urlscan.io logo urlscan.io
SecurityTrails logo

www.umb.ch Open in urlscan Pro
217.26.60.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://auth.umb.cloud/
Effective URL: https://www.umb.ch/
Submission: On August 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 50 HTTP transactions. The main IP is 217.26.60.77, located in Switzerland and belongs to HOSTPOINT-AS, CH. The main domain is www.umb.ch.
TLS certificate: Issued by R3 on June 5th 2024. Valid for: 3 months.
This is the only time www.umb.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 185.157.0.119 209346 (UMB-AG)
31 217.26.60.77 29097 (HOSTPOINT-AS)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.142.119 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.80.204 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
50 11
1    2606:4700::6813:9813 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.umb.cloud
1    185.157.0.119 (Dübendorf, Switzerland)

ASN209346 (UMB-AG, CH)
umb.cloud
31    217.26.60.77 (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)
PTR: sl1186.web.hostpoint.ch
www.umb.ch
2    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    104.18.142.119 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
1    2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
4    2606:4700::6812:16b7 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6812:8a11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Apex Domain
Subdomains		 Transfer
31 umb.ch
www.umb.ch
780 KB
4 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5067
24 KB
2 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 5359
2 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 84
13 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
1 KB
2 umb.cloud
auth.umb.cloud
umb.cloud
921 B
1 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 9382
forms-na1.hsforms.com Failed
2 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 11009
92 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5135
24 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5414
js-na1.hs-scripts.com Failed
1 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 14516
156 KB
0 hsadspixel.net Failed
js.hsadspixel.net Failed
50 12
Domain Requested by
31 www.umb.ch www.umb.ch
4 js.hs-banner.com js.hs-scripts.com
js.hs-banner.com
2 track.hubspot.com
2 www.youtube.com www.umb.ch
www.youtube.com
1 forms.hsforms.com js.hsforms.net
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-scripts.com www.umb.ch
1 js.hsforms.net www.umb.ch
1 p.typekit.net use.typekit.net
1 use.typekit.net www.umb.ch
1 umb.cloud 1 redirects
1 auth.umb.cloud 1 redirects
0 forms-na1.hsforms.com Failed
0 js-na1.hs-scripts.com Failed js.hs-analytics.net
0 js.hsadspixel.net Failed js.hs-scripts.com
50 16
Subject Issuer Validity Valid
www.umb.ch
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
hsforms.net
WE1		 2024-06-13 -
2024-09-11		 3 months crt.sh
hs-scripts.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
hs-analytics.net
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
hs-banner.com
WE1		 2024-07-27 -
2024-10-25		 3 months crt.sh
hsleadflows.net
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
hsforms.com
WE1		 2024-06-14 -
2024-09-12		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2024-01-06 -
2024-12-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.umb.ch/
Frame ID: 08CB167366617116CD86CFFA639894BB
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UMB – creating time - umb.ch

Page URL History Show full URLs

  1. https://auth.umb.cloud/ HTTP 302
    https://umb.cloud/ HTTP 301
    https://www.umb.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+ href="/?typo3(?:conf|temp)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • prism\.js

Page Statistics

50
Requests

92 %
HTTPS

67 %
IPv6

12
Domains

16
Subdomains

11
IPs

4
Countries

1096 kB
Transfer

2803 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://auth.umb.cloud/ HTTP 302
    https://umb.cloud/ HTTP 301
    https://www.umb.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.umb.ch/
Redirect Chain
  • https://auth.umb.cloud/
  • https://umb.cloud/
  • https://www.umb.ch/
101 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
65f964da26792d57d0ed432011cfc1acd75d6dfc02af4e039913ba6022d98894
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=0
content-encoding
gzip
content-language
de-CH
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
content-type
text/html; charset=utf-8
date
Thu, 01 Aug 2024 17:04:47 GMT
expires
Thu, 01 Aug 2024 17:04:47 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
same-origin
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge

Redirect headers

Connection
Keep-Alive
Content-Length
227
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 01 Aug 2024 17:04:47 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.umb.ch/
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
merged-1fe96e3734b522734baefb982ba4d1ce-min.css
www.umb.ch/typo3temp/assets/compressed/ 		387 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
2ff5d2dde6dd9f51a5ae3a26cacfb64be955bcd924e13596208f28cbcd9639f9
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
referrer-policy
same-origin
last-modified
Thu, 01 Aug 2024 16:50:45 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
cookieOptin.css
www.umb.ch/fileadmin/sg_cookie_optin/siteroot-1/ 		37 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/fileadmin/sg_cookie_optin/siteroot-1/cookieOptin.css?1720422497
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
99c78a7e7574ecaba8f10438c7f73dd83eec3abdb6b4cf809d0b098d833bf7e1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
content-length
3657
referrer-policy
same-origin
last-modified
Mon, 08 Jul 2024 07:08:17 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
cookieOptin.js
www.umb.ch/fileadmin/sg_cookie_optin/siteroot-1/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/fileadmin/sg_cookie_optin/siteroot-1/cookieOptin.js?1720422498
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
3a4cc704aa570fb9007196f6df5a5572d0064a22be03f1f3c6f39b0a1b52b8c6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
content-length
12513
referrer-policy
same-origin
last-modified
Mon, 08 Jul 2024 07:08:18 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
form.css
www.umb.ch/fileadmin/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/fileadmin/form.css
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
90efd2a9688eaae2cbc555efc0b81fc721b81e9bffdca0af5235a376f1754bd2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
content-length
1635
referrer-policy
same-origin
last-modified
Mon, 06 Nov 2023 13:40:37 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
merged-cd2ed1cab13d953da525498957d82daa-min.js
www.umb.ch/typo3temp/assets/compressed/ 		275 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/typo3temp/assets/compressed/merged-cd2ed1cab13d953da525498957d82daa-min.js?1722410413
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
15a626efe3751e371fe304bad6f94b3a5e3714455323fb20336a2192771e0de8
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
referrer-policy
same-origin
last-modified
Thu, 01 Aug 2024 16:50:45 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
merged-6af1a7b3fb61901948405b4aefe6ca58-min.js
www.umb.ch/typo3temp/assets/compressed/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/typo3temp/assets/compressed/merged-6af1a7b3fb61901948405b4aefe6ca58-min.js?1722410413
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
3e3f10bb6f20f40854a289d0c11a6124f43f29b928011de7fdd9a19afbacba0c
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
content-length
22773
referrer-policy
same-origin
last-modified
Thu, 01 Aug 2024 16:50:45 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
ekq2qxj.css
use.typekit.net/ 		3 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ekq2qxj.css
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
814cd93708723caf462794dae0e2f72c442b326ad6f6ed1af4727810b0673eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Thu, 01 Aug 2024 17:04:48 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
679
style.css
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/IconFont/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/IconFont/style.css
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
df486e9bc7ee11005e808617dbf61d93c69c016f794990df763ae89365f8ac56
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:47 GMT
content-length
1184
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:47 GMT
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=ekq2qxj&ht=tk&f=39182.39185.39187&a=82856051&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/ekq2qxj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:48 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
Blume.svg
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Icons/Blume.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
edbbde479f194d52b275544fcf84f2fe1d1feca062400f1e0e078d6e3d6c66f3
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
996
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
truncated
/ 		750 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29bf5beb02560ffaa4f8a19f567f933cd3a7ab2fdc78091e0cc6716a7c56b5e4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
calibri400.woff
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Typekit/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Typekit/calibri400.woff
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
186ca9bb8539d3db8eace3723f9c748e80b7b03f783cd77d4f19841a1a13991f
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
date
Thu, 01 Aug 2024 17:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
umb.ch
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
81516
expires
Sat, 31 Aug 2024 17:04:48 GMT
untitled-font-1.woff
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/IconFont/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/IconFont/fonts/untitled-font-1.woff
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/IconFont/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
42ed924f64c2c60102af9bf17b121a2038ec345751ac0ae8f81f5547dbc52984
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/IconFont/style.css
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
date
Thu, 01 Aug 2024 17:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
umb.ch
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
4976
expires
Sat, 31 Aug 2024 17:04:48 GMT
fa-light-300.woff2
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/FontAwesome/ 		161 KB
161 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/FontAwesome/fa-light-300.woff2
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
date
Thu, 01 Aug 2024 17:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
umb.ch
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
164724
expires
Sat, 31 Aug 2024 17:04:48 GMT
calibri700.woff
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Typekit/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Typekit/calibri700.woff
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
f6b28198a96dfe69382bee8720f1a96506ff0b05f4ddbdf8e2e38f599ac2d0df
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
date
Thu, 01 Aug 2024 17:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/font-woff
access-control-allow-origin
umb.ch
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
80852
expires
Sat, 31 Aug 2024 17:04:48 GMT
umb_logo.svg
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Img/umb_logo.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
5eca93bb8cede17d5b97ec2674e36855ccaeed4369429f738e15c05214aca784
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
1709
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
creating_time.svg
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Img/ 		39 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Img/creating_time.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
16e1a81c6f349186ace58c319bec3b6db121bea6633d131a1e3f5072eacfbb41
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
16706
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
UMB_Security_Webinar.gif
www.umb.ch/fileadmin/user_upload/Events/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Events/UMB_Security_Webinar.gif
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
a3dafb9524fd4250283f1644e193f0fbb92aada719aa0dd80d0206b2fb0004ac
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 21 Sep 2023 09:56:26 GMT
server
Apache
date
Thu, 01 Aug 2024 17:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
23708
expires
Sat, 31 Aug 2024 17:04:48 GMT
csm_Business_Advisor_91473686d5.jpg
www.umb.ch/fileadmin/_processed_/a/6/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/_processed_/a/6/csm_Business_Advisor_91473686d5.jpg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
7b5d8d761d752ab9afe91274fb17920068bcf2808c23d3b95fe33befef4fc7fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
5124
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 11:49:44 GMT
server
Apache
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
csm_UMB_Data_Scientist_cde77c6782.jpg
www.umb.ch/fileadmin/_processed_/3/5/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/_processed_/3/5/csm_UMB_Data_Scientist_cde77c6782.jpg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
7c1dcb2092af72315983b6c7a11c4e05131713222c3023942afa55c3872e5fdf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
10054
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 11:49:44 GMT
server
Apache
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
csm_Network_Expert_94c136cdd7.jpg
www.umb.ch/fileadmin/_processed_/d/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/_processed_/d/1/csm_Network_Expert_94c136cdd7.jpg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
e1b8d85d91e4fe879df156118835987a5927995ec08165c2423c6c4feac33b14
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
5388
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 11:49:44 GMT
server
Apache
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
csm_UMB_Security_Angel_3b22429632.jpg
www.umb.ch/fileadmin/_processed_/0/d/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/_processed_/0/d/csm_UMB_Security_Angel_3b22429632.jpg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
160edf4e8dfd3e290fe198596e9a644387147854642a22e2079ad22dad28b6b7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
12134
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 11:49:44 GMT
server
Apache
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
csm_Cloud_Experts_19c3cbd397.jpg
www.umb.ch/fileadmin/_processed_/a/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/_processed_/a/1/csm_Cloud_Experts_19c3cbd397.jpg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
733bc473a668b5d603f8edbdbc71fdc9783b5d4f9893e844337cc4acf33d1f71
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
5658
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 11:49:44 GMT
server
Apache
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
csm_Modern_Work_Genius_cb4f3007c4.jpg
www.umb.ch/fileadmin/_processed_/a/3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/_processed_/a/3/csm_Modern_Work_Genius_cb4f3007c4.jpg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
8a5b94849d062fdad1a55538006b0d042c5c77fba31bb1b7bc9fa4de20e49bf1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
x-content-type-options
nosniff
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
5824
referrer-policy
same-origin
last-modified
Tue, 19 Mar 2024 11:49:44 GMT
server
Apache
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
prism.js
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Js/prism.js
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-6af1a7b3fb61901948405b4aefe6ca58-min.js?1722410413
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
0cb1c357e13d22a364332e2d4bc0cbafd9b693d5b6ff460df7ed36c591f72f76
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
6466
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=31536000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Fri, 01 Aug 2025 17:04:48 GMT
fa-regular-400.woff2
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/FontAwesome/ 		149 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/FontAwesome/fa-regular-400.woff2
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/typo3temp/assets/compressed/merged-1fe96e3734b522734baefb982ba4d1ce-min.css?1722410399
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
referrer-policy
same-origin
x-content-type-options
nosniff
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
date
Thu, 01 Aug 2024 17:04:48 GMT
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
umb.ch
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
content-length
152192
expires
Sat, 31 Aug 2024 17:04:48 GMT
Icon_BusinessAdvisor.svg
www.umb.ch/fileadmin/user_upload/Icon/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Icon/Icon_BusinessAdvisor.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
8beda069d0d14174ba2226df85329d70123b62df6550b442bb217f27237cc56e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
2145
referrer-policy
same-origin
last-modified
Thu, 08 Feb 2024 12:26:33 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
Icon_Operations.svg
www.umb.ch/fileadmin/user_upload/Icon/ 		1 KB
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Icon/Icon_Operations.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
8b08773fef9690ef6a800868d4fe9116a0e7b675f56f51c6454b2d10cf5c5eb7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
690
referrer-policy
same-origin
last-modified
Thu, 10 Mar 2022 12:10:26 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
Icon_SecurityAngel.svg
www.umb.ch/fileadmin/user_upload/Icon/ 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Icon/Icon_SecurityAngel.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
2f6a986cac0424d7d1a75a20d22e7aa17d366420e3c1e7f0617fb7e933f6704c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
4308
referrer-policy
same-origin
last-modified
Thu, 08 Feb 2024 12:26:33 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
Icon_Platform.svg
www.umb.ch/fileadmin/user_upload/Icon/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Icon/Icon_Platform.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
1b20157a3bef39d6e4f206debacfd9e0e530af0c9b5458e0ca222bc6c9a4f0ca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
1161
referrer-policy
same-origin
last-modified
Thu, 10 Mar 2022 12:10:26 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
Icon_AIDataScientist.svg
www.umb.ch/fileadmin/user_upload/Icon/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Icon/Icon_AIDataScientist.svg
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
86c5acf4e07d1285e305235b14cda33b6a040f76aaadd0f9bc21f4b0ad3df3d7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
2706
referrer-policy
same-origin
last-modified
Thu, 08 Feb 2024 10:41:10 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:48 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-6af1a7b3fb61901948405b4aefe6ca58-min.js?1722410413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9f299073433d2af5662ec49a4d73a9c6c8bfe760c60b3db2f863788950d6511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 01 Aug 2024 17:04:48 GMT
v2.js
js.hsforms.net/forms/ 		483 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-6af1a7b3fb61901948405b4aefe6ca58-min.js?1722410413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.142.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe582522956d3117d3d9ddba64a6c5f76361c25610a3d0f61b703eb70d4c364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
age
372
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5730/bundles/project-v2.js&cfRay=8ac75fb7983b3630-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"a92243edd2d8aa3751779a562937e105"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5730/bundles/project-v2.js
date
Thu, 01 Aug 2024 17:04:48 GMT
x-amz-version-id
CsJe9O5JBNUpEK9Zl6eeRfwEIInPv633
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
64e73fa2-5d7e-4a75-82d5-8a93f4fa2e99
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
64e73fa2-5d7e-4a75-82d5-8a93f4fa2e99
last-modified
Wed, 31 Jul 2024 11:44:46 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3kLpqP6i0gWS9Na1nJpQGOKPwnegWLNPprJaKdA%2BdygJfAN4bFDlrA1C2DEhiS1VKZKneo13C4zQySocejU3wRt1j2jZEV9PXPm3Auw1XyIstgI%2FiCJGPTtDzq2uMdn"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-dqn98
cf-ray
8ac768d10a339f1f-FRA
x-amz-cf-id
RwMaTyMWSpAfVzlYOf7igiox1-oicbK9glRJ8j_YeLt6asI-3fjgwQ==
favicon.ico
www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Icons/ 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.umb.ch/_assets/5acf0a0ebb6b108c445c5d72486a78b9/Icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
a5fca990940a97e54fb54ac3691d23ca69800ed7e3804cea8d1ebc16e3abfb50
Security Headers
Name Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
date
Thu, 01 Aug 2024 17:04:48 GMT
content-length
2402
referrer-policy
same-origin
last-modified
Thu, 11 Jul 2024 09:21:42 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/x-icon
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=604800
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Thu, 08 Aug 2024 17:04:48 GMT
www-widgetapi.js
www.youtube.com/s/player/d2e656ee/www-widgetapi.vflset/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/d2e656ee/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 16:33:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
1889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10518
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 04:15:07 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 01 Aug 2025 16:33:19 GMT
5704971.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/5704971.js
Requested by
Host: www.umb.ch
URL: https://www.umb.ch/typo3temp/assets/compressed/merged-6af1a7b3fb61901948405b4aefe6ca58-min.js?1722410413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6c502d1dcdfc5eb135809887f8262ad8fcc9093a405a0fc13f034afd9de9dc3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
515874e3-e7bc-4147-b2b5-cc9a8b1483a5
x-envoy-upstream-service-time
26
content-length
636
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
515874e3-e7bc-4147-b2b5-cc9a8b1483a5
last-modified
Thu, 01 Aug 2024 17:04:49 GMT
server
cloudflare
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-85b74c4c74-lvbbs
cache-control
public, max-age=90
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8ac768d2996d3620-FRA
expires
Thu, 01 Aug 2024 17:06:19 GMT
fb.js
js.hsadspixel.net/ 		0
0
5704971.js
js.hs-analytics.net/analytics/1722531600000/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1722531600000/5704971.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5704971.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d8e75c68d92e500b471778897595a33e3e9dc18d7f0acecfa315550544deaa9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:49 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
EVWC2BBD3J1KWGH9
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
649dd3ee-5dc5-45cd-81e7-2ea4f50fa02b
x-envoy-upstream-service-time
36
x-amz-id-2
0H/QlrW9jr1CecIgksmmXU/1UH/SvX70Ryi+o6ALXTsna2vh9kBnhWss0Az3bVIlc0rUqlyzY2E=
x-evy-trace-listener
listener_https
x-request-id
649dd3ee-5dc5-45cd-81e7-2ea4f50fa02b
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 29 Jul 2024 20:24:43 GMT
server
cloudflare
etag
W/"2a5c5b8a05ac76e11d883ecaaf110730"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wxrdh
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8ac768d3fc17361b-FRA
expires
Thu, 01 Aug 2024 17:09:49 GMT
5704971.js
js.hs-banner.com/ 		75 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/5704971.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5704971.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45d048947723eccbbd83392dab0adc81f32ff66debe2115878076c963f445d17

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:49 GMT
x-amz-version-id
baTfdWO.UAaKHh.W8uKjJAyYKruVg8Oq
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
FRW7HCQ8B58Q1GAT
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
26795822-a84c-47ce-a23d-3b27ee2aa189
x-envoy-upstream-service-time
123
x-amz-id-2
nEgMiSa37d9vEaBKRkTr05O0nnt+Tc6Yb6aLGd5AeKkF5zXjFHjYJ6uXT818MbNo2LgqDWzS53g=
x-evy-trace-listener
listener_https
x-request-id
26795822-a84c-47ce-a23d-3b27ee2aa189
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 29 Mar 2024 16:28:07 GMT
server
cloudflare
etag
W/"5855512bef353a9e0df6a09ff6630785"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
vary
origin, Accept-Encoding
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7bfb89fbf6-gtkxs
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8ac768d3fd2c65a2-FRA
expires
Thu, 01 Aug 2024 17:09:49 GMT
leadflows.js
js.hsleadflows.net/ 		551 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/5704971.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.umb.ch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
age
79101
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js&cfRay=8abfdda91e3891f9-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"b6c788efa3b3fd53687b2c92c85a5a5f"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js
date
Thu, 01 Aug 2024 17:04:49 GMT
x-amz-version-id
TIDmoMti0Vib7LJNFwT63dnpWuuDUZfu
x-content-type-options
nosniff
cf-cache-status
HIT
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
7db40bae-57b0-4efb-89ec-ee7b23cbf569
x-cache
RefreshHit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
26
x-evy-trace-route-configuration
listener_https/all
x-request-id
7db40bae-57b0-4efb-89ec-ee7b23cbf569
last-modified
Tue, 23 Jul 2024 12:57:23 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-65f7f7c749-kt4hg
cf-ray
8ac768d3fc2537d1-FRA
x-amz-cf-id
W96zD77p4qXzs1JeTIC7e7IYKQObk_mF414vMxeEKpMu6DBoCInmrw==
json
forms.hsforms.com/embed/v3/form/5704971/171dbe77-b275-4c59-b750-07f0d2c70f91/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hsforms.com/embed/v3/form/5704971/171dbe77-b275-4c59-b750-07f0d2c70f91/json?hs_static_app=forms-embed&hs_static_app_version=1.5730&X-HubSpot-Static-App-Info=forms-embed-1.5730
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3135dd2ce8734a3df89cc090ddb20da13303ae9ea7825ca4915cd0ef03b0f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-origin-hublet
na1
date
Thu, 01 Aug 2024 17:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d05cb088-c189-45f2-868a-fca0e26e6193
x-envoy-upstream-service-time
23
alt-svc
h3=":443"; ma=86400
content-length
1275
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d05cb088-c189-45f2-868a-fca0e26e6193
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.umb.ch
x-evy-trace-virtual-host
all
access-control-expose-headers
X-Origin-Hublet
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8ac768d54c949042-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-6srhk
5704971.js
js-na1.hs-scripts.com/ 		0
0
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=5704971&rcu=https%3A%2F%2Fwww.umb.ch%2F&pu=https%3A%2F%2Fwww.umb.ch%2F&t=UMB+%E2%80%93+creating+time+-+umb.ch&cts=1722531889512&vi=673f97484cb952dff6f7433bc9bad40d&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c7b6b57a-3f23-4e55-9c76-4c7997e70239
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
17
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c7b6b57a-3f23-4e55-9c76-4c7997e70239
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jrmmVIXApeTaEYMnZ0Xmex04GjUTLA7lHkkMs2h3Mr6NPHTDdpoklaVPIlcyUwv%2FfUggW8%2FxXXyQn76%2B89uQTyPsLJOuRUtqkk5wqgyHa4PSez9w0rZzyK41FC2sZixwdNxgWl3rLUSrO4REh0j"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-wj7dn
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8ac768d63e0d3621-FRA
x-robots-tag
none
cf-location
js.hs-banner.com/cookie-banner-public/v1/ 		2 B
145 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/cf-location
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/5704971.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=1500
cf-ray
8ac768d6ae993764-FRA
content-length
2
counters.gif
forms-na1.hsforms.com/embed/v3/ 		0
0
__ptq.gif
track.hubspot.com/ 		45 B
754 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=171dbe77-b275-4c59-b750-07f0d2c70f91&fci=368fcf78-b862-4250-8906-bfb52e3178fe&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1240600147&v=1.1&a=5704971&rcu=https%3A%2F%2Fwww.umb.ch%2F&pu=https%3A%2F%2Fwww.umb.ch%2F&t=UMB+%E2%80%93+creating+time+-+umb.ch&cts=1722531889677&vi=673f97484cb952dff6f7433bc9bad40d&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 17:04:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
7000fd19-6971-424f-bcba-22708e1a6f45
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
5
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7000fd19-6971-424f-bcba-22708e1a6f45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IW%2BAu7Nwuo%2F7j0Vdcg970AfKfm351gGQWVhtYy8Dfqc3Z3E2yS1D7EfDy3gbVvAP87dyJzyxgJiQ2ULlU%2BE%2BtrPFWCLQVHBIoCM6T%2BKTLwjxuFhPwLl4m%2B0dUzC50H%2BohoeobGW%2BZXWp7b1xedG9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-rrqz8
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8ac768d68e8d3621-FRA
x-robots-tag
none
counters.gif
forms-na1.hsforms.com/embed/v3/ 		0
0
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.umb.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.umb.ch
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
8ac768d6ff073764-FRA
content-length
0
content-type
application/octet-stream
date
Thu, 01 Aug 2024 17:04:50 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
1
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wxrdh
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
aecd4ba1-87d4-4123-9d21-d58b30fbe77d
x-request-id
aecd4ba1-87d4-4123-9d21-d58b30fbe77d
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/5704971.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 01 Aug 2024 17:04:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2317bbf6-5827-42f4-86e1-b7a2e84bf08a
x-envoy-upstream-service-time
29
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2317bbf6-5827-42f4-86e1-b7a2e84bf08a
server
cloudflare
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.umb.ch
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary
origin
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-k5ntq
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8ac768d90a7c3764-FRA
Icon_Mainframe.svg
www.umb.ch/fileadmin/user_upload/Icon/ 		2 KB
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.umb.ch/fileadmin/user_upload/Icon/Icon_Mainframe.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.26.60.77 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
sl1186.web.hostpoint.ch
Software
Apache /
Resource Hash
76d218c8596e73ed430573be535ef3dc6b851ae93a984a2cf07fe1afb8ed869a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.umb.ch/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none'; style-src 'none'; object-src 'none';
date
Thu, 01 Aug 2024 17:04:53 GMT
content-length
920
referrer-policy
same-origin
last-modified
Thu, 10 Mar 2022 12:10:26 GMT
server
Apache
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
https://player.3qsdn.com
cache-control
max-age=2592000
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:04:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hsadspixel.net
URL
https://js.hsadspixel.net/fb.js
Domain
js-na1.hs-scripts.com
URL
https://js-na1.hs-scripts.com/5704971.js
Domain
forms-na1.hsforms.com
URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Domain
forms-na1.hsforms.com
URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hbsptInit function| objectFitImages function| _typeof boolean| windowIsDefined function| $ function| jQuery function| Popper object| bootstrap object| AOS function| Slider object| _self object| Prism function| getTrailingNumbers function| initJobsPagination function| showJobsPage function| hideAllChildTags function| enableAllMotherTags function| selectSubTags function| disableAllMotherTags function| selectMotherTags function| showAllChildTags function| selectChildTags function| mainTags function| showAllTagsButton function| motherTags function| allTags function| showImage function| ready function| decryptCharcode function| decryptString function| windowOpen function| onYouTubeIframeAPIReady function| handleYtOverlayImgClick function| loadExternalScipt function| loadExternal function| submitForm function| stopRKey number| currentpage function| scrollto function| autosize function| ClipboardJS function| linkTo_UnCryptMailto object| dataLayer function| gtag object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady object| _hsp object| globalRoot function| bindToWindowOnError object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive object| _hsq boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime boolean| _hstc_loaded boolean| _hspb_ran boolean| _hspb_loaded

7 Cookies

Domain/Path Name / Value
.auth.umb.cloud/ Name: __cf_bm
Value: jpHG.Se18F5pNT7W1lzKaVwJutPcLvZGu_sZElt1Mwg-1722531886-1.0.1.1-5KQGUVuHKkydRWIWUUO_lwWIFSsFxz7VmkYBzugheAdGD1bIn0wCXZaaPaV3hjbH
.hsforms.net/ Name: __cf_bm
Value: rkh3n0HEr7lXj.52vEMSaFKPS9pginI1eca2NzbCE5k-1722531888-1.0.1.1-jVbTs8EVJhC_mCREf5eTtN64iMdJ0zJkSMaX0F_jw3ASkNjXE0JO0tbsWUkXvGcSpSZLGIY0VW9OpvOOp18xwA
.youtube.com/ Name: YSC
Value: eHyuOjE9LIU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 4mdekoLgyTw
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgIw%3D%3D
.hubspot.com/ Name: __cf_bm
Value: HtEit2jhuphyXAKec0W.tyfq697rew7OmazOb6dme0Y-1722531889-1.0.1.1-R_a82HvGgGQ_uTN.Wl28xPbzG950QSusXp9VHfeQq7ClVtaISFEj01J4W4nHnIWt1rF__PYh8qhMybCIfxtEXw
.hubspot.com/ Name: _cfuvid
Value: jRB2cukGibJwzPtzUMZZWUd95NJHDL9NUH3VQfDNT1s-1722531889844-0.0.1.1-604800000

4 Console Messages

Source Level URL
Text
security error URL: https://js.hs-scripts.com/5704971.js(Line 2)
Message:
Refused to load the script 'https://js.hsadspixel.net/fb.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://js.hs-analytics.net/analytics/1722531600000/5704971.js(Line 20)
Message:
Refused to load the script 'https://js-na1.hs-scripts.com/5704971.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.umb.ch/
Message:
Refused to load the image 'https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1' because it violates the following Content Security Policy directive: "img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:".
security error URL: https://www.umb.ch/
Message:
Refused to load the image 'https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1' because it violates the following Content Security Policy directive: "img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src blob: data: https: 'unsafe-inline' 'unsafe-eval' 'self' stats.addtoany.com talkify.net www.facebook.com stats.g.doubleclick.net hubspot-forms use.typekit.net static.addtoany.com www.google-analytics.com ajax.googleapis.com www.google.com google.com gstatic.com connect.facebook.net facebook.com *.3qsdn.com; img-src 'self' img.youtube.com maps.gstatic.com maps.googleapis.com perf.hsforms.com www.google-analytics.com www.facebook.com track.hubspot.com *.ads.linkedin.com *.3qsdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' js.hsleadflows.net maps.googleapis.com www.gstatic.com www.google.com www.google-analytics.com www.googletagmanager.com snap.licdn.com forms.hsforms.com js.hsforms.net static.addtoany.com js.hs-scripts.com cdnjs.cloudflare.com js.hs-analytics.net js.hs-banner.com *.youtube.com connect.facebook.net player.3qsdn.com playout.3qsdn.com *.3qsdn.com; object-src 'none';
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.umb.cloud
forms-na1.hsforms.com
forms.hsforms.com
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
p.typekit.net
track.hubspot.com
umb.cloud
use.typekit.net
www.umb.ch
www.youtube.com
forms-na1.hsforms.com
js-na1.hs-scripts.com
js.hsadspixel.net
104.18.142.119
104.18.80.204
185.157.0.119
217.26.60.77
2606:4700::6810:7574
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6812:16b7
2606:4700::6812:8a11
2606:4700::6813:9813
2a00:1450:4001:810::200e
2a02:26f0:3500:16::215:1495
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
0cb1c357e13d22a364332e2d4bc0cbafd9b693d5b6ff460df7ed36c591f72f76
15a626efe3751e371fe304bad6f94b3a5e3714455323fb20336a2192771e0de8
160edf4e8dfd3e290fe198596e9a644387147854642a22e2079ad22dad28b6b7
16e1a81c6f349186ace58c319bec3b6db121bea6633d131a1e3f5072eacfbb41
186ca9bb8539d3db8eace3723f9c748e80b7b03f783cd77d4f19841a1a13991f
1b20157a3bef39d6e4f206debacfd9e0e530af0c9b5458e0ca222bc6c9a4f0ca
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
29bf5beb02560ffaa4f8a19f567f933cd3a7ab2fdc78091e0cc6716a7c56b5e4
2d62d92fc71c40f02a1066308be107a2bb1d2d46aeec9801dd0343175ca273d8
2f6a986cac0424d7d1a75a20d22e7aa17d366420e3c1e7f0617fb7e933f6704c
2ff5d2dde6dd9f51a5ae3a26cacfb64be955bcd924e13596208f28cbcd9639f9
3a4cc704aa570fb9007196f6df5a5572d0064a22be03f1f3c6f39b0a1b52b8c6
3d8e75c68d92e500b471778897595a33e3e9dc18d7f0acecfa315550544deaa9
3e3f10bb6f20f40854a289d0c11a6124f43f29b928011de7fdd9a19afbacba0c
42ed924f64c2c60102af9bf17b121a2038ec345751ac0ae8f81f5547dbc52984
45d048947723eccbbd83392dab0adc81f32ff66debe2115878076c963f445d17
5eca93bb8cede17d5b97ec2674e36855ccaeed4369429f738e15c05214aca784
65f964da26792d57d0ed432011cfc1acd75d6dfc02af4e039913ba6022d98894
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
733bc473a668b5d603f8edbdbc71fdc9783b5d4f9893e844337cc4acf33d1f71
76d218c8596e73ed430573be535ef3dc6b851ae93a984a2cf07fe1afb8ed869a
7b5d8d761d752ab9afe91274fb17920068bcf2808c23d3b95fe33befef4fc7fb
7c1dcb2092af72315983b6c7a11c4e05131713222c3023942afa55c3872e5fdf
814cd93708723caf462794dae0e2f72c442b326ad6f6ed1af4727810b0673eda
86c5acf4e07d1285e305235b14cda33b6a040f76aaadd0f9bc21f4b0ad3df3d7
8a5b94849d062fdad1a55538006b0d042c5c77fba31bb1b7bc9fa4de20e49bf1
8b08773fef9690ef6a800868d4fe9116a0e7b675f56f51c6454b2d10cf5c5eb7
8beda069d0d14174ba2226df85329d70123b62df6550b442bb217f27237cc56e
90efd2a9688eaae2cbc555efc0b81fc721b81e9bffdca0af5235a376f1754bd2
99c78a7e7574ecaba8f10438c7f73dd83eec3abdb6b4cf809d0b098d833bf7e1
a3dafb9524fd4250283f1644e193f0fbb92aada719aa0dd80d0206b2fb0004ac
a5fca990940a97e54fb54ac3691d23ca69800ed7e3804cea8d1ebc16e3abfb50
a6c502d1dcdfc5eb135809887f8262ad8fcc9093a405a0fc13f034afd9de9dc3
bbe582522956d3117d3d9ddba64a6c5f76361c25610a3d0f61b703eb70d4c364
c9f299073433d2af5662ec49a4d73a9c6c8bfe760c60b3db2f863788950d6511
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df486e9bc7ee11005e808617dbf61d93c69c016f794990df763ae89365f8ac56
e1b8d85d91e4fe879df156118835987a5927995ec08165c2423c6c4feac33b14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e689270b831964b3fbff3e17fdc3be952cd831cef717bd5ef39bcf0199c4feae
edbbde479f194d52b275544fcf84f2fe1d1feca062400f1e0e078d6e3d6c66f3
f3135dd2ce8734a3df89cc090ddb20da13303ae9ea7825ca4915cd0ef03b0f6a
f6b28198a96dfe69382bee8720f1a96506ff0b05f4ddbdf8e2e38f599ac2d0df
f8cdfe0414eac9a2380c093c8f3de44e1298e2ef2f9fcdf3a999f86c357ab5e2