bosch-homecomfort.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-20 · ok HTTP/1.1 200 8120 ms crawled 2026-05-19

DE · 145.253.155.222 · AS3209 Vodafone GmbH

Reputation 100/100

Classifying

HTML metadata

Title: Home | Bosch Home Comfort
Description: We are your partner for pioneering heating, air conditioning and hot water solutions.
Language: en
Canonical: https://www.bosch-homecomfort.com/global/en/

Open Graph

url: https://www.bosch-homecomfort.com/global/en/
title: Home | Bosch Home Comfort
locale: en_GLOBAL
site name: Bosch Home Comfort
description: We are your partner for pioneering heating, air conditioning and hot water solutions.

Technology

Server: Apache

Third-party hosts loaded (1)

dock.ui.bosch.tech×2

Social

Registration

Registrar

CSC Corporate Domains, Inc.

Created

2022-07-06

Expires

2026-07-06 46 days left

Updated

2025-07-02

Name servers

gwa.fe.bosch.de
gwa2.fe.bosch.de

DNS records live

NS

gwa.fe.bosch.de
gwa2.fe.bosch.de
ns1.fe.bosch.de
ns2.fe.bosch.de
ns3.fe.bosch.de
ns4.fe.bosch.de
ns5.fe.bosch.de
ns6.fe.bosch.de

TXT

_dypw82df776a1bn0o4hsy5tows9fhvm
include:4099514.spf01.hubspotemail.net

Verified for

Google

Email authentication no MX

SPF: v=spf1 include:4099514.spf01.hubspotemail.net ip4:145.253.155.128/25 -all
strict (-all)
DMARC: v=DMARC1; p=reject; rua=mailto:dmarc@info.bosch-homecomfort.com;
policy: reject (enforced)
DKIM: no key found at common selectors

Certificate (current)

Corporation Service Company RSA OV SSL CA

from 2026-01-29 to 2027-02-25

Expires in 280 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://www.bosch-homecomfort.com/global/en/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy
cross-origin-opener-policy
cross-origin-embedder-policy

findings

CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src https://*.experimentation.dev *.kameleoon.com *.kameleoon.eu *.kameleoon.io *.thernovotools.com *.thernovotools-preview.com dock.ui.bosch.tech *.hotjar.com wss://*.hotjar.com s096l072-hc-mwf-prd.app.intra bott-fs.nautilus bott-fs.kittelberger.net vc.hotjar.io in.hotjar.com script.hotjar.com *.bosch-thermotechnology.com *.boschtt-documents.com www.bimstore.co.uk *.kittelberger.net *.mycliplister.com *.bosch-homecomfort.com *.bosch-homecomfortgroup.com *.bosch-industrial.com 'self' https: ; media-src blob: data: *.boschtt-documents.com services.kittelberger.net *.mycliplister.com mycliplister.com *.bosch-homecomfort.com *.bosch-homecomfortgroup.com *.bosch-industrial.com 'self' ; font-src bott-fs.nautilus bott-fs.kittelberger.net script.hotjar.com fonts.gstatic.com *.bosch-thermotechnology.com www.bosch-thermotechnology.us www.heizung-steuern.com fonts.gstatic.com *.bosch-homecomfort.com *.bosch-homecomfortgroup.com *.bosch-industrial.com 'self' https: data: ; object-src data
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: unsafe-none