urlscan.io logo urlscan.io
SecurityTrails logo

www.simonmarkets.com Open in urlscan Pro
2.18.79.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c...
Effective URL: https://www.simonmarkets.com/simon/
Submission: On September 06 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2.18.79.14, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.simonmarkets.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 19th 2022. Valid for: a year.
This is the only time www.simonmarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.86.244.217 14618 (AMAZON-AES)
1 151.101.130.137 54113 (FASTLY)
12 2.18.79.14 20940 (AKAMAI-ASN1)
1 162.247.241.14 23467 (NEWRELIC-...)
1 35.188.42.15 396982 (GOOGLE-CL...)
3 99.83.241.219 16509 (AMAZON-02)
21 7
1    54.86.244.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-244-217.compute-1.amazonaws.com
t.yesware.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
12    2.18.79.14 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-14.deploy.static.akamaitechnologies.com
www.simonmarkets.com
cdn.mxpnl.simonmarkets.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
3    99.83.241.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa4314b2f84572f89.awsglobalaccelerator.com
auth.simonmarkets.com
Apex Domain
Subdomains		 Transfer
15 simonmarkets.com
www.simonmarkets.com
cdn.mxpnl.simonmarkets.com
auth.simonmarkets.com
967 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 411
410 B
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 423
625 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 768
14 KB
1 yesware.com
t.yesware.com — Cisco Umbrella Rank: 282019
27 KB
21 5
Domain Requested by
11 www.simonmarkets.com t.yesware.com
www.simonmarkets.com
3 auth.simonmarkets.com www.simonmarkets.com
1 sentry.io www.simonmarkets.com
1 cdn.mxpnl.simonmarkets.com www.simonmarkets.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com t.yesware.com
1 t.yesware.com
21 7

This site contains no links.

Subject Issuer Validity Valid
*.yesware.com
Amazon		 2021-11-23 -
2022-12-21		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
simonmarkets.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-19 -
2023-02-19		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-07-04		 a year crt.sh
auth.prod.simonmarkets.com
GeoTrust RSA CA 2018		 2021-12-21 -
2023-01-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.simonmarkets.com/simon/
Frame ID: D19E591B1D78903CDAABEA3B2B64A99F
Requests: 19 HTTP requests in this frame

Frame: https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/authorize?client_id=0oadjggdmyOlW19D12p7&code_challenge=j4-c-gnFSu6VJGXAr_vfytGh9d9ez6tZwY2xEtgdLxs&code_challenge_method=S256&nonce=5QVScoeiCiAFLdcZ8tutC1nfNhKufzI1X7j5ZDNjD0lZTWliFplYfNaTqFGxbhSH&prompt=none&redirect_uri=https%3A%2F%2Fwww.simonmarkets.com%2Fsimon%2F&response_mode=okta_post_message&response_type=code&state=I5IG3ZVMFcxR9oFwtUXFQZOkctvZXhDcx9FEK00q94kgXEjelD0FDvVz1KsbWDew&scope=openid%20profile%20email
Frame ID: B19C22DD87BBBACD00E6DF369754BBDC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SIMON

Page URL History Show full URLs

  1. https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41... Page URL
  2. https://www.simonmarkets.com/simon/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns

Page Statistics

21
Requests

90 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

1009 kB
Transfer

3308 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/ Page URL
  2. https://www.simonmarkets.com/simon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/ 		26 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.244.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-244-217.compute-1.amazonaws.com
Software
/
Resource Hash
3d8ce0f855e0ebbe55936afc4680d83f0aa530c8bfcb043b7f24afe5551ef14d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
27131
content-type
text/html; charset=utf-8
date
Tue, 06 Sep 2022 21:48:52 GMT
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
81a86b85-58f9-4b26-a4c0-68dcd21e21ae
x-robots-tag
noindex
x-runtime
0.006690
x-xss-protection
1; mode=block
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.yesware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
QS55VTZ5KYBT01RF
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
LqMYMQa4YU1cIYkATbA3xCSvsTD2lndpXc+K9jTcrBu4zKcsnQNt7LnOCIo6x7yoHpJFT7uuVmQ=
x-served-by
cache-hhn4075-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1662500933.675909,VS0,VE0
date
Tue, 06 Sep 2022 21:48:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1716
Primary Request /
www.simonmarkets.com/simon/ 		47 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
bd1a6256197c9626c1fd8d7e2ea321d2842af1b0c876f68448f1a21567a5d5c4
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.yesware.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
12322
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 21:48:54 GMT
etag
"6312969e-bb8d"
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-kong-proxy-latency
1
x-kong-upstream-latency
2
x-simon-external
True
x-trace-id
3dbdd581-6f28-482a-a314-1c271e232b95
x-xss-protection
1; mode=block
1a5da492d2
bam.nr-data.net/1/ 		49 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1a5da492d2?a=2164051&v=1216.487a282&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=604&ck=1&ref=https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/&ap=7&be=542&fe=548&dc=547&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1662500932083,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:84,%22c%22:84,%22s%22:188,%22ce%22:295,%22rq%22:295,%22rp%22:514,%22rpe%22:515,%22dl%22:517,%22di%22:547,%22ds%22:547,%22de%22:547,%22dc%22:547,%22l%22:547,%22le%22:548%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t.yesware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 21:48:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
746a694dad8b9bbf-FRA
1a5da492d2
bam.nr-data.net/events/1/ 		0
0
main.0460d6a5.js
www.simonmarkets.com/simon/static/js/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/main.0460d6a5.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
60c29f0e263d882170eb82f277790eb11e9b1e4223ea8391d9afa420779b15ca
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
vary
Accept-Encoding
content-length
665
x-xss-protection
1; mode=block
x-trace-id
36af3b1d-b76f-491c-baa1-9d811a47d1ec
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-795"
accept-ranges
bytes
mixpanel-2-latest.min.js
cdn.mxpnl.simonmarkets.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.simonmarkets.com/libs/mixpanel-2-latest.min.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 21:48:54 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsgGoqTCcz4a2ZiDiFq6VslZphakyaHte5cV17-7LOYSOyW7ZosKuPyL-hctW7bAVEGjJykusV9HdNcVXfCYUeH88HJrnYi
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
17435
pragma
no-cache
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation
1645129310876382
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-goog-stored-content-length
17435
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 06 Sep 2022 21:48:54 GMT
vendors-node_modules_sentry_browser_esm_sdk_js-node_modules_query-string_index_js-node_module-ca5506.9bf2c3b7.chunk.js
www.simonmarkets.com/simon/static/js/ 		2 MB
607 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/vendors-node_modules_sentry_browser_esm_sdk_js-node_modules_query-string_index_js-node_module-ca5506.9bf2c3b7.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
6dce0e5e8fd9a0ded102a4705a8b281a926190a1c7a126894c47dc118ecf184c
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
0a3d3319-e38f-4b3c-990f-001898f2e981
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-1e347e"
accept-ranges
bytes
src_bootstrap_js.b08a6bfa.chunk.css
www.simonmarkets.com/simon/static/css/ 		420 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/css/src_bootstrap_js.b08a6bfa.chunk.css
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
cca768ed507896ea72547a04f2c6c09e2852add232d09afd05b3b79d81a75e49
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
0
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
8b5e48ca-b549-4910-9726-fc89d5197f68
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-68eb1"
accept-ranges
bytes
src_bootstrap_js.ec2fe909.chunk.js
www.simonmarkets.com/simon/static/js/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/src_bootstrap_js.ec2fe909.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
f572e12ec4f170102ede6c03aecbcd6182977d6d69249439400e662c0e0229af
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
0
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
content-length
35287
x-xss-protection
1; mode=block
x-trace-id
de72d8ab-3c55-4b15-b040-cbfe6b9415f2
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-17752"
accept-ranges
bytes
/
sentry.io/api/1475595/envelope/ 		2 B
410 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1475595/envelope/?sentry_key=730ba1a47ca448f3aa5aabf9e1c6cfa8&sentry_version=7
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/vendors-node_modules_sentry_browser_esm_sdk_js-node_modules_query-string_index_js-node_module-ca5506.9bf2c3b7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.simonmarkets.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 06 Sep 2022 21:48:55 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://www.simonmarkets.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
Roboto-Regular.176f8f5bd5f02b3abfcf.woff2
www.simonmarkets.com/simon/static/media/ 		15 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/media/Roboto-Regular.176f8f5bd5f02b3abfcf.woff2
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/css/src_bootstrap_js.b08a6bfa.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.simonmarkets.com/simon/static/css/src_bootstrap_js.b08a6bfa.chunk.css
Origin
https://www.simonmarkets.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
x-simon-external
True
content-length
15736
x-xss-protection
1; mode=block
x-trace-id
d84c44bd-5741-42d6-b5f3-a9e162c8ac7a
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-3d78"
accept-ranges
bytes
openid-configuration
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/openid-configuration
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/vendors-node_modules_sentry_browser_esm_sdk_js-node_modules_query-string_index_js-node_module-ca5506.9bf2c3b7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.241.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa4314b2f84572f89.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f74b50b1e34cd9c6f74d4f582087e836b4d3340dda5e74a2330365778c92abfc
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.simonmarkets.com/
X-Okta-User-Agent-Extended
okta-auth-js/6.1.0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json

Response headers

X-Okta-Request-Id
YxfARwx36FjWVRIS-6HDJQAAAIM
Date
Tue, 06 Sep 2022 21:48:55 GMT
x-content-type-options
nosniff
content-security-policy-report-only
frame-ancestors 'self'
p3p
CP="HONK"
Connection
Keep-Alive
vary
Origin
x-xss-protection
0
Server
nginx
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security
max-age=315360000; includeSubDomains
Content-Type
application/json
Access-Control-Allow-Origin
https://www.simonmarkets.com
cache-control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5, max=99
expires
Wed, 07 Sep 2022 21:48:55 GMT
openid-configuration
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.241.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa4314b2f84572f89.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://www.simonmarkets.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://www.simonmarkets.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 06 Sep 2022 21:48:55 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
YxfARwx36FjWVRIS-6HDJAAAAIM
authorize
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/ Frame B19C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/authorize?client_id=0oadjggdmyOlW19D12p7&code_challenge=j4-c-gnFSu6VJGXAr_vfytGh9d9ez6tZwY2xEtgdLxs&code_challenge_method=S256&nonce=5QVScoeiCiAFLdcZ8tutC1nfNhKufzI1X7j5ZDNjD0lZTWliFplYfNaTqFGxbhSH&prompt=none&redirect_uri=https%3A%2F%2Fwww.simonmarkets.com%2Fsimon%2F&response_mode=okta_post_message&response_type=code&state=I5IG3ZVMFcxR9oFwtUXFQZOkctvZXhDcx9FEK00q94kgXEjelD0FDvVz1KsbWDew&scope=openid%20profile%20email
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/vendors-node_modules_sentry_browser_esm_sdk_js-node_modules_query-string_index_js-node_module-ca5506.9bf2c3b7.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.241.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa4314b2f84572f89.awsglobalaccelerator.com
Software
nginx /
Resource Hash
2e9a03a53a2798df41f4bc46bf68190709de748cf1d6d14b2d10eb92b0de8320
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.simonmarkets.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Tue, 06 Sep 2022 21:48:56 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex,nofollow
cache-control
no-cache, no-store
content-language
de
expect-ct
report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
no-referrer
x-content-type-options
nosniff
x-okta-request-id
YxfASLmTYw2HmU6pP6U70QAACqg
x-rate-limit-limit
60
x-rate-limit-remaining
59
x-rate-limit-reset
1662500996
x-xss-protection
0
vendors-node_modules_antd_lib_checkbox_index_js-node_modules_immutable_dist_immutable_js-node-fe1197.4b8ab6dc.chunk.js
www.simonmarkets.com/simon/static/js/ 		287 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/vendors-node_modules_antd_lib_checkbox_index_js-node_modules_immutable_dist_immutable_js-node-fe1197.4b8ab6dc.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
9ec1bca90d4c620099c404a80d7ac040b02421ad6be992bc930af323c557505c
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
0
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
88245440-be2f-4b0b-ab5b-b3d2cb727d3d
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-47b56"
accept-ranges
bytes
core_components_Icon_svg_info_svg_react-core_components_Icon_svg_lock_svg_react-core_componen-ff7a1c.11c53f8e.chunk.css
www.simonmarkets.com/simon/static/css/ 		49 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/css/core_components_Icon_svg_info_svg_react-core_components_Icon_svg_lock_svg_react-core_componen-ff7a1c.11c53f8e.chunk.css
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
4925227f938a641b24de5d5a951ea06ff16f8d3d2aa9c55bf20daeae6d976c0a
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
3
vary
Accept-Encoding
content-length
11439
x-xss-protection
1; mode=block
x-trace-id
85149d67-6a57-4ffa-b9b4-1911e140d783
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-c56a"
accept-ranges
bytes
core_components_Icon_svg_info_svg_react-core_components_Icon_svg_lock_svg_react-core_componen-ff7a1c.72d61e5c.chunk.js
www.simonmarkets.com/simon/static/js/ 		274 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/core_components_Icon_svg_info_svg_react-core_components_Icon_svg_lock_svg_react-core_componen-ff7a1c.72d61e5c.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
ed863ca418f8155f695d2177c216d04f78b2221197769d3e18149a3ec33ba074
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
2
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-trace-id
bbe75d01-7d25-42df-84a7-05427213463d
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-4490e"
accept-ranges
bytes
core_auth_AuthPage_js-core_images_mascots_simon-mascot-small_svg.2e410ccb.chunk.js
www.simonmarkets.com/simon/static/js/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/js/core_auth_AuthPage_js-core_images_mascots_simon-mascot-small_svg.2e410ccb.chunk.js
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
52eee5911bff0b1b8191947a84bd84bd67fb0684a4a7de23cc082907e39dcb05
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
vary
Accept-Encoding
content-length
15719
x-xss-protection
1; mode=block
x-trace-id
b61f0f48-ae3e-4c31-a2cc-c9a7d73d0e01
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-f019"
accept-ranges
bytes
core_auth_ActivateAccount_module_scss-core_auth_AuthPage_module_scss-core_auth_LoginPage_modu-be661b0.d80faaf2.chunk.css
www.simonmarkets.com/simon/static/css/ 		8 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.simonmarkets.com/simon/static/css/core_auth_ActivateAccount_module_scss-core_auth_AuthPage_module_scss-core_auth_LoginPage_modu-be661b0.d80faaf2.chunk.css
Requested by
Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.14 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-14.deploy.static.akamaitechnologies.com
Software
nginx/1.22.0 /
Resource Hash
3f6c8065e77565e64040478b6537372785a444639ad92ee1277f5ec43d6b9a1b
Security Headers
Name Value
Content-Security-Policy report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.simonmarkets.com/simon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-simon-external
True
content-security-policy
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding
gzip
x-content-type-options
nosniff
x-kong-proxy-latency
1
content-security-policy-report-only
report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com *.icapitalnetwork.com:* https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* *.icapitalnetwork.com:* *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency
1
vary
Accept-Encoding
content-length
2353
x-xss-protection
1; mode=block
x-trace-id
d1459d32-625e-4360-8d2b-f0ea04d51d02
last-modified
Fri, 02 Sep 2022 23:49:50 GMT
server
nginx/1.22.0
x-frame-options
SAMEORIGIN
date
Tue, 06 Sep 2022 21:48:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
no-store, no-cache, must-revalidate
etag
"6312969e-2073"
accept-ranges
bytes
simon-mascot-small.3f2dd5b3d6b4c24c967d.svg
www.simonmarkets.com/simon/static/media/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.nr-data.net
URL
https://bam.nr-data.net/events/1/1a5da492d2?a=2164051&v=1216.487a282&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=2155&ck=1&ref=https://t.yesware.com/tt/84bb4ad571c122ca5cf4e0925bfb5cfe6b9869a4/a29b4817d32cfafd29d267eafe027f41/24e0430ae6a91e8d32c64bd639442770/www.simonmarkets.com/simon/
Domain
www.simonmarkets.com
URL
https://www.simonmarkets.com/simon/static/media/simon-mascot-small.3f2dd5b3d6b4c24c967d.svg

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| mixpanel object| webpackChunk_simon_simonmarkets_web string| simonCoreComponentsRemoteURL string| simonCoreAuthRemoteURL string| simonLearningCenterRemoteURL object| regeneratorRuntime function| setImmediate function| clearImmediate object| __SENTRY__ object| simon

7 Cookies

Domain/Path Name / Value
.yesware.com/ Name: t
Value: O9D0zYcHX2_ej-Owem2QZA
.nr-data.net/ Name: JSESSIONID
Value: d4a352da9cc3d3f9
www.simonmarkets.com/ Name: akacd_www_simon
Value: 3839953732~rv=77~id=d96e1264d278981c81896ada08a8d7fc
.simonmarkets.com/ Name: ak_bmsc
Value: 48329DE5198518E9AC51022C0592E050~000000000000000000000000000000~YAAQDk4SAvzRkv2CAQAATxLHFBEXBkuI2yzpyxrCsxSPdeQPw3E9aGPrXrSHhpYDh8W8FsBLbgs+D4HA6ihFFcfk7DL1nYXdESikw8sJj21K3kKkPq+SXc/37o6B2sLCiGa5hf0zhorX0DKiHAIRdxlDy3uzMKi+AoAF+WyMXYhxZRkaa3eLexEHUx+HstPeTS8FEAo8irq0LCxlW+soo88ZvkLoAmhuqMVJV4up4V1HxrbGseqaKaONB+eGlchCI8pP+IXuoq612VXAVl1oHpFBDrr4XhR5Mh55cW1JR2efXAX85n7YnFoJgvf/Mu56lY8XMVQYuPt7fCc9Gh8HW0HdmlZOEtKT5+hKLmReji2kLiNynoqo60upTE9oKzzjtRFfhpanZ+loHgYRTmH3ww==
auth.simonmarkets.com/ Name: JSESSIONID
Value: A695298341A4FC2F1CC16DEDBC60B80A
auth.simonmarkets.com/ Name: t
Value: sea
auth.simonmarkets.com/ Name: DT
Value: DI1nV58AuJ6QJqIHIeGDJP47w

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block