Submitted URL: http://sheba.at/
Effective URL: https://www.sheba.at/
Submission: On October 20 via api from IE — Scanned from GB

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 52 HTTP transactions. The main IP is 77.246.37.197, located in Billingshurst, United Kingdom and belongs to DATAPIPE-UK, GB. The main domain is www.sheba.at.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 2nd 2021. Valid for: a year.
This is the only time www.sheba.at was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 36 77.246.37.197 24778 (DATAPIPE-UK)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 143.204.215.27 16509 (AMAZON-02)
52 5
Apex Domain
Subdomains
Transfer
36 sheba.at
sheba.at
www.sheba.at
1 MB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 413
136 KB
8 mars.com
footer.mars.com — Cisco Umbrella Rank: 384954
52 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
46 KB
52 4
Domain Requested by
35 www.sheba.at 1 redirects www.sheba.at
9 cdn.cookielaw.org www.sheba.at
cdn.cookielaw.org
8 footer.mars.com www.sheba.at
footer.mars.com
1 www.googletagmanager.com www.sheba.at
1 sheba.at 1 redirects
52 5

This site contains links to these domains. Also see Links.

Domain
www.mars.com
www.onetrust.com
Subject Issuer Validity Valid
whiskas.mx
DigiCert TLS RSA SHA256 2020 CA1
2021-12-02 -
2022-12-01
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2022-05-01 -
2023-05-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
footer.mars.com
Amazon
2022-03-22 -
2023-04-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.sheba.at/
Frame ID: C4500E821D43FA5412E3209888FB44B8
Requests: 53 HTTP requests in this frame

Screenshot

Page Title

Sheba® – Luxus für den KatzengaumenBack ButtonFilter Button

Page URL History Show full URLs

  1. http://sheba.at/ HTTP 301
    http://www.sheba.at/ HTTP 301
    https://www.sheba.at/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

52
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1367 kB
Transfer

2454 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sheba.at/ HTTP 301
    http://www.sheba.at/ HTTP 301
    https://www.sheba.at/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.sheba.at/
Redirect Chain
  • http://sheba.at/
  • http://www.sheba.at/
  • https://www.sheba.at/
330 KB
69 KB
Document
General
Full URL
https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
3c9c468701170884c9804674874ca93e3354363cc5251b088355dfaee3272594
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Content-Type
text/html; charset=utf-8
Date
Thu, 20 Oct 2022 04:45:26 GMT
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Referrer-Policy
strict-origin
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-AspNetMvc-Version
4.0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:26 GMT
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Location
https://www.sheba.at
Referrer-Policy
strict-origin
Server
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
e0VkrpV+7zqDAjQ/RMXPsw==
age
7446
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
7151
x-ms-lease-status
unlocked
last-modified
Wed, 19 Oct 2022 02:03:51 GMT
server
cloudflare
etag
0x8DAB1762B54A09D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6c5ce0c1-201e-0005-7b6c-e32c99000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab1ff6ddc4d-LHR
gtm.js
www.googletagmanager.com/
117 KB
46 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5DR726J
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
beceb87f13226f8d58b1c13ee7dd1d54c6c6574a127f84e422e4eb7a5dc55402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46308
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 04:45:29 GMT
logo.png
www.sheba.at/Content/img/public/
7 KB
7 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/logo.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
75492a11383f437de118c8cae24c01bc457a86876811371b22b8e7405a6b44c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
6698
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:03:51 GMT
Server
ETag
"ebee96247975d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
search-icon.png
www.sheba.at/Content/img/public/
539 B
1 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/search-icon.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
697ab1a8d2a3737df5aeec03733a994105c17e1a14c6b1b0c17b508886dc2faa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
539
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:03:56 GMT
Server
ETag
"78bca9277975d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
399c88eb-6d8e-4fae-b0b8-4cd976a2dd76.json
cdn.cookielaw.org/consent/399c88eb-6d8e-4fae-b0b8-4cd976a2dd76/
3 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/399c88eb-6d8e-4fae-b0b8-4cd976a2dd76/399c88eb-6d8e-4fae-b0b8-4cd976a2dd76.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d023a9913eed2a862c27bb64a6c9628cd21a05f6144de602ebac2e6163596469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
WeAL4h6bN3a3HO8oXwe3rw==
age
179
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1415
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 12:26:29 GMT
server
cloudflare
etag
0x8DAA0838143459B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7ebf9793-501e-010e-0adb-e372b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab29dcb75a1-LHR
expires
Thu, 20 Oct 2022 08:45:29 GMT
gotham-light.woff
www.sheba.at/Content/fonts/gotham-light/
20 KB
21 KB
Font
General
Full URL
https://www.sheba.at/Content/fonts/gotham-light/gotham-light.woff
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
a517dca6338ba59f0653b8a66daa3c36fa492c7c32d2d496c996da5716f1c724
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sheba.at/
Origin
https://www.sheba.at
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
20520
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:01:30 GMT
Server
ETag
"6711f9d07875d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
fontawesome-webfont.woff2
www.sheba.at/Content/fonts/font-awesome/
70 KB
71 KB
Font
General
Full URL
https://www.sheba.at/Content/fonts/font-awesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sheba.at/
Origin
https://www.sheba.at
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
71896
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:01:17 GMT
Server
ETag
"9e8c15c97875d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
jquery-1.12.4.min.js
www.sheba.at/content/js/jquery/
95 KB
34 KB
Script
General
Full URL
https://www.sheba.at/content/js/jquery/jquery-1.12.4.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
33835
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:33 GMT
Server
ETag
"806793d7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
jquery-ui.min.js
www.sheba.at/content/js/jquery/
84 KB
26 KB
Script
General
Full URL
https://www.sheba.at/content/js/jquery/jquery-ui.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
6da19d37efb2e38da0bb311c4a15e839f3bc7bd4b383f97f23612208edec07b2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
25504
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:34 GMT
Server
ETag
"09d113e7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
jquery.mousewheel.min.js
www.sheba.at/content/js/jquery/
3 KB
2 KB
Script
General
Full URL
https://www.sheba.at/content/js/jquery/jquery.mousewheel.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
1256
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:36 GMT
Server
ETag
"0ca423f7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
jquery.easing.1.3.min.js
www.sheba.at/content/js/jquery/
3 KB
2 KB
Script
General
Full URL
https://www.sheba.at/content/js/jquery/jquery.easing.1.3.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
a9b23eb0bbce3af05965afc5607aa2e3526e373d4b220d7d80ae787dc3b3ea3d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
792
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:35 GMT
Server
ETag
"8033aa3e7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
swiper.jquery.min.js
www.sheba.at/content/js/swiper/
67 KB
18 KB
Script
General
Full URL
https://www.sheba.at/content/js/swiper/swiper.jquery.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
c00bb48a08def03cff2ae8dda410b182f059d4b9d7d81b0e53ab2fec81cb4cce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
17123
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:59 GMT
Server
ETag
"804ff84c7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
jquery.mCustomScrollbar.min.js
www.sheba.at/content/js/scroll/
37 KB
12 KB
Script
General
Full URL
https://www.sheba.at/content/js/scroll/jquery.mCustomScrollbar.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
f8f0f092cf8da42f7b51abca8c3dee8a5ccaa1be2cff15ae2cafc161b23f6f93
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
11336
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:54 GMT
Server
ETag
"05ffd497975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
blazy.min.js
www.sheba.at/Content/js/blazy/
5 KB
3 KB
Script
General
Full URL
https://www.sheba.at/Content/js/blazy/blazy.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
2010
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 01 Oct 2018 08:27:45 GMT
Server
ETag
"8056cba06059d41:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
gaEventTracker.js
www.sheba.at/content/js/gdpr/
505 B
1 KB
Script
General
Full URL
https://www.sheba.at/content/js/gdpr/gaEventTracker.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
04f6b213a88094a6b39756fba58c7cc65dbe4dacdf1f8cc319b1a0ecf0288c5f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
401
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 24 May 2019 09:11:56 GMT
Server
ETag
"3a48cbc1012d51:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
main.js
www.sheba.at/content/js/
10 KB
5 KB
Script
General
Full URL
https://www.sheba.at/content/js/main.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
9ced8456c1f15a3d1e153bef79681c6bb7e5331492f7d76c1d0e6358ff25a8b7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
4445
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 19 Feb 2021 07:33:59 GMT
Server
ETag
"fc43b496916d71:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
CSSPlugin.min.js
www.sheba.at/content/js/greensock/
33 KB
17 KB
Script
General
Full URL
https://www.sheba.at/content/js/greensock/CSSPlugin.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
c1fc22c068c621e3832da6ec920271fbe56dfa533d5ee93a9e820adf06c48893
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
16525
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:28 GMT
Server
ETag
"9c3ca73a7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
EasePack.min.js
www.sheba.at/content/js/greensock/
5 KB
3 KB
Script
General
Full URL
https://www.sheba.at/content/js/greensock/EasePack.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
2406
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:29 GMT
Server
ETag
"6883313b7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
TimelineMax.min.js
www.sheba.at/content/js/greensock/
17 KB
8 KB
Script
General
Full URL
https://www.sheba.at/content/js/greensock/TimelineMax.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
986050fca58bd6baffa2c57e1b7329f212851553ffc78cb4dc1dc96962fbe49c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
6933
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:30 GMT
Server
ETag
"6e91c03b7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
TweenMax.min.js
www.sheba.at/content/js/greensock/
96 KB
42 KB
Script
General
Full URL
https://www.sheba.at/content/js/greensock/TweenMax.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
42322
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:31 GMT
Server
ETag
"7c17653c7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
jquery.scrollmagic.min.js
www.sheba.at/content/js/scrollmagic/
14 KB
7 KB
Script
General
Full URL
https://www.sheba.at/content/js/scrollmagic/jquery.scrollmagic.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
3d14b6e3da4281a6d4a5ff5516bc6545ee6226f843e3dcc371f403d20f858566
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
5792
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:04:56 GMT
Server
ETag
"2bba824b7975d21:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
home.min.js
www.sheba.at/content/js/pages/
2 KB
2 KB
Script
General
Full URL
https://www.sheba.at/content/js/pages/home.min.js
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
df52324fd4d633c39332a19eb444cb0b6b309c4b1edaa58263ece94cc0621e69
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
983
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Wed, 18 Mar 2020 15:42:47 GMT
Server
ETag
"1918bfdf3bfdd51:0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
button-arrow-light.png
www.sheba.at/Content/img/public/
595 B
1 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/button-arrow-light.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
de07158c71b63684664b8d57d5c27bd91c8601db393458b402fe1846257698c8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
595
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Wed, 12 Oct 2016 13:44:06 GMT
Server
ETag
"63b268b38e24d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
slider-next-light.png
www.sheba.at/Content/img/public/
437 B
1 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/slider-next-light.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
b90a4155ec40cceb2c35b3052c46c4480bd4a75ff287b507bca28c72c7c93b38
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
437
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Wed, 12 Oct 2016 13:44:29 GMT
Server
ETag
"ac2136c18e24d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
slider-prev-light.png
www.sheba.at/Content/img/public/
417 B
1 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/slider-prev-light.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
bb94cd087934acb2b2667b4a6e5d75d3d6661a1caf2716082f50113fd7c29c3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
417
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Wed, 12 Oct 2016 13:44:39 GMT
Server
ETag
"32cf30c78e24d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
video-bg.jpg
www.sheba.at/Content/img/home/
161 KB
162 KB
Image
General
Full URL
https://www.sheba.at/Content/img/home/video-bg.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
2fe6a04679dc9b1057ad3de9355cf13c5e2b6bf1437c57252b49888dfa0acd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
164706
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Wed, 12 Oct 2016 13:40:31 GMT
Server
ETag
"18357d338e24d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
button-arrow-dark.png
www.sheba.at/Content/img/public/
593 B
1 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/button-arrow-dark.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
98ed4aefac336f8dcb503ada54c677d39ae457e68b0c38e4d0e96c867cfe1673
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
593
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Wed, 12 Oct 2016 13:44:04 GMT
Server
ETag
"76c41b28e24d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
neues-von-sheba.jpg
www.sheba.at/Content/img/home/
134 KB
135 KB
Image
General
Full URL
https://www.sheba.at/Content/img/home/neues-von-sheba.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
c21d017ce10f98a26b40508c6621f5457115ef54dd20f5cdb9b7245fba98c046
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:26 GMT
Content-Length
137290
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 14 May 2019 08:38:13 GMT
Server
ETag
"b37d665e30ad51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202209.1.0/
376 KB
90 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
229oLfugqvtMNLM3e0uPaA==
age
9237
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
91423
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:30 GMT
server
cloudflare
etag
0x8DAAB422B1E6529
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
65ffbfc2-d01e-0039-6a3d-dd9842000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab2d843dc4d-LHR
de.json
cdn.cookielaw.org/consent/399c88eb-6d8e-4fae-b0b8-4cd976a2dd76/60da7f3b-2251-4fcd-af72-c355a0464930/
45 KB
11 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/399c88eb-6d8e-4fae-b0b8-4cd976a2dd76/60da7f3b-2251-4fcd-af72-c355a0464930/de.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b749ad8811cc466ffda39d216b684fa39f7970dd6fd9b89e9b0dff9436df6d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
hnDnJgeMMD14qiSsObpgAQ==
age
179
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11312
x-ms-lease-status
unlocked
last-modified
Tue, 27 Sep 2022 12:27:53 GMT
server
cloudflare
etag
0x8DAA083B32B44AD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
132701b0-401e-0155-5ca6-de75c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab39e8c75a1-LHR
expires
Thu, 20 Oct 2022 08:45:29 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
wG3T8rT9wA5w2UbDdvkxcQ==
age
179
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3007
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:21 GMT
server
cloudflare
etag
0x8DAAB42258FDE79
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
479fb808-c01e-0004-3f3f-dd2d64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab3eedb75a1-LHR
otPcTab.json
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/
63 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
MrbBPvSp/nr/pc7Rs9pb+g==
age
179
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
14053
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:23 GMT
server
cloudflare
etag
0x8DAAB42272E5DAC
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
aa05e242-001e-017b-7577-def503000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab3eedc75a1-LHR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202209.1.0/assets/
22 KB
5 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202209.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202209.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
B55i3ZY9miZIaUrwjufy0w==
age
179
x-ms-lease-status
unlocked
last-modified
Tue, 11 Oct 2022 04:36:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
11eeb80c-a01e-0176-6bdb-e31a0f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75cf1ab3eedd75a1-LHR
cookieBg.png
www.sheba.at/Content/img/public/
944 B
2 KB
Image
General
Full URL
https://www.sheba.at/Content/img/public/cookieBg.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
dd9fe0d2e57bdbc20b5c0a364e0aa022a57235a3ec02fa2b9e924142d77849b0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
944
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 24 May 2019 09:11:43 GMT
Server
ETag
"22b17eb41012d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
newmarslogo.png
cdn.cookielaw.org/logos/5f2759ff-9efe-412c-a3be-f13092d2c945/6568597a-7234-4635-806f-7b4fe7918543/
2 KB
3 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/5f2759ff-9efe-412c-a3be-f13092d2c945/6568597a-7234-4635-806f-7b4fe7918543/newmarslogo.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efef6635c70c2615ee5c63b74de64a7152f376e033d5602673dee71adc693563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
q512oTsGJdDIuxy3Q8dkkw==
age
13362
content-length
2518
x-ms-lease-status
unlocked
last-modified
Thu, 12 Mar 2020 19:35:51 GMT
server
cloudflare
etag
0x8D7C6BC92845CEF
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
18ae8916-301e-00ff-5e27-59e57e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
75cf1ab4aa0cdc4d-LHR
poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/
3 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 20 Oct 2022 04:45:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
LpuayL42jB78xRllx0vkOw==
age
6372
x-ms-lease-status
unlocked
last-modified
Wed, 19 Oct 2022 02:04:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
453eee90-301e-0092-1f69-e34f50000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
75cf1ab4aa0ddc4d-LHR
s8.jpg
www.sheba.at/Content/img/slider/
93 KB
94 KB
Image
General
Full URL
https://www.sheba.at/Content/img/slider/s8.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
6660ba3d76722c94f11632f06d2c352cefd0edaf5a4b7bd9aecfee34741922c8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
94968
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 08 Feb 2019 17:16:13 GMT
Server
ETag
"a65b67fed1bfd41:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
s5.jpg
www.sheba.at/Content/img/slider/
175 KB
176 KB
Image
General
Full URL
https://www.sheba.at/Content/img/slider/s5.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
e54762a9c86093fac862772a2ea965286430180ad8a8e590a19c47c3fd2608b7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
179463
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Fri, 21 Jun 2019 13:54:09 GMT
Server
ETag
"955384cc3828d51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
slider-bottoms.png
www.sheba.at/Content/img/slider/
5 KB
6 KB
Image
General
Full URL
https://www.sheba.at/Content/img/slider/slider-bottoms.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
2c47343656216f2bbd3fdd0eeddacf40372a8bd9a4935ddf24b189f958d1c586
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
4951
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 27 Aug 2019 11:30:19 GMT
Server
ETag
"65da6ceca5cd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
teaser1.png
www.sheba.at/Content/img/home/
99 KB
100 KB
Image
General
Full URL
https://www.sheba.at/Content/img/home/teaser1.png
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
1b8002e2d254bc68d178213269639312c86f1631992ad0ada7366613aff60446
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
101316
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 27 Aug 2019 11:30:05 GMT
Server
ETag
"a77d5ec6ca5cd51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
teaser-item4.jpg
www.sheba.at/Content/img/product-landing/
22 KB
22 KB
Image
General
Full URL
https://www.sheba.at/Content/img/product-landing/teaser-item4.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
c1933025d6bc8b0af326c3109fbce681b6e634abcfd4e70165ba9413d6801f3c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
22179
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:03:11 GMT
Server
ETag
"d46323d7975d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
product-2.jpg
www.sheba.at/Content/img/home/
22 KB
23 KB
Image
General
Full URL
https://www.sheba.at/Content/img/home/product-2.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
ea2c19705a900b131babe20f4f5ca4d88a2eb3ff483d4c0108d05e30dc306470
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
22650
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Mon, 23 Jan 2017 13:02:03 GMT
Server
ETag
"82fd74e47875d21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
product-3.jpg
www.sheba.at/Content/img/home/
58 KB
59 KB
Image
General
Full URL
https://www.sheba.at/Content/img/home/product-3.jpg
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
77.246.37.197 Billingshurst, United Kingdom, ASN24778 (DATAPIPE-UK, GB),
Reverse DNS
Software
/
Resource Hash
fc0dd901b2c591bc18ddb3cecc2f591c2b5a0d9e60b21010b9fb3feab9cc68fe
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Security-Policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
X-Content-Type-Options
nosniff
Date
Thu, 20 Oct 2022 04:45:27 GMT
Content-Length
59860
X-XSS-Protection
1; mode=block
Referrer-Policy
strict-origin
Last-Modified
Tue, 14 May 2019 09:38:40 GMT
Server
ETag
"7a3d11d038ad51:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=10368000
Feature-Policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
Accept-Ranges
bytes
footer.js.aspx
footer.mars.com/js/
5 KB
3 KB
Script
General
Full URL
https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Requested by
Host: www.sheba.at
URL: https://www.sheba.at/content/js/jquery/jquery-1.12.4.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6cbcc08ff4bab44a586ecbd7fa3608d08390876cb42aa1889ba97b20781d4536
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 04:45:30 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA53-C1
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
server
Microsoft-IIS/10.0
expect-ct
max-age=0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
T2IeAyK1AXu16EJHoEJqNX5Uh2x1Pr3fp-tSP3UOQkhdL_myC-7Bvw==
mars-icon-font.css
footer.mars.com/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://footer.mars.com/css/mars-icon-font.css?2014-03-06
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8199e3a93dddeb4fe6f747d933b868e22a647f9f4f59858fbf5839c3d4277f5a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Thu, 20 Oct 2022 00:43:05 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
15245
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
5z_-Olbg03o9y6ZYed03tztIKrV831AXovSPKHpWXo0BZIwtMQdY9A==
footer.css
footer.mars.com/css/
6 KB
2 KB
Stylesheet
General
Full URL
https://footer.mars.com/css/footer.css?2013-11-06
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0019b50562df8885a26da3f616ebc64ad41ac28cedcb14dc2415b3a0ad967c65
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
date
Wed, 19 Oct 2022 12:50:35 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
57346
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
i2sbhlRu5i_gGo_GA_Qmo8eItD5l-8U6nwhxyZYDmvdnhTh2TDNcUw==
custom.css
footer.mars.com/footers/sheba-at/
6 KB
2 KB
Stylesheet
General
Full URL
https://footer.mars.com/footers/sheba-at/custom.css?2013-09-09
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2852b6f60463008ffe9b19674076ba1bbadf5db0c386bd5042d1350143748efc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
date
Thu, 20 Oct 2022 04:42:30 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
180
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 17 Jan 2022 07:08:05 GMT
server
Microsoft-IIS/10.0
etag
W/"37f038f970bd81:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
0OUl23pr8LxpjhJmaG0V99rY4IESt_qv2130LvzIKB6e5Aj5IRx66w==
jquery.1.7.1.noconflict.min.js
footer.mars.com/js/
92 KB
34 KB
Script
General
Full URL
https://footer.mars.com/js/jquery.1.7.1.noconflict.min.js
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3c3344d08360eecb90c446792ed9a0d3cf4567f35bd86e3fe619b0b89991675b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
date
Wed, 19 Oct 2022 22:44:39 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
30779
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
Aix1rOJNIz4y0N-LKKy5IhTdHZfwvu-88guV36wk-UjWBM71Q1HM9A==
jquery.sticky.js
footer.mars.com/js/
2 KB
2 KB
Script
General
Full URL
https://footer.mars.com/js/jquery.sticky.js?2013-09-19
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
edb4ffbe5a9644640f5210f789669e88af5083c8ada1871945121d5d323a442a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
date
Wed, 19 Oct 2022 12:50:19 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
57345
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
W/"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
x-amz-cf-id
UfLOPzFVeydQeABgSGWxhLzkkFUt1C_-aTL0V3z4h6gxRD58naQv_Q==
mars-icon-font.woff
footer.mars.com/font/
5 KB
6 KB
Font
General
Full URL
https://footer.mars.com/font/mars-icon-font.woff?2014-03-06
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/css/mars-icon-font.css?2014-03-06
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c501837128674453eab8e11fd54c4442c9b4ae2b382d1686eab068b8ab8906ce
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://footer.mars.com/
Origin
https://www.sheba.at
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 07:13:15 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
77535
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-length
4828
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Wed, 10 Nov 2021 08:50:08 GMT
server
Microsoft-IIS/10.0
etag
"0e08cf6fd6d71:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
font/x-woff
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
MWdfb0iEzHRM8hEnPTvFLKrQMU_U9qyBvcJ_AWt4TZpjIUb1l25wSQ==
custom.js
footer.mars.com/footers/sheba-at/
114 B
1 KB
Script
General
Full URL
https://footer.mars.com/footers/sheba-at/custom.js
Requested by
Host: footer.mars.com
URL: https://footer.mars.com/js/footer.js.aspx?sheba-at&_=1666241129549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-27.fra53.r.cloudfront.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7f3fcc7df954e554074f9cdfeb28035f2d7c68835261275cee851c464e518deb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.sheba.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 09:36:55 GMT
content-security-policy
default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data: blob:; media-src * data:; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA53-C1
age
68915
x-powered-by
ASP.NET
x-cache
Hit from cloudfront
content-length
114
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Mon, 17 Jan 2022 07:08:05 GMT
server
Microsoft-IIS/10.0
etag
"78a3ff970bd81:0"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
feature-policy
geolocation *; midi *; sync-xhr *; microphone *; camera *; magnetometer *; gyroscope *; speaker *; fullscreen *; payment 'none'
permissions-policy
geolocation=(*), midi=(*), sync-xhr=(*), microphone=(*), camera=(*), magnetometer=(*), gyroscope=(*), speaker=(*), fullscreen=(*), payment=()
access-control-allow-credentials
true
accept-ranges
bytes
x-amz-cf-id
UaO7lwS_r_VSt3W0S8xNwI9JImzm7jv4Ezu6hw5b-SoTxTCbamZtOg==

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| OneTrustStub function| OptanonWrapper object| scriptList string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_tag_manager object| cookiesList function| $ function| jQuery object| Optanon object| OneTrust function| Swiper boolean| mCustomScrollbar object| jQuery1124004069719666336735 function| Blazy function| checkActiveGroups undefined| gaCategory undefined| gaAction undefined| gaLabel function| gaSend object| bLazy number| resState function| debouncer function| res_state function| showLoading function| hideLoader function| changeBG function| changeImg function| mobileCheck function| countryPopup function| searchPopup function| scrollerTop function| headerScroller function| videoPlayer function| mobileMenu function| mobileSearch function| mobileCountry object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| TimelineLite function| TimelineMax function| TweenMax function| BezierPlugin function| ScrollMagic function| ScrollScene boolean| mobile function| marsFooterJQuery

2 Cookies

Domain/Path Name / Value
.sheba.at/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Thu+Oct+20+2022+04%3A45%3A29+GMT%2B0000+(GMT)&version=202209.1.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.sheba.at%2F&groups=1%3A1%2C2%3A0%2C4%3A0
footer.mars.com/ Name: AWSALBCORS
Value: cCqNh1DGFLHoe7OmOPXAvBl62k36pcDIMwKPQML/zgJqjEbb/GO2juRuyvGvU2Q4IH9dKaS5OCOiJLFEWhTRtYqlF4RmnfgIEr4zmbCylSWk0B6AyRQSGBdKW37o

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src *; font-src * data:; frame-src *; img-src * data:; media-src *; object-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
footer.mars.com
sheba.at
www.googletagmanager.com
www.sheba.at
143.204.215.27
2606:4700::6810:9440
2a00:1450:4001:801::2008
77.246.37.197
0019b50562df8885a26da3f616ebc64ad41ac28cedcb14dc2415b3a0ad967c65
04f6b213a88094a6b39756fba58c7cc65dbe4dacdf1f8cc319b1a0ecf0288c5f
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
14e4d1596c6b58896dfce1fc1ec45372bab4d2259ba82828fa3f96cc4f859fc4
1a66a3a0a02be7364b7adb00ae798279a5e64da9d674d59bab801a2a11adc685
1b8002e2d254bc68d178213269639312c86f1631992ad0ada7366613aff60446
1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe
2852b6f60463008ffe9b19674076ba1bbadf5db0c386bd5042d1350143748efc
2c47343656216f2bbd3fdd0eeddacf40372a8bd9a4935ddf24b189f958d1c586
2fe6a04679dc9b1057ad3de9355cf13c5e2b6bf1437c57252b49888dfa0acd8d
33939bb9d827d73e58f184dd1b06e5024b34d62373bd41ce2aea6058d62aa902
3c3344d08360eecb90c446792ed9a0d3cf4567f35bd86e3fe619b0b89991675b
3c9c468701170884c9804674874ca93e3354363cc5251b088355dfaee3272594
3d14b6e3da4281a6d4a5ff5516bc6545ee6226f843e3dcc371f403d20f858566
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490
5bcbd83d020ff272645c59dff179841df9374a6295f324eee00b9de4e67bc1cd
6660ba3d76722c94f11632f06d2c352cefd0edaf5a4b7bd9aecfee34741922c8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
697ab1a8d2a3737df5aeec03733a994105c17e1a14c6b1b0c17b508886dc2faa
6cbcc08ff4bab44a586ecbd7fa3608d08390876cb42aa1889ba97b20781d4536
6da19d37efb2e38da0bb311c4a15e839f3bc7bd4b383f97f23612208edec07b2
75492a11383f437de118c8cae24c01bc457a86876811371b22b8e7405a6b44c1
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f3fcc7df954e554074f9cdfeb28035f2d7c68835261275cee851c464e518deb
8199e3a93dddeb4fe6f747d933b868e22a647f9f4f59858fbf5839c3d4277f5a
986050fca58bd6baffa2c57e1b7329f212851553ffc78cb4dc1dc96962fbe49c
98ed4aefac336f8dcb503ada54c677d39ae457e68b0c38e4d0e96c867cfe1673
9ced8456c1f15a3d1e153bef79681c6bb7e5331492f7d76c1d0e6358ff25a8b7
a517dca6338ba59f0653b8a66daa3c36fa492c7c32d2d496c996da5716f1c724
a9b23eb0bbce3af05965afc5607aa2e3526e373d4b220d7d80ae787dc3b3ea3d
b749ad8811cc466ffda39d216b684fa39f7970dd6fd9b89e9b0dff9436df6d77
b90a4155ec40cceb2c35b3052c46c4480bd4a75ff287b507bca28c72c7c93b38
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb94cd087934acb2b2667b4a6e5d75d3d6661a1caf2716082f50113fd7c29c3b
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
beceb87f13226f8d58b1c13ee7dd1d54c6c6574a127f84e422e4eb7a5dc55402
c00bb48a08def03cff2ae8dda410b182f059d4b9d7d81b0e53ab2fec81cb4cce
c1933025d6bc8b0af326c3109fbce681b6e634abcfd4e70165ba9413d6801f3c
c1fc22c068c621e3832da6ec920271fbe56dfa533d5ee93a9e820adf06c48893
c21d017ce10f98a26b40508c6621f5457115ef54dd20f5cdb9b7245fba98c046
c501837128674453eab8e11fd54c4442c9b4ae2b382d1686eab068b8ab8906ce
d023a9913eed2a862c27bb64a6c9628cd21a05f6144de602ebac2e6163596469
dd9fe0d2e57bdbc20b5c0a364e0aa022a57235a3ec02fa2b9e924142d77849b0
de07158c71b63684664b8d57d5c27bd91c8601db393458b402fe1846257698c8
df52324fd4d633c39332a19eb444cb0b6b309c4b1edaa58263ece94cc0621e69
e54762a9c86093fac862772a2ea965286430180ad8a8e590a19c47c3fd2608b7
ea2c19705a900b131babe20f4f5ca4d88a2eb3ff483d4c0108d05e30dc306470
edb4ffbe5a9644640f5210f789669e88af5083c8ada1871945121d5d323a442a
efef6635c70c2615ee5c63b74de64a7152f376e033d5602673dee71adc693563
f8f0f092cf8da42f7b51abca8c3dee8a5ccaa1be2cff15ae2cafc161b23f6f93
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc0dd901b2c591bc18ddb3cecc2f591c2b5a0d9e60b21010b9fb3feab9cc68fe