HTTP/1.1 200 OK
Server: Apache
Content-Length: 112671
Content-Type: text/html;charset=utf-8
Set-Cookie: geo-country=US; path=/; domain=.ubs.com; secure; HttpOnly
Strict-Transport-Security: max-age=120
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.ubs.com *.adobedtm.com *.demdex.net *.decibelinsight.net *.adform.net *.everesttech.net *.googleapis.com *.brightcove.net *.2o7.net *.omtrdc.net *.tt.omtrdc.net *.zencdn.net *.akamaihd.net *.facebook.net *.googleadservices.com *.google-analytics.com *.google.com *.youtube.com *.ytimg.com *.doubleclick.net *.twinesocial.com *.pusher.com *.cloudflare.com *.zmags.com *.raisenow.com *.newrelic.com *.nr-data.net *.adobe.com *.dotomi.com;  upgrade-insecure-requests; object-src *.ubs.com
X-Frame-Options: SAMEORIGIN
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: camera 'none'; microphone 'none'
Access-Control-Allow-Origin: https://secure.ubs.com
X-Varnish-Cache: HIT
P3P: CP="OTI DSP CURa OUR LEG COM NAV INT"
X-NodeID: prod-p-3 - t=1617935950996120 D=14384
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=edge
X-XSS-Protection: 1; mode=block
allowed: false
Access-Control-Allow-Methods: GET,HEAD,POST,OPTIONS
Permissions-Policy: microphone=(), camera=()
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers,Accept,Accept-Language,Cache-Control,CSRF-Token
Date: Fri, 09 Apr 2021 02:40:50 GMT
Connection: keep-alive