onlineservices.ubs.com Open in urlscan Pro
161.239.244.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ubs.com/securepickup
Effective URL:
https://onlineservices.ubs.com/cauth/wma/securepickup
Submission: On November 20 via manual (November 20th 2023, 7:51:59 pm UTC) from US — Scanned from CH

Summary HTTP 50 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 13 domains to perform 50 HTTP transactions. The main IP is 161.239.244.199, located in United States and belongs to PAINEWEBBER-ASN, US. The main domain is onlineservices.ubs.com. The Cisco Umbrella rank of the primary domain is 199995.
TLS certificate: Issued by DigiCert EV RSA CA G2 on May 9th 2023. Valid for: a year.

This is the only time onlineservices.ubs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	193.134.111.71 193.134.111.71	8883 (Switzerland) (Switzerland)
1 1	2a02:26f0:c6:... 2a02:26f0:c6:2a2::3995	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 35	161.239.244.199 161.239.244.199	10615 (PAINEWEBB...) (PAINEWEBBER-ASN)
3	99.81.155.62 99.81.155.62	16509 (AMAZON-02) (AMAZON-02)
3	63.140.62.135 63.140.62.135	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2 2	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
8 8	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
50	12

1 193.134.111.71 (Switzerland) 1 redirects

ASN8883 (Switzerland, CH)

ubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:c6:2a2::3995 (Düsseldorf, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.ubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 161.239.244.199 (United States) 1 redirects

ASN10615 (PAINEWEBBER-ASN, US)

onlineservices.ubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.155.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-155-62.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ubs.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.140.62.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net

analytics.ubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.232 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.194.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.180 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	ubs.com 3 redirects ubs.com — Cisco Umbrella Rank: 54585 www.ubs.com — Cisco Umbrella Rank: 103672 onlineservices.ubs.com — Cisco Umbrella Rank: 199995 analytics.ubs.com — Cisco Umbrella Rank: 188650	1000 KB
8	everesttech.net cm.everesttech.net Failed sync-tm.everesttech.net — Cisco Umbrella Rank: 709	1 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 ubs.demdex.net — Cisco Umbrella Rank: 213124	5 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 522	490 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	1 KB
2	doubleclick.net 1 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 245	831 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	882 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	451 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	755 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	395 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
50	13

	Domain	Requested by
35	onlineservices.ubs.com	1 redirects onlineservices.ubs.com
8	sync-tm.everesttech.net	8 redirects
3	analytics.ubs.com	onlineservices.ubs.com
2	us-u.openx.net	1 redirects
2	ib.adnxs.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	cm.g.doubleclick.net	1 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	onlineservices.ubs.com
1	www.facebook.com
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	analytics.twitter.com	onlineservices.ubs.com
1	ubs.demdex.net	onlineservices.ubs.com
1	www.ubs.com	1 redirects
1	ubs.com	1 redirects
0	sync.search.spotxchange.com Failed
0	cm.everesttech.net Failed	onlineservices.ubs.com
50	18

This site contains links to these domains. Also see Links.

Domain
www.sipc.org
www.ubs.com

Subject Issuer	Validity	Valid
onlineservices.ubs.com DigiCert EV RSA CA G2	`2023-05-09` - `2024-05-25`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
analytics.ubs.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-10` - `2024-04-15`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onlineservices.ubs.com/cauth/wma/securepickup
Frame ID: 8767EBB644475B902015962AB21296B3
Requests: 41 HTTP requests in this frame

Frame: https://ubs.demdex.net/dest5.html?d_nsid=0
Frame ID: 01219824AC63041092356FE92EFC35CE
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UBS Secure Document Pick UpCaps Lock OnDOCPDFPPTXLSZIPMorning MeetingSales CommentarySales IdeaThought LeaderWarning

Page URL History Show full URLs

https://ubs.com/securepickup HTTP 302
https://www.ubs.com/securepickup HTTP 301
https://onlineservices.ubs.com/olsauth/ex/pbl/ubso/dspl HTTP 302
https://onlineservices.ubs.com/cauth/wma/securepickup Page URL

Detected technologies

D3 (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/d3(?:\. v\d+)?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

80 %
HTTPS

13 %
IPv6

13
Domains

18
Subdomains

12
IPs

5
Countries

1006 kB
Transfer

3232 kB
Size

25
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: https://www.ubs.com/relationshipwithubs
Title: Your Relationship with UBS

Search URL Search Domain Scan URL

URL: https://www.ubs.com/relationshipsummary
Title: Relationship Summary

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ubs.com/securepickup HTTP 302
https://www.ubs.com/securepickup HTTP 301
https://onlineservices.ubs.com/olsauth/ex/pbl/ubso/dspl HTTP 302
https://onlineservices.ubs.com/cauth/wma/securepickup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://c1.adform.net/serving/cookie/match?party=1007&cid=87100318447748547413072001807271535957&noredirect=v2 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=87100318447748547413072001807271535957&noredirect=v2 HTTP 302
https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1086689305168851491

Request Chain 43

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZVu42gABHS_45wBd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlZ1NDJnQUJIU180NXdCZA==&_test=ZVu42gABHS_45wBd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlZ1NDJnQUJIU180NXdCZA==&_test=ZVu42gABHS_45wBd&google_tc=

Request Chain 44

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZVu42gABHS_45wBd&expires=90

Request Chain 45

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVu42gABHS_45wBd HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVu42gABHS_45wBd&C=1

Request Chain 46

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZVu42gABHS_45wBd HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZVu42gABHS_45wBd

Request Chain 47

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVu42gABHS_45wBd HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZVu42gABHS_45wBd

Request Chain 48

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZVu42gABHS_45wBd

Request Chain 49

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVu42gABHS_45wBd&img=1

Request Chain 50

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVu42gABHS_45wBd&t=2592000&o=0

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request securepickup Show response
onlineservices.ubs.com/cauth/wma/
Redirect Chain

https://ubs.com/securepickup
https://www.ubs.com/securepickup
https://onlineservices.ubs.com/olsauth/ex/pbl/ubso/dspl
https://onlineservices.ubs.com/cauth/wma/securepickup

5 KB
5 KB

184ms
183ms

Document
text/html

161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

414b955a37ef1a85e056266885fddb8b8630af963d99b0dbda3b56ec4d4e3f77

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Length: 1569
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
Content-Type: text/html
Date: Mon, 20 Nov 2023 19:51:52 GMT
ETag: "1500-608698bc81d80"
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: UBS
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Length: 20
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
Content-Type: text/html;charset=UTF-8
Date: Mon, 20 Nov 2023 19:51:51 GMT
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: UBS
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector
location: /cauth/wma/securepickup

GET
H/1.1 200
OK neo-core-css.white.min.css
onlineservices.ubs.com/cauth/wma/css/ 60 KB
19 KB 163ms
158ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/neo-core-css.white.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

cb39698140460e93f8113ce4cfd92b093dc881b714f5af3e5e8c1c58d4ccb3fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "ef62-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: text/css
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK wma-ols-login-view.min.css
onlineservices.ubs.com/cauth/wma/css/ 182 KB
35 KB 334ms
171ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

2f50a5c7ab6a350f2e69ee6e199bfcb55906a550392f0d983e8b51ab6d4ec846

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "2d93f-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: text/css
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK neo-masthead.white.min.css
onlineservices.ubs.com/cauth/wma/css/ 31 KB
11 KB 402ms
152ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/neo-masthead.white.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

a7aba8794af107a908bd4986725689dac445d8c9145b74af0dda5e66539511e4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "7c8e-608698bc81d80"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7876
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK neo-buttons.white.min.css
onlineservices.ubs.com/cauth/wma/css/ 2 KB
4 KB 396ms
146ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/neo-buttons.white.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

a4289b56e1445ffa262d76074ee95c947145aeeed7134f2af7c4b929b55833df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "9e8-608698bc81d80"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 762
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK neo-icons.min.css
onlineservices.ubs.com/cauth/wma/css/ 5 KB
4 KB 409ms
154ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/neo-icons.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

ddcaabb0561df960378b9a22e0f8fd980d9b74cb7f6046e05e1e2e97f09dc609

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "15db-608698bc81d80"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1209
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK ubs-notification.white.min.css
onlineservices.ubs.com/cauth/wma/css/ 14 KB
5 KB 410ms
155ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/ubs-notification.white.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

87e9b3787def11f4aa29826e6da601b14f2d027969210ee9394f813a1ee90804

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "364c-608698bc81d80"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1781
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK ubs-flyouts.white.min.css
onlineservices.ubs.com/cauth/wma/css/ 4 KB
4 KB 418ms
163ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/ubs-flyouts.white.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

5b019f5b876626a1193c3ee377e971687341d74ff2e880f48fe31599a78607b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "101b-608698bc81d80"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 684
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK wma-ols-transmit-authenticator-widget-new.min.css
onlineservices.ubs.com/cauth/wma/css/ 10 KB
6 KB 504ms
157ms Stylesheet
text/css 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/css/wma-ols-transmit-authenticator-widget-new.min.css?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

0e3615a9e5cd753b9ea14fcfc0d665f33316935ba66f019d344815eb2e0b03dd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "2921-608698bc81d80"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2453
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK riskminder-client.js Show response
onlineservices.ubs.com/cauth/wma/devicedna/ 55 KB
30 KB 558ms
162ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/devicedna/riskminder-client.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

08ced970a6bb2cbfdb9f752dafaee9924dc53d7f731bef33698f66aaeff47e6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "dd51-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK riskminder.js Show response
onlineservices.ubs.com/cauth/wma/devicedna/ 1014 B
4 KB 549ms
147ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/devicedna/riskminder.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

f9344fe36a2b3dda09dc38472e821a327f3f248763043a89bcf5fb6672030c9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "3f6-608698bc81d80"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 457
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK polyfill.min.js Show response
onlineservices.ubs.com/cauth/wma/js/lib/polyfill/ 4 KB
5 KB 570ms
160ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/lib/polyfill/polyfill.min.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

20724c72f650ddb9cf9ce91a0f258a0d6247c265dd97ea0d7dcf180736cfc372

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "f12-608698bc81d80"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1458
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK neo-core-react-component.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 143 KB
48 KB 582ms
173ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/neo-core-react-component.min.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

505c55f8df5771f1516e7c04c93b367f503fdbdf127eda17437b493f96bcfe02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "23b05-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK neo-core-react-app.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 46 KB
16 KB 583ms
165ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/neo-core-react-app.min.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

d47633ba989123aad80f6f571fd7b7559f78492cea748d09faf126d5c8aa0e02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "b793-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK adaMock.js Show response
onlineservices.ubs.com/cauth/wma/js/adaMock/ 459 B
3 KB 688ms
183ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/adaMock/adaMock.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

d62651c79a2891c64d5aefb452d1895dd0c32962ef896ff9b34d0289cafcfa59

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "1cb-608698bc81d80"
Upgrade: h2,h2c
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 230
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK wma-browsercheck.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 7 KB
6 KB 699ms
150ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/wma-browsercheck.min.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

4a69ba75b12024d79fb7925de82f3cb1e47a6159ae3d6a0733373367a1750c4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "1bb2-608698bc81d80"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2666
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK underscore-min.js Show response
onlineservices.ubs.com/cauth/wma/js/lib/underscore/ 19 KB
10 KB 725ms
155ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/lib/underscore/underscore-min.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

b51ab0146d2823837798dcc9d41bef23789fedcb2c8da122276a5feba4ee6ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "4c50-608698bc81d80"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 7496
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK d3.min.js Show response
onlineservices.ubs.com/cauth/wma/js/lib/d3/ 148 KB
55 KB 750ms
167ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/lib/d3/d3.min.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

b81e673dc58af2faf97bcdec9eab4c5182769ffe536773d5f42091935a73a1be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "250b4-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK olsconstant.js Show response
onlineservices.ubs.com/cauth/wma/js/ 2 KB
4 KB 824ms
143ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/olsconstant.js?v=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

39799c85a9cdf531deff41c5d026479e1afa953bb58374d665c786f94b306afd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "640-608698bc81d80"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 589
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK ubs-flyouts.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 11 KB
7 KB 840ms
152ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/ubs-flyouts.min.js?v=1.1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

5daad9040d5f202300ed4fec7508ac2d8e355b86f3204b8f6c5d7352b4ca794c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "2aea-608698bc81d80"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4195
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK wma-behaviosec-sdk.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 68 KB
24 KB 157ms
155ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/wma-behaviosec-sdk.min.js?v=1.1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

2ab52b692536b858e1e58da475934090abe74f46446a09d6ddcd55d8855aff4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "11183-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK wma-ols-login-view.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 2 MB
436 KB 237ms
235ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/wma-ols-login-view.min.js?v=1.1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

381199526656369bbd2443147e0e0467eaa6665996bad6c77f8d14fed95a0ac1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "1c0dcf-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK wma-ols-adobe-analytics.min.js Show response
onlineservices.ubs.com/cauth/wma/js/ 84 KB
25 KB 862ms
163ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/wma-ols-adobe-analytics.min.js?v=1.2

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

ee2d46024b6b610ea50f2ee9d1b0f818bd6d3beec6aacf77d6ec7a51daacb1f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:52 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "14f2f-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK launch-b8247814e4ba.min.js Show response
onlineservices.ubs.com/cauth/wma/js/adobe/87f37070a3c7/ceb33cb2a0c3/ 267 KB
74 KB 165ms
164ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/wma/js/adobe/87f37070a3c7/ceb33cb2a0c3/launch-b8247814e4ba.min.js

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

08f6ef6e5e9ceeebcde09093f313173b9a92d1bd0f3dc2ffb2ac526c12b00142

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "42aad-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK encrypted-regid Show response
onlineservices.ubs.com/api/wma/content/v1/ 133 B
3 KB 137ms
137ms XHR
application/json 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/api/wma/content/v1/encrypted-regid

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/js/wma-ols-adobe-analytics.min.js?v=1.2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

f94f5b0542d197688f35d73af5d41a65d8342fc08b01f544f2a652fdd10c4a13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

Accept: application/json, text/plain, */*
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Content-Encoding: gzip
Server: UBS
Referrer-Policy: strict-origin-when-cross-origin
Content-Type: application/json;charset=UTF-8
Content-Length: 136
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H2 200 id Show response
dpm.demdex.net/ 3 KB
2 KB 269ms
69ms XHR
application/json 99.81.155.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=73FAC51D54C72AE50A4C98BC%40AdobeOrg&d_nsid=0&ts=1700509913661

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/js/adobe/87f37070a3c7/ceb33cb2a0c3/launch-b8247814e4ba.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.81.155.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-155-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ccd70c96f47a81afae1b9afc428a9bbeada909aff2b28e1926f073d5a96ea660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onlineservices.ubs.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-2-v054-0b71ea9a0.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Mon, 20 Nov 2023 19:51:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: mAvGpSEXRW8=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://onlineservices.ubs.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 990
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK AppMeasurement.min.js Show response
onlineservices.ubs.com/olsauth/public/common/nlp/js/adobe/87f37070a3c7/ceb33cb2a0c3/ebd568347a7c/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
15 KB 162ms
162ms Script
application/javascript 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/olsauth/public/common/nlp/js/adobe/87f37070a3c7/ceb33cb2a0c3/ebd568347a7c/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/js/adobe/87f37070a3c7/ceb33cb2a0c3/launch-b8247814e4ba.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "8625-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: application/javascript
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H2 200 dest5.html Show response
ubs.demdex.net/ Frame 0121 7 KB
3 KB 86ms
67ms Document
text/html 99.81.155.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ubs.demdex.net/dest5.html?d_nsid=0

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/js/adobe/87f37070a3c7/ceb33cb2a0c3/launch-b8247814e4ba.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.81.155.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-155-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://onlineservices.ubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 20 Nov 2023 19:51:53 GMT
dcs: dcs-prod-irl1-2-v054-0422bf190.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 17 Nov 2023 11:52:56 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: yI2ZAPGNTGY=

GET
H2 200 id Show response
analytics.ubs.com/ 48 B
460 B 288ms
50ms XHR
application/x-javascript 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.ubs.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=73FAC51D54C72AE50A4C98BC%40AdobeOrg&mid=87132162931576481383074373614132056586&ts=1700509913938

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/js/adobe/87f37070a3c7/ceb33cb2a0c3/launch-b8247814e4ba.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

c6f7a07e3bd3ed4ae888f5ba8624ba001bec9de4ba53a185a1a8b47477da3d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlineservices.ubs.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Nov 2023 19:51:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://onlineservices.ubs.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK collector
onlineservices.ubs.com/olsauth/external/ 0
222 B 133ms
133ms Other
text/html 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://onlineservices.ubs.com/olsauth/external/collector
Requested by: Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),
Reverse DNS
Software: UBS /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

Date: Mon, 20 Nov 2023 19:51:53 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Server: UBS
Content-Length: 20
Content-Type: text/html;charset=UTF-8

GET dd
cm.everesttech.net/cm/ 0
0

GET
H/1.1 200
OK ubs-logo.svg
onlineservices.ubs.com/olsauth/public/common/nlp/images/ 11 KB
7 KB 146ms
145ms Image
image/svg+xml 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlineservices.ubs.com/olsauth/public/common/nlp/images/ubs-logo.svg

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

36515dc05b7992b4ac52af4530935fdfeb2b8fccae07758bcef4df02eb5cd752

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "2c45-608698bc81d80"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4478
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 749c8b72598fe77aaddfac952afa85b3554ab11b44f8e14ef5149f9363a3b608

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9966b4b44458bfaad3884eb48a6d0f721e4ccff2cb21e299032775eab1e7c9af

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK qr-on-mobile.svg
onlineservices.ubs.com/olsauth/public/common/nlp/images/ 19 KB
13 KB 159ms
155ms Image
image/svg+xml 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlineservices.ubs.com/olsauth/public/common/nlp/images/qr-on-mobile.svg

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

521145658e7da8fd2479bd7e53f47ad69b9c7122fcd5f5193998c688a962942f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "4d59-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK large_half.svg
onlineservices.ubs.com/olsauth/public/common/nlp/images/ 114 KB
36 KB 168ms
167ms Image
image/svg+xml 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlineservices.ubs.com/olsauth/public/common/nlp/images/large_half.svg

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

25c02ba9e900f601c0ab7ed2d9b7ec7f625f53e5a674f182926a47a2e2922773

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Last-Modified: Mon, 23 Oct 2023 22:14:30 GMT
Server: UBS
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
ETag: "1c7ce-608698bc81d80"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector

GET
H/1.1 200
OK FrutigerforUBSWeb-Light.woff2
onlineservices.ubs.com/static/fonts/ 27 KB
28 KB 133ms
131ms Font
text/plain 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/static/fonts/FrutigerforUBSWeb-Light.woff2

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

5c53b19a34015474a97b8eebf20461ae3efe86ebf5f1ebe0541951637080bf88

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1
Origin: https://onlineservices.ubs.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 19:51:54 GMT
Content-Security-Policy: default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27480
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache
ETag: "6b58-1c5fc537f6900"
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Access-Control-Allow-Origin: https://onlineservices.ubs.com
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK FrutigerforUBSWeb-Medium.woff2
onlineservices.ubs.com/static/fonts/ 25 KB
26 KB 125ms
124ms Font
text/plain 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/static/fonts/FrutigerforUBSWeb-Medium.woff2

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

6b4f9dd29e8a31006a5d2d5e396bc04378d07a7d68097c9ed50360b54e42a082

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1
Origin: https://onlineservices.ubs.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 19:51:54 GMT
Content-Security-Policy: default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 25756
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache
ETag: "649c-1c5fc537f6900"
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Access-Control-Allow-Origin: https://onlineservices.ubs.com
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK FrutigerforUBSWeb-Roman.woff2
onlineservices.ubs.com/static/fonts/ 24 KB
25 KB 132ms
132ms Font
text/plain 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/static/fonts/FrutigerforUBSWeb-Roman.woff2

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

596395ee1064735212351e2d7a6095ce620fd69fe698c76784290eb22d678014

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://onlineservices.ubs.com/cauth/wma/css/wma-ols-login-view.min.css?v=1
Origin: https://onlineservices.ubs.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 19:51:54 GMT
Content-Security-Policy: default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 24596
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Sat, 26 Oct 1985 08:15:00 GMT
Server: Apache
ETag: "6014-1c5fc537f6900"
X-Frame-Options: SAMEORIGIN
Vary: User-Agent
Access-Control-Allow-Origin: https://onlineservices.ubs.com
Cache-Control: no-store
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100

GET
H/1.1 200
OK transmitErrors.json Show response
onlineservices.ubs.com/cauth/content/dam/contenthub/wm-us/assets/ 2 KB
4 KB 270ms
173ms XHR
application/json 161.239.244.199
PAINEWEBBER-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://onlineservices.ubs.com/cauth/content/dam/contenthub/wm-us/assets/transmitErrors.json

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/js/wma-ols-login-view.min.js?v=1.1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

161.239.244.199 , United States, ASN10615 (PAINEWEBBER-ASN, US),

Reverse DNS

Software

UBS /

Resource Hash

5585adadf4be7edeb618c21151f463b3c13c85fa989a367473e8bb5f3a60192e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Request headers

Accept: application/json, text/plain, */*
Referer: https://onlineservices.ubs.com/cauth/wma/securepickup
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-Varnish-Cache: MISS
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'; frame-ancestors 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com; img-src 'self' data: blob: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.oraclecloud.com https://*.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://*.refinitiv.com https://*.markitondemand.com https://*.gstatic.com https://*.businesswire.com https://*.globenewswire.com https://*.prnewswire.com; style-src 'self' 'unsafe-inline' https://*.livelook.com https://*.googleapis.com; connect-src 'self' *.ubs.com https://*.ubs.net https://*.swissbank.com https://*.neo-svc.ubs.com https://*.oraclecloud.com https://*.livelook.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://analytics.ubs.com *.demdex.net https://*.adobedtm.com https://*.financial.com; object-src 'self' *.ubs.com https://*.ubs.net *.pwj.com; frame-src 'self' mailto: *.ubs.com https://*.swissbank.com *.pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://*.yodlee.com https://www.ubs.sigfig.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.docusign.net https://*.docusign.com https://*.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://*.moneyguidepro.com https://*.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://*.ellielabs.com https://*.elliemae.com https://*.demdex.net https://*.adobedtm.com https://*.financial.com https://*.google.com https://*.markitondemand.com https://*.wallst.com https://*.ubsrewards.com *.marketwatch.com; font-src 'self' data: https://*.ubs.com https://*.static-ubs.com https://*.livelook.com https://*.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://*.ubs.com https://*.ubs.net https://*.markitondemand.com https://*.oraclecloud.com https://*.livelook.net https://*.showscreen.com https://*.rightnowtech.com https://*.rightnow.com https://*.custhelp.com https://*.livelook.com https://*.ellieservices.com https://*.adobedtm.com https://*.google.com https://*.gstatic.com https://*.appdynamics.com; media-src 'self' *.ubs.com *.gstatic.com; form-action 'self' 'unsafe-inline' javascript: *.ubs.com https://*.ubs.net https://*.swissbank.com *.pwj.com https://*.elliemae.com https://*.harland.net; report-uri /olsauth/external/collector
X-Content-Type-Options: nosniff
Date: Mon, 20 Nov 2023 19:51:53 GMT
Content-Encoding: gzip
Content-Disposition: inline
Content-Length: 550
X-XSS-Protection: 1; mode=block; report=/olsauth/external/collector
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 16 Jun 2023 06:32:18 GMT
Server: UBS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json
Cache-Control: public, max-age=300
Accept-Ranges: bytes

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 0121 43 B
395 B 320ms
217ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=87100318447748547413072001807271535957&p_id=38594

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 170
date: Mon, 20 Nov 2023 19:51:53 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 101f45355b1b2b11
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c076c98a99de1cbc050d00c3d7ccdf9ba9e03b4bdaa78df57289561422774d40
content-length: 43

GET
H2 200 s41641125163353
analytics.ubs.com/b/ss/ubsexternonlineserviceslive/1/JS-2.23.0-LDQM/ 43 B
305 B 53ms
52ms Image
image/gif 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.ubs.com/b/ss/ubsexternonlineserviceslive/1/JS-2.23.0-LDQM/s41641125163353?AQB=1&ndh=1&pf=1&t=20%2F10%2F2023%2020%3A51%3A54%201%20-60&mid=87132162931576481383074373614132056586&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fonlineservices.ubs.com%2Fcauth%2Fwma%2Fsecurepickup%23%2F&c.&apl=4.0&inList=3.0&getPreviousValue=3.0.1&getPercentPageViewed=5.0.2&handlePPVevents=4.0&p_fo=3.0&getQueryParam=4.0.1&pt=3.0&.c&cc=USD&events=event19&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=page%20viewed%3A%20&c6=logged%20out&v6=logged%20out&v9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.159%20Safari%2F537.36&c11=Mon%2C%2020%20Nov%202023%2019%3A51%3A53%20GMT&c12=OLS&c13=securepickup&v19=us&v20=en&c25=2023-09-11T20%3A26%3A02Z&c26=production&c27=OLS%205.8&c29=web&v33=wma%20ols&c75=No%20Cookie%20Set&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=73FAC51D54C72AE50A4C98BC%40AdobeOrg&AQE=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 19:51:54 GMT
server: jag
etag: 3651817235316736000-4617773342203198947
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 19 Nov 2023 19:51:54 GMT

GET
H2

200

ibs:dpid=1586&dpuuid=1086689305168851491
dpm.demdex.net/ Frame 0121
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1007&cid=87100318447748547413072001807271535957&noredirect=v2
https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=87100318447748547413072001807271535957&noredirect=v2
https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1086689305168851491

42 B
717 B

68ms
68ms

Image
image/gif

99.81.155.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1086689305168851491

Protocol

Server

99.81.155.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-155-62.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-02a370a0b.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: QA0b6SdQREc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dpm.demdex.net/ibs:dpid=1586&dpuuid=1086689305168851491
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 s46945209345595
analytics.ubs.com/b/ss/ubsexternonlineserviceslive/1/JS-2.23.0-LDQM/ 43 B
223 B 54ms
54ms Image
image/gif 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.ubs.com/b/ss/ubsexternonlineserviceslive/1/JS-2.23.0-LDQM/s46945209345595?AQB=1&ndh=1&pf=1&t=20%2F10%2F2023%2020%3A51%3A54%201%20-60&mid=87132162931576481383074373614132056586&aamlh=6&ce=UTF-8&g=https%3A%2F%2Fonlineservices.ubs.com%2Fcauth%2Fwma%2Fsecurepickup%23%2F&c.&apl=4.0&inList=3.0&getPreviousValue=3.0.1&getPercentPageViewed=5.0.2&handlePPVevents=4.0&p_fo=3.0&getQueryParam=4.0.1&pt=3.0&.c&cc=USD&events=event19&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=page%20viewed%3A%20&c6=logged%20out&v6=logged%20out&v9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.159%20Safari%2F537.36&v10=87132162931576481383074373614132056586&c11=Mon%2C%2020%20Nov%202023%2019%3A51%3A54%20GMT&c12=OLS&c13=securepickup&v19=us&v20=en&c25=2023-09-11T20%3A26%3A02Z&c26=production&c27=OLS%205.8&c29=web&v33=wma%20ols&c75=No%20Cookie%20Set&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=73FAC51D54C72AE50A4C98BC%40AdobeOrg&AQE=1

Requested by

Host: onlineservices.ubs.com
URL: https://onlineservices.ubs.com/cauth/wma/securepickup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://onlineservices.ubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 21 Nov 2023 19:51:54 GMT
server: jag
etag: 3651817234012504064-4617844378277665835
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 19 Nov 2023 19:51:54 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WlZ1NDJnQUJIU180NXdCZA==&_test=ZVu42gABHS_45wBd
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlZ1NDJnQUJIU180NXdCZA==&_test=ZVu42gABHS_45wBd&google_tc=

170 B
243 B

45ms
44ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlZ1NDJnQUJIU180NXdCZA==&_test=ZVu42gABHS_45wBd&google_tc=

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WlZ1NDJnQUJIU180NXdCZA==&_test=ZVu42gABHS_45wBd&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZVu42gABHS_45wBd&expires=90

42 B
755 B

186ms
34ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZVu42gABHS_45wBd&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
date: Mon, 20 Nov 2023 19:51:54 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1700509915.735208,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZVu42gABHS_45wBd&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVu42gABHS_45wBd
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVu42gABHS_45wBd&C=1

43 B
341 B

46ms
45ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZVu42gABHS_45wBd&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpkKkdvvwbFDd5xn%2BWzxLOYdjTkRKhUIiz61XFDljYPcZEK1Nh%2FWk9JUU0B1OILwEtSuDLCfxj2WBUZ1ZYMwcTuRw6hMeAdWZ89x28ZNQJ%2F4T6qtWZqcBQ0Dyo6GSo3kJ9OvhTFVl7%2B0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82933af91d1b9042-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hNVlGoedyMN4T6C3gSL%2FZdJFzV0hNAldRr%2BJpR5POG7eoiL6aihb4jVXFKlupY1DYyZAeXxUy%2Buw%2BVwgwAg390GYO4JbdYarFwNgS0GSvnKG33dp%2FH7eC8h%2FbHt0CL%2BBm85kvrbt7dIyw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=88&external_user_id=ZVu42gABHS_45wBd&C=1
cache-control: no-cache
cf-ray: 82933af8ccba9042-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

bounce
ib.adnxs.com/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZVu42gABHS_45wBd
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZVu42gABHS_45wBd

43 B
899 B

38ms
38ms

Image
image/gif

185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZVu42gABHS_45wBd

Protocol

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
an-x-request-uuid: e4de850f-e4ba-4109-a4d0-e3e6ec207578
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.170; 45.12.222.170; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
an-x-request-uuid: a2a1c902-1fd2-47db-92cd-9b0a34527068
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DZVu42gABHS_45wBd
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.170; 45.12.222.170; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZVu42gABHS_45wBd
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZVu42gABHS_45wBd

43 B
171 B

40ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZVu42gABHS_45wBd
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZVu42gABHS_45wBd
date: Mon, 20 Nov 2023 19:51:55 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZVu42gABHS_45wBd

1 B
451 B

149ms
42ms

Image
text/html

198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZVu42gABHS_45wBd
Protocol: H2
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 20 Nov 2023 19:51:53 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1700509915.142556,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZVu42gABHS_45wBd
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET

partner
sync.search.spotxchange.com/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVu42gABHS_45wBd&img=1

0
0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 0121
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVu42gABHS_45wBd&t=2592000&o=0

43 B
882 B

148ms
72ms

Image
image/gif

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVu42gABHS_45wBd&t=2592000&o=0

Protocol

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ubs.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 11:51:55 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: public
x-fb-debug: /vrcO9ORAq7hkdyftOlXSrlFU86YEFGixKE3Caugr3rx+lg4x7SVJTIO4WK603jmZgEw1NCRiAoaUwCfAKe4Xg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Mon, 20 Nov 2023 11:51:55 PST

Redirect headers

x-served-by: cache-fra-eddf8230091-FRA
pragma: no-cache
date: Mon, 20 Nov 2023 19:51:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1700509915.355094,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZVu42gABHS_45wBd&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.everesttech.net
URL: https://cm.everesttech.net/cm/dd?d_uuid=87100318447748547413072001807271535957

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVu42gABHS_45wBd&img=1

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ubs.com/	1969-12-31 23:59:59	Name: BIGipServer~pa-1469-ubs0bss0001csa21ad1286~pl-ubs0-www-tmp.inter.cmuintra.ch-https Value: rd1469o00000000000000000000ffff0a6cf623o443
.ubs.com/	1969-12-31 23:59:59	Name: geo-country Value: CH
.ubs.com/	1970-01-20 16:21:49	Name: sc-murl Value: /securepickup---
.demdex.net/	1970-01-20 20:41:01	Name: demdex Value: 87100318447748547413072001807271535957
.ubs.com/	1969-12-31 23:59:59	Name: AMCVS_73FAC51D54C72AE50A4C98BC%40AdobeOrg Value: 1
.ubs.com/	1970-01-21 01:57:49	Name: s_ecid Value: MCMID%7C87132162931576481383074373614132056586
.ubs.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.ubs.com/	1970-01-21 01:57:49	Name: AMCV_73FAC51D54C72AE50A4C98BC%40AdobeOrg Value: 179643557%7CMCIDTS%7C19682%7CMCMID%7C87132162931576481383074373614132056586%7CMCAAMLH-1701114713%7C6%7CMCAAMB-1701114713%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1700517114s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.adform.net/	1970-01-20 17:05:01	Name: C Value: 1
.twitter.com/	1970-01-21 01:57:49	Name: personalization_id Value: "v1_zwK/bFqoQxHvJ5uQuXpXTQ=="
.everesttech.net/	1970-01-21 01:07:25	Name: everest_g_v2 Value: g_surferid~ZVu42gABHS_45wBd
.adform.net/	1970-01-20 17:48:13	Name: uid Value: 1086689305168851491
.dpm.demdex.net/	1970-01-20 20:41:01	Name: dpm Value: 87100318447748547413072001807271535957
.doubleclick.net/	1970-01-20 16:21:50	Name: test_cookie Value: CheckForPermission
.rubiconproject.com/	1970-01-21 01:07:25	Name: khaos Value: LP7BP3ZD-11-8XE5
.rubiconproject.com/	1970-01-21 01:07:25	Name: audit Value: 1\|B30JlDpIxa0RT16WAnDNIGclr50NJZS9gl+dIIhPT/Xv/apCYiaCY4BHNY1qtmKaOwzQPRjE182M1KxoLazIt8oW2SgbbjsrEOjxxX8e+bNBb0wcCsXnROynEGrd6i7v0wbIVuHeot9/6K+MJaMXAo76/Gy8ewrDCOeqF/Dn4Co=
.casalemedia.com/	1970-01-21 01:07:25	Name: CMID Value: ZVu42z-I4Fhzazy7NLJpzwAA
.casalemedia.com/	1970-01-20 18:31:25	Name: CMPS Value: 3279
.casalemedia.com/	1970-01-20 18:31:25	Name: CMPRO Value: 3279
.adnxs.com/	1970-01-20 18:31:25	Name: uuid2 Value: 8926282353459827580
.adnxs.com/	1970-01-20 18:31:25	Name: anj Value: dTM7k!M4.FErk#WF']wIg2GVTsdP91!]tbPl1MwL(!R7qUY#QT[NSOeYUa5jbWYD8?n<F]S:0/W<QG=%9sk?bIRwi:w9Ld1i[e%$B+NK1Q67Oe!@@hj*m-MJ
.openx.net/	1970-01-21 01:07:25	Name: i Value: 025ec3d5-031e-4ddc-8fa8-25f15e032e85\|1700509915
.demdex.net/	1970-01-20 20:41:01	Name: dextp Value: 1123-1-1700509914138\|1586-1-1700509914238\|144230-1-1700509914339\|144231-1-1700509914706\|144232-1-1700509914808\|144233-1-1700509914926\|144234-1-1700509915027\|144235-1-1700509915128\|144236-1-1700509915228\|144237-1-1700509915336
.pubmatic.com/	1970-01-20 18:31:25	Name: KRTBCOOKIE_218 Value: 4056-ZVu42gABHS_45wBd&KRTB&22978-ZVu42gABHS_45wBd&KRTB&23194-ZVu42gABHS_45wBd&KRTB&23209-ZVu42gABHS_45wBd
.pubmatic.com/	1970-01-20 17:05:01	Name: PugT Value: 1700509913

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://onlineservices.ubs.com/cauth/wma/securepickup Message: Refused to load the image 'https://cm.everesttech.net/cm/dd?d_uuid=87100318447748547413072001807271535957' because it violates the following Content Security Policy directive: "img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com".
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZVu42gABHS_45wBd&img=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self' .ubs.com https://.ubs.net https://.swissbank.com .pwj.com; img-src 'self' data: blob: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.oraclecloud.com https://.livelook.com https://contenthub-author.azure.ubs.net https://analytics.ubs.com https://.refinitiv.com https://.markitondemand.com https://.gstatic.com https://.businesswire.com https://.globenewswire.com https://.prnewswire.com; style-src 'self' 'unsafe-inline' https://.livelook.com https://.googleapis.com; connect-src 'self' .ubs.com https://.ubs.net https://.swissbank.com https://.neo-svc.ubs.com https://.oraclecloud.com https://.livelook.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://analytics.ubs.com .demdex.net https://.adobedtm.com https://.financial.com; object-src 'self' .ubs.com https://.ubs.net .pwj.com; frame-src 'self' mailto: .ubs.com https://.swissbank.com .pwj.com https://icn.icapitalnetwork.com https://prospectus-express.newriver.com https://prospectus-express.broadridge.com https://.yodlee.com https://www.ubs.sigfig.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.docusign.net https://.docusign.com https://.timetrade.com https://ubs-financial-wellness-two-p.herokuapp.com https://ubs-debt-prod.herokuapp.com https://ubs-life-events-prod.herokuapp.com https://ubs-small-steps-two-prod.herokuapp.com https://.moneyguidepro.com https://.financialgoalanalysis.com https://players.brightcove.net https://analytics.ubs.com https://.ellielabs.com https://.elliemae.com https://.demdex.net https://.adobedtm.com https://.financial.com https://.google.com https://.markitondemand.com https://.wallst.com https://.ubsrewards.com .marketwatch.com; font-src 'self' data: https://.ubs.com https://.static-ubs.com https://.livelook.com https://.gstatic.com; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://.ubs.com https://.ubs.net https://.markitondemand.com https://.oraclecloud.com https://.livelook.net https://.showscreen.com https://.rightnowtech.com https://.rightnow.com https://.custhelp.com https://.livelook.com https://.ellieservices.com https://.adobedtm.com https://.google.com https://.gstatic.com https://.appdynamics.com; media-src 'self' .ubs.com .gstatic.com; form-action 'self' 'unsafe-inline' javascript: .ubs.com https://.ubs.net https://.swissbank.com .pwj.com https://.elliemae.com https://.harland.net; report-uri /olsauth/external/collector
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=/olsauth/external/collector

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
analytics.ubs.com
c1.adform.net
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
dsum-sec.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
onlineservices.ubs.com
pixel.rubiconproject.com
sync-tm.everesttech.net
sync.search.spotxchange.com
ubs.com
ubs.demdex.net
us-u.openx.net
www.facebook.com
www.ubs.com
cm.everesttech.net
sync.search.spotxchange.com
104.244.42.67
142.250.185.98
151.101.194.49
161.239.244.199
172.64.151.101
185.89.210.180
193.134.111.71
198.47.127.205
2a02:26f0:c6:2a2::3995
2a03:2880:f177:185:face:b00c:0:25de
34.98.64.218
37.157.6.232
63.140.62.135
69.173.144.139
99.81.155.62
08ced970a6bb2cbfdb9f752dafaee9924dc53d7f731bef33698f66aaeff47e6b
08f6ef6e5e9ceeebcde09093f313173b9a92d1bd0f3dc2ffb2ac526c12b00142
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e3615a9e5cd753b9ea14fcfc0d665f33316935ba66f019d344815eb2e0b03dd
20724c72f650ddb9cf9ce91a0f258a0d6247c265dd97ea0d7dcf180736cfc372
25c02ba9e900f601c0ab7ed2d9b7ec7f625f53e5a674f182926a47a2e2922773
2ab52b692536b858e1e58da475934090abe74f46446a09d6ddcd55d8855aff4d
2f50a5c7ab6a350f2e69ee6e199bfcb55906a550392f0d983e8b51ab6d4ec846
36515dc05b7992b4ac52af4530935fdfeb2b8fccae07758bcef4df02eb5cd752
381199526656369bbd2443147e0e0467eaa6665996bad6c77f8d14fed95a0ac1
39799c85a9cdf531deff41c5d026479e1afa953bb58374d665c786f94b306afd
414b955a37ef1a85e056266885fddb8b8630af963d99b0dbda3b56ec4d4e3f77
4a69ba75b12024d79fb7925de82f3cb1e47a6159ae3d6a0733373367a1750c4f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
505c55f8df5771f1516e7c04c93b367f503fdbdf127eda17437b493f96bcfe02
521145658e7da8fd2479bd7e53f47ad69b9c7122fcd5f5193998c688a962942f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5585adadf4be7edeb618c21151f463b3c13c85fa989a367473e8bb5f3a60192e
596395ee1064735212351e2d7a6095ce620fd69fe698c76784290eb22d678014
5b019f5b876626a1193c3ee377e971687341d74ff2e880f48fe31599a78607b0
5c53b19a34015474a97b8eebf20461ae3efe86ebf5f1ebe0541951637080bf88
5daad9040d5f202300ed4fec7508ac2d8e355b86f3204b8f6c5d7352b4ca794c
6b4f9dd29e8a31006a5d2d5e396bc04378d07a7d68097c9ed50360b54e42a082
749c8b72598fe77aaddfac952afa85b3554ab11b44f8e14ef5149f9363a3b608
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
87e9b3787def11f4aa29826e6da601b14f2d027969210ee9394f813a1ee90804
9966b4b44458bfaad3884eb48a6d0f721e4ccff2cb21e299032775eab1e7c9af
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4289b56e1445ffa262d76074ee95c947145aeeed7134f2af7c4b929b55833df
a7aba8794af107a908bd4986725689dac445d8c9145b74af0dda5e66539511e4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51ab0146d2823837798dcc9d41bef23789fedcb2c8da122276a5feba4ee6ac5
b81e673dc58af2faf97bcdec9eab4c5182769ffe536773d5f42091935a73a1be
c6f7a07e3bd3ed4ae888f5ba8624ba001bec9de4ba53a185a1a8b47477da3d86
cb39698140460e93f8113ce4cfd92b093dc881b714f5af3e5e8c1c58d4ccb3fc
ccd70c96f47a81afae1b9afc428a9bbeada909aff2b28e1926f073d5a96ea660
d47633ba989123aad80f6f571fd7b7559f78492cea748d09faf126d5c8aa0e02
d62651c79a2891c64d5aefb452d1895dd0c32962ef896ff9b34d0289cafcfa59
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
ddcaabb0561df960378b9a22e0f8fd980d9b74cb7f6046e05e1e2e97f09dc609
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2d46024b6b610ea50f2ee9d1b0f818bd6d3beec6aacf77d6ec7a51daacb1f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9344fe36a2b3dda09dc38472e821a327f3f248763043a89bcf5fb6672030c9d
f94f5b0542d197688f35d73af5d41a65d8342fc08b01f544f2a652fdd10c4a13

onlineservices.ubs.com Open in urlscan Pro 161.239.244.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

80 %HTTPS

13 %IPv6

13 Domains

18 Subdomains

12 IPs

5 Countries

1006 kBTransfer

3232 kBSize

25 Cookies

3 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

onlineservices.ubs.com Open in urlscan Pro
161.239.244.199 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

80 %
HTTPS

13 %
IPv6

13
Domains

18
Subdomains

12
IPs

5
Countries

1006 kB
Transfer

3232 kB
Size

25
Cookies

50 HTTP transactions
2 data transactions