8b9e93557d17310bbbbfdee91b01a6f09f7dbbc3
eab0f16a773f174ec6e88d476e2611423ba3fc6f107f74596bec9c3a2e8e5938
ebdea829c1cbb752143dbedeeef7399a77186c1e00a1a1311193709f655faa98
ec2acded891ba36c11c3d002066f4206c03937e22f7b2bcbdd6f2bdced71dcea
ee4ba0ec3d2f264cbb49054ff4e6e56225050852806e407ff8655f8339dbc5ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb50f9b3150d47c57238863a91ceed0b82635c5f3211536ad502f39197aadf3
f206c91da67b83f71f1d6d2e2de1551c3ecfdc0288aaa4826455307000e5dfac
f36192f3148f6ebeab0125d9d019c00551965706279ce835f95a0ce0966a8892
f4082e6956637f6697adaf1d6dd7b8215b40824dc015b4b7309ab1ca5914642b
f427108a3bb3749fe663df4b7ae84de3a12794354a6c3398a26d6d32f652a8db
f58e3cf2dbe97ed96f991dc095331d699b7e8f8b75470aedd7eab5d4c6fa38f6
f6fa40244e4757c7524dd7a6e783e46f6e863d2fbd7d9fa9ad431a766074cce8
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fb66ee70b34d516ba528fb372f53c0e05b1e09e215a755e16ed2947353b42e28
fbf5da438554e2343262f428f24a27243e2209edc9d8a458a731b359529eddc4
fdc9647e7b0e6417f6ab44679e7c95f922371946e04bc477ec21424dd0f761e8