urlscan.io logo urlscan.io
SecurityTrails logo

neo.ubs.com Open in urlscan Pro
151.191.185.67  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://neo.ubs.com/r/7/?id=o49670282,954b6b64,49c1ce56&e=cDE9JTQwMHNIZkJCcmxYJTJCNFVoNGVNdnQ0VUNRJTNEJTNEJnAyPVNWQz...
Effective URL: https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Submission: On March 27 via manual from IN — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 151.191.185.67, located in United States and belongs to PAINEWEBBER-ASN, US. The main domain is neo.ubs.com. The Cisco Umbrella rank of the primary domain is 328540.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on December 28th 2023. Valid for: a year.
This is the only time neo.ubs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 7 151.191.185.67 10615 (PAINEWEBB...)
4 1
Apex Domain
Subdomains		 Transfer
7 ubs.com
neo.ubs.com — Cisco Umbrella Rank: 328540
388 KB
4 1
Domain Requested by
7 neo.ubs.com 3 redirects neo.ubs.com
4 1

This site contains no links.

Subject Issuer Validity Valid
neo.ubs.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-28 -
2025-01-03		 a year crt.sh

This page contains 1 frames:

Primary Page: https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Frame ID: 56697754022417220C018B51D0353AED
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://neo.ubs.com/r/7/?id=o49670282,954b6b64,49c1ce56&e=cDE9JTQwMHNIZkJCcmxYJTJCNFVoNGVNdnQ0VU... HTTP 302
    https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_serv... Page URL

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

385 kB
Transfer

1374 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://neo.ubs.com/r/7/?id=o49670282,954b6b64,49c1ce56&e=cDE9JTQwMHNIZkJCcmxYJTJCNFVoNGVNdnQ0VUNRJTNEJTNEJnAyPVNWQzc3MjM&s=8FW-89jlRzC3esaCeSaKbdOhNPOhcKxag4hjEXJWWwo HTTP 302
    https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://neo.ubs.com/nl/gen/min/WA-en-cf461481d56f1e56aa870f98218b501b.js HTTP 302
  • https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2den%2dcf461481d56f1e56aa870f98218b501b%2ejs
Request Chain 1
  • https://neo.ubs.com/nl/gen/min/WA-213e709fcaa85834dad102e6b67ff728.js HTTP 302
  • https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2d213e709fcaa85834dad102e6b67ff728%2ejs

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ubselpUnsub
neo.ubs.com/research-subscription/
Redirect Chain
  • https://neo.ubs.com/r/7/?id=o49670282,954b6b64,49c1ce56&e=cDE9JTQwMHNIZkJCcmxYJTJCNFVoNGVNdnQ0VUNRJTNEJTNEJnAyPVNWQzc3MjM&s=8FW-89jlRzC3esaCeSaKbdOhNPOhcKxag4hjEXJWWwo
  • https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.191.185.67 , United States, ASN10615 (PAINEWEBBER-ASN, US),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips /
Resource Hash
28ef533790fb3781559ea4c5e7120d46f864b756b22a5e4c5fd095e1f7a65c8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data: default-src 'self';style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-CH,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2930
Content-Security-Policy
default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data: default-src 'self';style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline'
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Mar 2024 16:19:26 GMT
Expires
Wed, 27 Mar 2024 16:19:27 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff nosniff
X-Frame-Options
SAMEORIGIN DENY
X-Robots-Tag
noindex
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Length
17
Content-Security-Policy
default-src 'self';style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline'
Content-Type
text/plain;charset=utf-8
Date
Wed, 27 Mar 2024 16:19:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
P3P
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Robots-Tag
noindex
login.html
neo.ubs.com/static/
Redirect Chain
  • https://neo.ubs.com/nl/gen/min/WA-en-cf461481d56f1e56aa870f98218b501b.js
  • https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2den%2dcf461481d56f1e56aa870f98218b501b%2ejs
683 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2den%2dcf461481d56f1e56aa870f98218b501b%2ejs
Requested by
Host: neo.ubs.com
URL: https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Protocol
HTTP/1.1
Server
151.191.185.67 , United States, ASN10615 (PAINEWEBBER-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
75d7efe4612864fc13e96fb79fa549c5c07ccc479384662ce7dd85cb98385cc9
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';img-src 'self' data: https://analytics.ubs.com;connect-src 'self' https://emidas.ubs.com https://emidas-radianz.ubs.com https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' https://assets.adobedtm.com;frame-src https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Wed, 27 Mar 2024 16:19:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';object-src 'none';img-src 'self' data: https://analytics.ubs.com;connect-src 'self' https://emidas.ubs.com https://emidas-radianz.ubs.com https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' https://assets.adobedtm.com;frame-src https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
Pragma
no-cache
Referrer-Policy
origin
Last-Modified
Wed, 15 Nov 2023 13:19:03 GMT
Server
Apache
ETag
"aacd5-60a30bf369fc0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
User-Agent,Accept-Encoding
Content-Type
text/html
Cache-Control
no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97

Redirect headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 16:19:27 GMT
Content-Security-Policy
default-src 'self';img-src 'self';connect-src 'self';style-src 'self';script-src 'self'
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2den%2dcf461481d56f1e56aa870f98218b501b%2ejs
Cache-Control
public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
296
login.html
neo.ubs.com/static/
Redirect Chain
  • https://neo.ubs.com/nl/gen/min/WA-213e709fcaa85834dad102e6b67ff728.js
  • https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2d213e709fcaa85834dad102e6b67ff728%2ejs
683 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2d213e709fcaa85834dad102e6b67ff728%2ejs
Requested by
Host: neo.ubs.com
URL: https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Protocol
HTTP/1.1
Server
151.191.185.67 , United States, ASN10615 (PAINEWEBBER-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
f3339e0c6b25e451d2d99dc8940ac48604e7f601138c8075dd65e2a5483e034c
Security Headers
Name Value
Content-Security-Policy default-src 'self';object-src 'none';img-src 'self' data: https://analytics.ubs.com;connect-src 'self' https://emidas.ubs.com https://emidas-radianz.ubs.com https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' https://assets.adobedtm.com;frame-src https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date
Wed, 27 Mar 2024 16:19:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self';object-src 'none';img-src 'self' data: https://analytics.ubs.com;connect-src 'self' https://emidas.ubs.com https://emidas-radianz.ubs.com https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com;style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline' https://assets.adobedtm.com;frame-src https://ubs.demdex.net https://dpm.demdex.net https://analytics.ubs.com
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
Keep-Alive
Pragma
no-cache
Referrer-Policy
origin
Last-Modified
Wed, 15 Nov 2023 13:19:03 GMT
Server
Apache
ETag
"aacd5-60a30bf369fc0-gzip"
X-Frame-Options
SAMEORIGIN
Vary
User-Agent,Accept-Encoding
Content-Type
text/html
Cache-Control
no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100

Redirect headers

Pragma
no-cache
Date
Wed, 27 Mar 2024 16:19:27 GMT
Content-Security-Policy
default-src 'self';img-src 'self';connect-src 'self';style-src 'self';script-src 'self'
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2d213e709fcaa85834dad102e6b67ff728%2ejs
Cache-Control
public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
291
favicon.ico
neo.ubs.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://neo.ubs.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.191.185.67 , United States, ASN10615 (PAINEWEBBER-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
eb315bb7003768e15e70be846f738814f460049dc6260411c693906cdbcb1a50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
accept-language
de-CH,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 27 Mar 2024 16:19:28 GMT
Content-Security-Policy
default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
Keep-Alive
Content-Length
1150
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 12 Mar 2024 16:51:56 GMT
Server
Apache
ETag
"47e-6137979d16300"
X-Frame-Options
SAMEORIGIN
Vary
User-Agent
Content-Type
image/vnd.microsoft.icon
Cache-Control
no-store
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal string| Timeline_urlPrefix string| Timeline_parameters function| htmlPageForm

3 Cookies

Domain/Path Name / Value
neo.ubs.com/ Name: ADRUM_BTa
Value: R:0|g:83d6d068-6f6d-4fcc-a49f-3c68a2233d51|n:customer1_3f5d5ee2-41b3-4e59-ad10-de0b93053644
neo.ubs.com/ Name: SameSite
Value: None
neo.ubs.com/ Name: ADRUM_BT1
Value: R:0|i:2180|e:1

2 Console Messages

Source Level URL
Text
security error URL: https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Message:
Refused to execute script from 'https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2den%2dcf461481d56f1e56aa870f98218b501b%2ejs' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security error URL: https://neo.ubs.com/research-subscription/ubselpUnsub?id=%400sHfBBrlX%2B4Uh4eMvt4UCQ%3D%3D&_service=SVC7723
Message:
Refused to execute script from 'https://neo.ubs.com/static/login.html?origin=%2fnl%2fgen%2fmin%2fWA%2d213e709fcaa85834dad102e6b67ff728%2ejs' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * blob: data: ; worker-src * blob: data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src * blob: data: ; font-src * blob: data: default-src 'self';style-src 'self' 'unsafe-inline';script-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN DENY
X-Xss-Protection 1; mode=block