urlscan.io logo urlscan.io
SecurityTrails logo

www.simonmarkets.com Open in urlscan Pro
23.36.162.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hello.simon.io/e/779203/simon---home/2mpnyc/546424471?h=dY8t2jkmDkJSc7jclA_dKk3FgXSSQFpEOS5ghC_HCvY
Effective URL: https://www.simonmarkets.com/simon/
Submission: On May 24 via api from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 23.36.162.89, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.simonmarkets.com. The Cisco Umbrella rank of the primary domain is 615008.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 19th 2022. Valid for: a year.
This is the only time www.simonmarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.92.120.28 14618 (AMAZON-AES)
12 23.36.162.89 20940 (AKAMAI-ASN1)
1 35.188.42.15 396982 (GOOGLE-CL...)
3 52.14.242.17 16509 (AMAZON-02)
16 3
1    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
hello.simon.io
12    23.36.162.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-89.deploy.static.akamaitechnologies.com
www.simonmarkets.com
cdn.mxpnl.simonmarkets.com
1    35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
3    52.14.242.17 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-242-17.us-east-2.compute.amazonaws.com
auth.simonmarkets.com
Apex Domain
Subdomains		 Transfer
15 simonmarkets.com
www.simonmarkets.com — Cisco Umbrella Rank: 615008
cdn.mxpnl.simonmarkets.com
auth.simonmarkets.com — Cisco Umbrella Rank: 552243
1012 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 307
410 B
1 simon.io
hello.simon.io
945 B
16 3
Domain Requested by
11 www.simonmarkets.com www.simonmarkets.com
3 auth.simonmarkets.com www.simonmarkets.com
1 sentry.io www.simonmarkets.com
1 cdn.mxpnl.simonmarkets.com www.simonmarkets.com
1 hello.simon.io 1 redirects
16 5

This site contains links to these domains. Also see Links.

Domain
simon.io
brokercheck.finra.org
www.finra.org
www.sipc.org
Subject Issuer Validity Valid
simonmarkets.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-19 -
2023-02-19		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
auth.prod.simonmarkets.com
GeoTrust RSA CA 2018		 2021-12-21 -
2023-01-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.simonmarkets.com/simon/
Frame ID: F0B8A5384D924A73B4380CDDD9AA4219
Requests: 14 HTTP requests in this frame

Frame: https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/authorize?client_id=0oadjggdmyOlW19D12p7&code_challenge=y-uCOX_HJXv9bb9WLuYAbu8sYY2KLqh3sUxTYaplVbg&code_challenge_method=S256&nonce=tVQITfqlD2ZEzbhxU3MuyFbygE4dcfeLlCOsguPECyHa1q2Tov4n2XtMoPopMULx&prompt=none&redirect_uri=https%3A%2F%2Fwww.simonmarkets.com%2Fsimon%2F&response_mode=okta_post_message&response_type=code&state=QRXyHrBBYdBR8VO0eTJV5GQJH0BvyKGbQHjPE9uFXpdFte4pr1h6WhAEg63ApniL&scope=openid%20profile%20email
Frame ID: A0DB3A930B6CB62CC77ADCA49FB149A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SIMONSIMON

Page URL History Show full URLs

  1. https://hello.simon.io/e/779203/simon---home/2mpnyc/546424471?h=dY8t2jkmDkJSc7jclA_dKk3FgXSSQFpEOS5... HTTP 301
    https://www.simonmarkets.com/simon/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

1012 kB
Transfer

3306 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hello.simon.io/e/779203/simon---home/2mpnyc/546424471?h=dY8t2jkmDkJSc7jclA_dKk3FgXSSQFpEOS5ghC_HCvY HTTP 301
    https://www.simonmarkets.com/simon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.simonmarkets.com/simon/
Redirect Chain
  • https://hello.simon.io/e/779203/simon---home/2mpnyc/546424471?h=dY8t2jkmDkJSc7jclA_dKk3FgXSSQFpEOS5ghC_HCvY
  • https://www.simonmarkets.com/simon/
14 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
6cf410d035ddaafa7b39e867b7e1c9f2b39998db621a48b77e9a20ae3420f1ee
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
6827
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 24 May 2022 17:28:13 GMT
etag
"627e7796-3801"
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-kong-proxy-latency
1
x-kong-upstream-latency
2
x-simon-external
True
x-trace-id
32768d66-1055-46ac-9a27-34f9866894b6
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
109
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 May 2022 17:28:12 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Thu, 23 May 2024 17:28:11 GMT
location
https://www.simonmarkets.com/simon/#/home
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
6900.d3bafcc7.js
www.simonmarkets.com/simon/static/js/ 		2 MB
660 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
2f18216d40bf1b171060ee04cbc638a7558a5d381194cbe248a1d0842e755692
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
dcfbaa00-0333-4840-bb65-23e4a9ac948c
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-209397"
accept-ranges
bytes
main.66b399db.js
www.simonmarkets.com/simon/static/js/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/main.66b399db.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
795f7041fe2760a21d76b9297ea4f061e506689db0a4504bc7d7a38f21c05587
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
vary
Accept-Encoding
content-length
16070
x-xss-protection
1; mode=block
x-trace-id
9b9aeab7-4ccf-4450-b49f-f0c57f7db9aa
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-b929"
accept-ranges
bytes
main.9afb5133.css
www.simonmarkets.com/simon/static/css/ 		404 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/css/main.9afb5133.css
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
16934f849e0a957019b9f070c96bc7ea200eaa926e9c627eaf380e95a9e2f114
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
0
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
df6da0a0-c095-48e2-bd98-8f9da45b3131
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-64e4f"
accept-ranges
bytes
mixpanel-2-latest.min.js
cdn.mxpnl.simonmarkets.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.simonmarkets.com/libs/mixpanel-2-latest.min.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Tue, 24 May 2022 17:28:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtSV1KPoW6m3sR72v2BRYqfC5j9iSIohGl7Igs5ffkVzcsltyjZLXiuYEOU3u4hodj3FET0OVH9GigXn4OyvKCu5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
17435
pragma
no-cache
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation
1645129310876382
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-goog-stored-content-length
17435
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 24 May 2022 17:28:13 GMT
/
sentry.io/api/1475595/envelope/ 		2 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1475595/envelope/?sentry_key=730ba1a47ca448f3aa5aabf9e1c6cfa8&sentry_version=7
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.simonmarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 24 May 2022 17:28:14 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://www.simonmarkets.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
2
Connection
keep-alive
Content-Length
2
Roboto-Regular.176f8f5bd5f02b3abfcf.woff2
www.simonmarkets.com/simon/static/media/ 		15 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/media/Roboto-Regular.176f8f5bd5f02b3abfcf.woff2
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/css/main.9afb5133.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.simonmarkets.com/simon/static/css/main.9afb5133.css
Origin
https://www.simonmarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
x-simon-external
True
content-length
15736
x-xss-protection
1; mode=block
x-trace-id
2ed4a5fe-d724-4c4c-b607-c960d2d371ba
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-3d78"
accept-ranges
bytes
openid-configuration
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/openid-configuration
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.242.17 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-242-17.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
f74b50b1e34cd9c6f74d4f582087e836b4d3340dda5e74a2330365778c92abfc
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.simonmarkets.com/
X-Okta-User-Agent-Extended
okta-auth-js/6.1.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
application/json

Response headers

X-Okta-Request-Id
Yo0Vrkt0h1lMnSHujbMKOwAAAfQ
Date
Tue, 24 May 2022 17:28:14 GMT
x-content-type-options
nosniff
Transfer-Encoding
chunked
p3p
CP="HONK"
Connection
Keep-Alive
vary
Origin
x-xss-protection
0
Server
nginx
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security
max-age=315360000; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://www.simonmarkets.com
cache-control
max-age=86400, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Wed, 25 May 2022 17:27:52 GMT
openid-configuration
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.242.17 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-242-17.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://www.simonmarkets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://www.simonmarkets.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 24 May 2022 17:28:14 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
Yo0Vrkt0h1lMnSHujbMKOgAAAfQ
authorize
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/ Frame A0DB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/authorize?client_id=0oadjggdmyOlW19D12p7&code_challenge=y-uCOX_HJXv9bb9WLuYAbu8sYY2KLqh3sUxTYaplVbg&code_challenge_method=S256&nonce=tVQITfqlD2ZEzbhxU3MuyFbygE4dcfeLlCOsguPECyHa1q2Tov4n2XtMoPopMULx&prompt=none&redirect_uri=https%3A%2F%2Fwww.simonmarkets.com%2Fsimon%2F&response_mode=okta_post_message&response_type=code&state=QRXyHrBBYdBR8VO0eTJV5GQJH0BvyKGbQHjPE9uFXpdFte4pr1h6WhAEg63ApniL&scope=openid%20profile%20email
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.14.242.17 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-14-242-17.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6526eb982c6c2875197409879b37445177b7bc38a471717b017496f215f5211e
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.simonmarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 24 May 2022 17:28:15 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
Yo0VrwuADNYZqYZhvGNJywAACow
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1653413355
x-xss-protection
0
4968.b460bd5f.chunk.js
www.simonmarkets.com/simon/static/js/ 		289 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/4968.b460bd5f.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
055cc645f2c418ff9fb6f675804009252f308589b3e2f8f85a29fc2a284855f4
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
a4e6bc68-71ab-4849-9835-44bf1aabd25b
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-4843c"
accept-ranges
bytes
2142.5a522ef9.chunk.css
www.simonmarkets.com/simon/static/css/ 		53 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/css/2142.5a522ef9.chunk.css
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
ecfdcb03c73e5a03fe555a25b3a409e76e62bc40f7ef28a1c6613756cdfbfd04
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
5
vary
Accept-Encoding
content-length
12158
x-xss-protection
1; mode=block
x-trace-id
e4cc6127-43ef-4706-87ea-afdad3e1fe36
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-d206"
accept-ranges
bytes
2142.fc263dae.chunk.js
www.simonmarkets.com/simon/static/js/ 		257 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/2142.fc263dae.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
0e6952027bead3824956939fa708ed575c3ff837af15d72806bc8b2cf6981ff2
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
5
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
da890f3c-3544-4a37-9e40-9d5c44e6801a
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-4041c"
accept-ranges
bytes
AppPublic.d313a2a6.chunk.css
www.simonmarkets.com/simon/static/css/ 		8 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/css/AppPublic.d313a2a6.chunk.css
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
ec517973009901809750bc5aef0f578746d1856dd423474209d89ff1ee30ae59
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
content-length
2276
x-xss-protection
1; mode=block
x-trace-id
9b0e9d4e-0111-4e7d-b39a-271e45e985d9
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-1fb9"
accept-ranges
bytes
AppPublic.a2ae1761.chunk.js
www.simonmarkets.com/simon/static/js/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/AppPublic.a2ae1761.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
8771bee6c76328b7cdc07c64107ec5878054dbca0522ff24ada19039a47a0c68
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
content-length
15643
x-xss-protection
1; mode=block
x-trace-id
46245dcc-c732-41e8-b120-71aa624922ff
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-f1b2"
accept-ranges
bytes
simon-mascot-small.3f2dd5b3d6b4c24c967d.svg
www.simonmarkets.com/simon/static/media/ 		20 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.simonmarkets.com/simon/static/media/simon-mascot-small.3f2dd5b3d6b4c24c967d.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-89.deploy.static.akamaitechnologies.com
Software
nginx/1.20.2 /
Resource Hash
deb2b790f448e5027944245be677bc1e526c0cb0a2bb5b8f7cd17b67a356dc9f
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-content-type-options
nosniff
x-kong-proxy-latency
0
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
3
x-simon-external
True
content-length
20759
x-xss-protection
1; mode=block
x-trace-id
c28c0b30-6ce7-410d-8c44-9715894449c1
last-modified
Fri, 13 May 2022 15:21:58 GMT
server
nginx/1.20.2
x-frame-options
SAMEORIGIN
date
Tue, 24 May 2022 17:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
cache-control
no-store, no-cache, must-revalidate
etag
"627e7796-5117"
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| mixpanel object| webpackChunk_simon_simonmarkets_web object| regeneratorRuntime function| setImmediate function| clearImmediate object| __SENTRY__ object| DD_RUM object| simon

7 Cookies

Domain/Path Name / Value
hello.simon.io/ Name: visitor_id779203
Value: 244624465
hello.simon.io/ Name: visitor_id779203-hash
Value: fec7f395007739d54a0f74d6b64f8cf8582e4afb4d3549f4a4233f897f927930a70ddd1d9967efd7c558311c993b7daa095819f4
www.simonmarkets.com/ Name: akacd_www_simon
Value: 3830866091~rv=48~id=e46a961d85f4b5a4af7d57e95c040ac0
.simonmarkets.com/ Name: ak_bmsc
Value: 16F408FE7A22850665440E45B47896A5~000000000000000000000000000000~YAAQGaAkF2Lw4e+AAQAAWa0c9w/FwCDlfjH6pt5bdQbuaClZyp+p2AL69GW+G1ZuZWpKMvhTrw4AFzEw+SPFtal2VZeChCezoYXQxfjZ2As2dtoP8iSe7a0pUPOA7gVFi6an0ai/HNBcmSS7GuowOk1aVFygsNx0B54bMd8dX7odFd1DJImy1CrW1SkifZpVEtbp22xupSxHX2K06li7SiarApsnY2M3V00k/LpxvEFb1GSFzg+9PdEr3VRw9oB4vFsWwuMB9q++jlYdPKbjzhumFMozKK2dag9tmOseBsz/D/zvqHMSnhuggO6YSj5OUVhhoRbBu4jVWogz/HTtKWuDKlmY3mwQDpuP+ra6+B6Ybh7kaEnpCeQxEhzOJOT5dagHT8OdZ58W/z/1XrXclQ==
auth.simonmarkets.com/ Name: JSESSIONID
Value: 49B277F919AE0CD051934F2AC514FD85
auth.simonmarkets.com/ Name: t
Value: sea
auth.simonmarkets.com/ Name: DT
Value: DI0iDLi_gw4SCu6HcIZNQg6XQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block