urlscan.io logo urlscan.io
SecurityTrails logo

www.sheba.ch Open in urlscan Pro
2606:4700:4400::6812:2b4a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sheba.ch/
Effective URL: https://www.sheba.ch/de
Submission: On October 11 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 53 HTTP transactions. The main IP is 2606:4700:4400::6812:2b4a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sheba.ch.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 16th 2022. Valid for: a year.
This is the only time www.sheba.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 72.21.43.242 24778 (DATAPIPE-UK)
35 2606:4700:440... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 143.204.215.9 16509 (AMAZON-02)
53 4
1    72.21.43.242 (United States)

ASN24778 (DATAPIPE-UK, GB)
sheba.ch
35    2606:4700:4400::6812:2b4a (United States)

ASN13335 (CLOUDFLARENET, US)
www.sheba.ch
9    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    143.204.215.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-9.fra53.r.cloudfront.net
footer.mars.com
Apex Domain
Subdomains		 Transfer
36 sheba.ch
sheba.ch
www.sheba.ch
2 MB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 668
135 KB
8 mars.com
footer.mars.com — Cisco Umbrella Rank: 571363
52 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
47 KB
53 4
Domain Requested by
35 www.sheba.ch www.sheba.ch
9 cdn.cookielaw.org www.sheba.ch
cdn.cookielaw.org
8 footer.mars.com www.sheba.ch
footer.mars.com
1 www.googletagmanager.com www.sheba.ch
1 sheba.ch 1 redirects
53 5

This site contains links to these domains. Also see Links.

Domain
www.mars.com
www.onetrust.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-16 -
2023-03-15		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
footer.mars.com
Amazon		 2022-03-22 -
2023-04-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.sheba.ch/de
Frame ID: 6A508651E4146ECB500F015FC9080F96
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SHEBA® CHBack ButtonFilter Button

Page URL History Show full URLs

  1. http://sheba.ch/ HTTP 302
    https://www.sheba.ch/de Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

53
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

2551 kB
Transfer

3583 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sheba.ch/ HTTP 302
    https://www.sheba.ch/de Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request de
www.sheba.ch/
Redirect Chain
  • http://sheba.ch/
  • https://www.sheba.ch/de
261 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0e32e074c1d2a564558bb1565d2fd95288d4bf47322bf410ca6500bbfa130a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
private
cf-cache-status
MISS
cf-ray
75864fd72a83920e-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 08:44:05 GMT
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
last-modified
Tue, 11 Oct 2022 08:44:05 GMT
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-aspnetmvc-version
4.0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Content-Length
140
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Oct 2022 08:43:45 GMT
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Location
https://www.sheba.ch/de
Referrer-Policy
strict-origin
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
8215
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Mon, 10 Oct 2022 15:42:44 GMT
server
cloudflare
etag
0x8DAAAD612F0B5E2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6074ff15-f01e-0084-34e0-dc8ece000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fd90ed7694c-FRA
gtm.js
www.googletagmanager.com/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KWMFPB5
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3e70174d5e7b8ef084dac1dc88467fc276febd688d073b44b24efaf48b9cc0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48088
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 11 Oct 2022 08:44:05 GMT
logo.png
www.sheba.ch/Content/img/public/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/logo.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75492a11383f437de118c8cae24c01bc457a86876811371b22b8e7405a6b44c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
6698
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:38 GMT
server
cloudflare
etag
"9f5829be602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94db2920e-FRA
search-icon.png
www.sheba.ch/Content/img/public/ 		539 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/search-icon.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697ab1a8d2a3737df5aeec03733a994105c17e1a14c6b1b0c17b508886dc2faa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
539
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:40 GMT
server
cloudflare
etag
"2e91ebf602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94db4920e-FRA
slider-bottoms.png
www.sheba.ch/Content/img/slider/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/slider/slider-bottoms.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1b09f03cec7e16f5cf719d983fb19aa03208d6728db1cb93c5039ea8002f5e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
4516
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:50 GMT
server
cloudflare
etag
"de636fc5602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94db8920e-FRA
teaser1-xs.png
www.sheba.ch/Content/img/home/ 		209 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/teaser1-xs.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2a36f0a0baf8ec969e4d8d30fb2840bf17d1ec4440d904c48bf5f61a7d8a44
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
213733
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Dec 2020 11:40:21 GMT
server
cloudflare
etag
"fe856f6520d9d61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94db9920e-FRA
teaser1.png
www.sheba.ch/Content/img/home/ 		403 KB
403 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/teaser1.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c98e83eec7c5b32d15b0d2d1c89c3b89300326c27a924788a7a70d94487a7048
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
412325
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Dec 2020 11:40:21 GMT
server
cloudflare
etag
"16c36e6520d9d61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94dba920e-FRA
footer-top1.jpg
www.sheba.ch/Content/img/home/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/footer-top1.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91c03e4e7613f02fc1ae3032e6dc5146673e097c7260a370cc44a5fc6fddaa8d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
68762
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 19 Nov 2020 13:08:17 GMT
server
cloudflare
etag
"bbd4bdb75bed61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94dbd920e-FRA
footer-top2-2.jpg
www.sheba.ch/Content/img/home/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/footer-top2-2.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6557bcb2cf4de456dd7bfabf238d465d02f55ea1e7fe9ddb49f694c408ee6479
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
75382
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 20 Nov 2020 10:50:58 GMT
server
cloudflare
etag
"51e35672bbfd61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94dbe920e-FRA
footer-top3.jpg
www.sheba.ch/Content/img/home/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/footer-top3.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10da8db1c33af55c5dc65900d437c02c8439143059c1eefcfe6103b36f0b8316
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
51396
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Dec 2020 11:40:07 GMT
server
cloudflare
etag
"ef8ced5c20d9d61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94dc1920e-FRA
footer.js.aspx
footer.mars.com/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ddb03cabf901ae78f6c6f39fedbc0c7a4df1b758a5b50cbd0b4654f2f5bfd9c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA53-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
Microsoft-IIS/10.0
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
d-jcOisWrv5s7eODLlzqt2Lmpwa-Bx4BJzlKvRtAwVvp36Bu-R61ww==
8839edd0-4add-4041-bd04-6b5739f9e425.json
cdn.cookielaw.org/consent/8839edd0-4add-4041-bd04-6b5739f9e425/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8839edd0-4add-4041-bd04-6b5739f9e425/8839edd0-4add-4041-bd04-6b5739f9e425.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
359ecb77ba68488867b8c81498952d6603525873588798f38ab790eacc153306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
EwwMx26kwpAE1GLvuCiGEQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1417
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 12:29:08 GMT
server
cloudflare
etag
0x8DAA083DFFA8B12
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5b32ad5a-101e-016f-4572-d23667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fd979ff9b2e-FRA
expires
Tue, 11 Oct 2022 12:44:06 GMT
s10.jpg
www.sheba.ch/content/img/slider/ 		496 KB
497 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/content/img/slider/s10.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f7364848ee3ccac172019fcc7d94042e85d8a87b228b7f5983c35d5cd2781d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
508193
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 27 Nov 2020 09:01:13 GMT
server
cloudflare
etag
"1ced40db9bc4d61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd94dc6920e-FRA
button-arrow-light.png
www.sheba.ch/Content/img/public/ 		595 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/button-arrow-light.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de07158c71b63684664b8d57d5c27bd91c8601db393458b402fe1846257698c8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
595
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:36 GMT
server
cloudflare
etag
"3665f3bc602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96df4920e-FRA
gotham-light.woff
www.sheba.ch/Content/fonts/gotham-light/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/Content/fonts/gotham-light/gotham-light.woff
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a517dca6338ba59f0653b8a66daa3c36fa492c7c32d2d496c996da5716f1c724
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sheba.ch/de
Origin
https://www.sheba.ch
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-encoding
gzip
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:16:15 GMT
server
cloudflare
etag
W/"b9cf88c602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/font-woff
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
cf-ray
75864fd94dd2920e-FRA
s9.jpg
www.sheba.ch/content/img/slider/ 		470 KB
471 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/content/img/slider/s9.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279ede32d4f78fa23222d5131533393580eedee89c184c6c960fd4e5cadb4947
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
481442
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Fri, 20 Nov 2020 09:11:22 GMT
server
cloudflare
etag
"8d6f6d1d1dbfd61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96df5920e-FRA
s3.jpg
www.sheba.ch/content/img/slider/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/content/img/slider/s3.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e1d4716c721352d651808e7f89843a4b5828bb88cefe359bf341d6f777e2f7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
50743
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:46 GMT
server
cloudflare
etag
"3733f5c2602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96df7920e-FRA
button-arrow-dark.png
www.sheba.ch/Content/img/public/ 		593 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/button-arrow-dark.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98ed4aefac336f8dcb503ada54c677d39ae457e68b0c38e4d0e96c867cfe1673
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
593
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:36 GMT
server
cloudflare
etag
"fc67b5bc602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96df9920e-FRA
s1.jpg
www.sheba.ch/content/img/slider/ 		174 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/content/img/slider/s1.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
338d11892dd68d3372a1660bda0cb5db4742a35c117db1b62ffb17ffd480b13b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
178488
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 23 Dec 2020 11:41:47 GMT
server
cloudflare
etag
"7f5a449820d9d61:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96dfc920e-FRA
slider-next-light.png
www.sheba.ch/Content/img/public/ 		437 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/slider-next-light.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90a4155ec40cceb2c35b3052c46c4480bd4a75ff287b507bca28c72c7c93b38
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
437
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:40 GMT
server
cloudflare
etag
"948098bf602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96dff920e-FRA
slider-prev-light.png
www.sheba.ch/Content/img/public/ 		417 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/slider-prev-light.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb94cd087934acb2b2667b4a6e5d75d3d6661a1caf2716082f50113fd7c29c3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
417
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:42 GMT
server
cloudflare
etag
"547771c0602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fd96e01920e-FRA
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202209.1.0/ 		376 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
229oLfugqvtMNLM3e0uPaA==
age
7977
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91423
x-ms-lease-status
unlocked
last-modified
Mon, 10 Oct 2022 15:42:49 GMT
server
cloudflare
etag
0x8DAAAD6162D8D28
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7368b9c6-e01e-0135-1ed8-dc30e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fd9e869694c-FRA
de.json
cdn.cookielaw.org/consent/8839edd0-4add-4041-bd04-6b5739f9e425/60da7f3b-2251-4fcd-af72-c355a0464930/ 		39 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8839edd0-4add-4041-bd04-6b5739f9e425/60da7f3b-2251-4fcd-af72-c355a0464930/de.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3929bfadaf5dd76a035738bcf65d7ce626c36f667d9e2e5c956ea7ef566b241e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-md5
9Qcl/uq4yebexS/bKM+Odw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
10180
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 12:29:06 GMT
server
cloudflare
etag
0x8DAA083DEED8627
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f121fb10-e01e-0057-7b57-d9316b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fda4bbb9b2e-FRA
expires
Tue, 11 Oct 2022 12:44:06 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wG3T8rT9wA5w2UbDdvkxcQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:21 GMT
server
cloudflare
etag
0x8DAAB42258FDE79
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
112127ac-901e-001c-7d4c-dd00f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fdabcd49b2e-FRA
otPcTab.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/ 		63 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
MrbBPvSp/nr/pc7Rs9pb+g==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14053
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:23 GMT
server
cloudflare
etag
0x8DAAB42272E5DAC
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8fd2baa7-b01e-004f-2e4c-dd1cfe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fdabcd99b2e-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/ 		22 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
713a1c70-e01e-0031-544c-dd8331000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75864fdabcdb9b2e-FRA
mars-icon-font.css
footer.mars.com/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/css/mars-icon-font.css?2014-03-06
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8199e3a93dddeb4fe6f747d933b868e22a647f9f4f59858fbf5839c3d4277f5a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Mon, 10 Oct 2022 22:19:31 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
37629
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
NA_S9xQ3WEP3M2_Ps5NkxSjL7bT6iXZkNm8i2rek-3er8rwten-kSg==
footer.css
footer.mars.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/css/footer.css?2013-11-06
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0019b50562df8885a26da3f616ebc64ad41ac28cedcb14dc2415b3a0ad967c65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
date
Tue, 11 Oct 2022 08:09:22 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2212
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
YDv9MhaOp3cCQ_n9bC8of0-885fFn3MQMt0AcuJ4bTB2cuvZfwIqzg==
custom.css
footer.mars.com/footers/sheba-ch-German/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/footers/sheba-ch-German/custom.css?2013-09-09
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16971e15fa433388fe0b41a0c527c43a15b26c9ca751610f2e69f435dc115bb1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 04:32:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
15121
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 17 Jan 2022 06:37:08 GMT
server
Microsoft-IIS/10.0
etag
W/"51616da66cbd81:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
OitX2RyopiOjNd0JwjaNuL6Jn5m5CFZB5ubdRlIRaYOTPh22HvZdpw==
jquery.1.7.1.noconflict.min.js
footer.mars.com/js/ 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/js/jquery.1.7.1.noconflict.min.js
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c3344d08360eecb90c446792ed9a0d3cf4567f35bd86e3fe619b0b89991675b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Tue, 11 Oct 2022 06:27:37 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
8193
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
DuhVxB2Z3Hs3vHBbLDAiBbc-d-E8tSYm0IKeYVNOUW-HGLkyZFOMGA==
jquery-1.12.4.min.js
www.sheba.ch/content/js/jquery/ 		95 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/jquery/jquery-1.12.4.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
43298
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:57 GMT
server
cloudflare
etag
"763e96c9602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfd3920e-FRA
jquery-ui.min.js
www.sheba.ch/content/js/jquery/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/jquery/jquery-ui.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da19d37efb2e38da0bb311c4a15e839f3bc7bd4b383f97f23612208edec07b2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
33077
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:57 GMT
server
cloudflare
etag
"248a0c9602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfd6920e-FRA
jquery.mousewheel.min.js
www.sheba.ch/content/js/jquery/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/jquery/jquery.mousewheel.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
1544
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:58 GMT
server
cloudflare
etag
"f16723ca602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfd8920e-FRA
jquery.easing.1.3.min.js
www.sheba.ch/content/js/jquery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/jquery/jquery.easing.1.3.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9b23eb0bbce3af05965afc5607aa2e3526e373d4b220d7d80ae787dc3b3ea3d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
1056
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:58 GMT
server
cloudflare
etag
"4ede19ca602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfda920e-FRA
swiper.jquery.min.js
www.sheba.ch/content/js/swiper/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/swiper/swiper.jquery.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c00bb48a08def03cff2ae8dda410b182f059d4b9d7d81b0e53ab2fec81cb4cce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
22629
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:18:05 GMT
server
cloudflare
etag
"77d53ece602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfdc920e-FRA
jquery.mCustomScrollbar.min.js
www.sheba.ch/content/js/scroll/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/scroll/jquery.mCustomScrollbar.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f0f092cf8da42f7b51abca8c3dee8a5ccaa1be2cff15ae2cafc161b23f6f93
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
14460
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:18:03 GMT
server
cloudflare
etag
"705129cd602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfde920e-FRA
jquery.bpopup.min.js
www.sheba.ch/content/js/modal/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/modal/jquery.bpopup.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba7482c60670d6dd0524299ac1e89150a1fa3e4e09b19b6eaafaf1ce14779a4e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
2457
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:59 GMT
server
cloudflare
etag
"c89bb9ca602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfdf920e-FRA
main.js
www.sheba.ch/content/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/main.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
019266b96902da9c3a52f2c807d1ef596efe5ca220855f8340c163b7e7c41bd8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
3979
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:14:19 GMT
server
cloudflare
etag
"421a7247602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfe1920e-FRA
CSSPlugin.min.js
www.sheba.ch/content/js/greensock/ 		33 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/greensock/CSSPlugin.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fc22c068c621e3832da6ec920271fbe56dfa533d5ee93a9e820adf06c48893
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
16525
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:55 GMT
server
cloudflare
etag
"f87b71c8602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfe3920e-FRA
EasePack.min.js
www.sheba.ch/content/js/greensock/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/greensock/EasePack.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
2406
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:55 GMT
server
cloudflare
etag
"97677dc8602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfe5920e-FRA
TimelineMax.min.js
www.sheba.ch/content/js/greensock/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/greensock/TimelineMax.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986050fca58bd6baffa2c57e1b7329f212851553ffc78cb4dc1dc96962fbe49c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
6933
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:56 GMT
server
cloudflare
etag
"9051a8c8602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfe7920e-FRA
TweenMax.min.js
www.sheba.ch/content/js/greensock/ 		96 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/greensock/TweenMax.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
42322
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:56 GMT
server
cloudflare
etag
"263dd3c8602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfea920e-FRA
jquery.scrollmagic.min.js
www.sheba.ch/content/js/scrollmagic/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/scrollmagic/jquery.scrollmagic.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d14b6e3da4281a6d4a5ff5516bc6545ee6226f843e3dcc371f403d20f858566
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
5792
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:18:04 GMT
server
cloudflare
etag
"7a58ccd602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfeb920e-FRA
home.min.js
www.sheba.ch/content/js/pages/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sheba.ch/content/js/pages/home.min.js
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af610faec099dcfd94afa71f1d948ff44df498d58a6487ca45eb1d94f431d6ca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-length
920
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:18:00 GMT
server
cloudflare
etag
"669473cb602bd51:0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdacfec920e-FRA
jquery.sticky.js
footer.mars.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/js/jquery.sticky.js?2013-09-19
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
edb4ffbe5a9644640f5210f789669e88af5083c8ada1871945121d5d323a442a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
date
Tue, 11 Oct 2022 01:33:34 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
86238
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
MN6iru-GNGuhO_ppMa4BM8VTxTfFiddHHKGc8b3O2O_Ux6iLjsof3w==
mars-icon-font.woff
footer.mars.com/font/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/font/mars-icon-font.woff?2014-03-06
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/css/mars-icon-font.css?2014-03-06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c501837128674453eab8e11fd54c4442c9b4ae2b382d1686eab068b8ab8906ce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://footer.mars.com/
Origin
https://www.sheba.ch
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
date
Tue, 11 Oct 2022 04:02:18 GMT
x-amz-cf-pop
FRA53-C1
age
16908
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-length
4828
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/x-woff
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
w8NYFNaY2xYIS4OWsdE0p_HNDByJJzj4wUr-Et5sjSLO5EwNCL5uKw==
custom.js
footer.mars.com/footers/sheba-ch-German/ 		114 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://footer.mars.com/footers/sheba-ch-German/custom.js
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-ch-German
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-9.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f3fcc7df954e554074f9cdfeb28035f2d7c68835261275cee851c464e518deb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 04:32:05 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
15121
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-length
114
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 17 Jan 2022 06:37:08 GMT
server
Microsoft-IIS/10.0
etag
"bb5373a66cbd81:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
0D5V9pKK2n7SIXbeWllwPE1N4vBto5fQR8jizIYgIXwnU-_HVSHvSg==
cookieBg.png
www.sheba.ch/Content/img/public/ 		944 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/public/cookieBg.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd9fe0d2e57bdbc20b5c0a364e0aa022a57235a3ec02fa2b9e924142d77849b0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
944
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:17:37 GMT
server
cloudflare
etag
"cbe6b6bd602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdb88fc920e-FRA
newmarslogo.png
cdn.cookielaw.org/logos/5f2759ff-9efe-412c-a3be-f13092d2c945/6568597a-7234-4635-806f-7b4fe7918543/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/5f2759ff-9efe-412c-a3be-f13092d2c945/6568597a-7234-4635-806f-7b4fe7918543/newmarslogo.png
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efef6635c70c2615ee5c63b74de64a7152f376e033d5602673dee71adc693563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
q512oTsGJdDIuxy3Q8dkkw==
age
916
content-length
2518
x-ms-lease-status
unlocked
last-modified
Thu, 12 Mar 2020 19:35:51 GMT
server
cloudflare
etag
0x8D7C6BC92845CEF
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
aa8989ca-501e-0067-6ec1-116b41000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75864fdbcb83694c-FRA
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
4979
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
c1eccb49-601e-0149-4741-ddadd3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75864fdbcb84694c-FRA
product-2.jpg
www.sheba.ch/Content/img/home/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/product-2.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea2c19705a900b131babe20f4f5ca4d88a2eb3ff483d4c0108d05e30dc306470
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
22650
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:16:25 GMT
server
cloudflare
etag
"33438092602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdcfb53920e-FRA
product-3.jpg
www.sheba.ch/Content/img/home/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sheba.ch/Content/img/home/product-3.jpg
Requested by
Host: www.sheba.ch
URL: https://www.sheba.ch/de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1933025d6bc8b0af326c3109fbce681b6e634abcfd4e70165ba9413d6801f3c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.sheba.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 08:44:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
cf-cache-status
MISS
content-length
22179
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Tue, 25 Jun 2019 14:16:26 GMT
server
cloudflare
etag
"4664393602bd51:0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=604800
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
accept-ranges
bytes
cf-ray
75864fdcfb56920e-FRA

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| OneTrustStub function| OptanonWrapper object| CurrentSite object| google_tag_manager string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| Optanon object| OneTrust object| scriptList object| cookiesList function| $ function| jQuery function| marsFooterJQuery function| Swiper boolean| mCustomScrollbar object| jQuery112401759496814187136 number| resState function| debouncer function| res_state function| showLoading function| hideLoader function| lang function| changeBG function| changeImg function| mobileCheck function| countryPopup function| searchPopup function| scrollerTop function| headerScroller function| mobileMenu function| mobileSearch function| mobileCountry object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| TimelineLite function| TimelineMax function| TweenMax function| BezierPlugin function| ScrollMagic function| ScrollScene boolean| mobile

3 Cookies

Domain/Path Name / Value
.sheba.ch/ Name: __cf_bm
Value: Zq.5osERbC8ltIaKk9q7bh5nVKSQLlfV7W5VGTxdmX0-1665477845-0-Ab1XpBwKbBFaTt2k0zNgkSEmAD4qv+GzUzJ1HefCe12HZ1im5RrMUqDQ2XEtnUkYySAe++YEwMVVB9JxR8MccoE=
footer.mars.com/ Name: AWSALBCORS
Value: WJxLwdfzXfv0YMWy+NDwRKJOrFwl3feFWV3WFzI1WJOESPM/O2VlTiuIMk30wdzewA1YKFJEkhyKmKQn/q9bWI5x12yaa3NXBrnCP+UwIvOQBWHMScaF6u2a7Fb8
.sheba.ch/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Oct+11+2022+08%3A44%3A06+GMT%2B0000+(GMT)&version=202209.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.sheba.ch%2Fde&groups=1%3A1%2C2%3A0%2C4%3A0

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
footer.mars.com
sheba.ch
www.googletagmanager.com
www.sheba.ch
143.204.215.9
2606:4700:4400::6812:2b4a
2606:4700::6810:9540
2a00:1450:4001:82b::2008
72.21.43.242
0019b50562df8885a26da3f616ebc64ad41ac28cedcb14dc2415b3a0ad967c65
019266b96902da9c3a52f2c807d1ef596efe5ca220855f8340c163b7e7c41bd8
04f7364848ee3ccac172019fcc7d94042e85d8a87b228b7f5983c35d5cd2781d
10da8db1c33af55c5dc65900d437c02c8439143059c1eefcfe6103b36f0b8316
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
16971e15fa433388fe0b41a0c527c43a15b26c9ca751610f2e69f435dc115bb1
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
279ede32d4f78fa23222d5131533393580eedee89c184c6c960fd4e5cadb4947
338d11892dd68d3372a1660bda0cb5db4742a35c117db1b62ffb17ffd480b13b
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
359ecb77ba68488867b8c81498952d6603525873588798f38ab790eacc153306
3929bfadaf5dd76a035738bcf65d7ce626c36f667d9e2e5c956ea7ef566b241e
3c3344d08360eecb90c446792ed9a0d3cf4567f35bd86e3fe619b0b89991675b
3d14b6e3da4281a6d4a5ff5516bc6545ee6226f843e3dcc371f403d20f858566
3d2a36f0a0baf8ec969e4d8d30fb2840bf17d1ec4440d904c48bf5f61a7d8a44
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
6557bcb2cf4de456dd7bfabf238d465d02f55ea1e7fe9ddb49f694c408ee6479
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
697ab1a8d2a3737df5aeec03733a994105c17e1a14c6b1b0c17b508886dc2faa
6da19d37efb2e38da0bb311c4a15e839f3bc7bd4b383f97f23612208edec07b2
75492a11383f437de118c8cae24c01bc457a86876811371b22b8e7405a6b44c1
7f3fcc7df954e554074f9cdfeb28035f2d7c68835261275cee851c464e518deb
8199e3a93dddeb4fe6f747d933b868e22a647f9f4f59858fbf5839c3d4277f5a
81e1d4716c721352d651808e7f89843a4b5828bb88cefe359bf341d6f777e2f7
91c03e4e7613f02fc1ae3032e6dc5146673e097c7260a370cc44a5fc6fddaa8d
986050fca58bd6baffa2c57e1b7329f212851553ffc78cb4dc1dc96962fbe49c
98ed4aefac336f8dcb503ada54c677d39ae457e68b0c38e4d0e96c867cfe1673
a517dca6338ba59f0653b8a66daa3c36fa492c7c32d2d496c996da5716f1c724
a9b23eb0bbce3af05965afc5607aa2e3526e373d4b220d7d80ae787dc3b3ea3d
aa1b09f03cec7e16f5cf719d983fb19aa03208d6728db1cb93c5039ea8002f5e
af610faec099dcfd94afa71f1d948ff44df498d58a6487ca45eb1d94f431d6ca
b90a4155ec40cceb2c35b3052c46c4480bd4a75ff287b507bca28c72c7c93b38
ba7482c60670d6dd0524299ac1e89150a1fa3e4e09b19b6eaafaf1ce14779a4e
bb94cd087934acb2b2667b4a6e5d75d3d6661a1caf2716082f50113fd7c29c3b
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c00bb48a08def03cff2ae8dda410b182f059d4b9d7d81b0e53ab2fec81cb4cce
c1933025d6bc8b0af326c3109fbce681b6e634abcfd4e70165ba9413d6801f3c
c1fc22c068c621e3832da6ec920271fbe56dfa533d5ee93a9e820adf06c48893
c501837128674453eab8e11fd54c4442c9b4ae2b382d1686eab068b8ab8906ce
c98e83eec7c5b32d15b0d2d1c89c3b89300326c27a924788a7a70d94487a7048
dd0e32e074c1d2a564558bb1565d2fd95288d4bf47322bf410ca6500bbfa130a
dd9fe0d2e57bdbc20b5c0a364e0aa022a57235a3ec02fa2b9e924142d77849b0
ddb03cabf901ae78f6c6f39fedbc0c7a4df1b758a5b50cbd0b4654f2f5bfd9c1
de07158c71b63684664b8d57d5c27bd91c8601db393458b402fe1846257698c8
e3e70174d5e7b8ef084dac1dc88467fc276febd688d073b44b24efaf48b9cc0b
ea2c19705a900b131babe20f4f5ca4d88a2eb3ff483d4c0108d05e30dc306470
edb4ffbe5a9644640f5210f789669e88af5083c8ada1871945121d5d323a442a
efef6635c70c2615ee5c63b74de64a7152f376e033d5602673dee71adc693563
f8f0f092cf8da42f7b51abca8c3dee8a5ccaa1be2cff15ae2cafc161b23f6f93
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4