www.simonmarkets.com Open in urlscan Pro
184.86.251.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://simonmarkets.com/
Effective URL:
https://www.simonmarkets.com/simon/
Submission: On May 18 via api (May 18th 2022, 2:45:28 pm UTC) from CH — Scanned from DE

Summary HTTP 18 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 184.86.251.25, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.simonmarkets.com. The Cisco Umbrella rank of the primary domain is 615008.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on January 19th 2022. Valid for: a year.

This is the only time www.simonmarkets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.217.4.75 52.217.4.75	16509 (AMAZON-02) (AMAZON-02)
1 13	184.86.251.25 184.86.251.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
3	52.14.242.17 52.14.242.17	16509 (AMAZON-02) (AMAZON-02)
18	3

1 52.217.4.75 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: s3-website-us-east-1.amazonaws.com

simonmarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 184.86.251.25 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-25.deploy.static.akamaitechnologies.com

www.simonmarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mxpnl.simonmarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.14.242.17 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-242-17.us-east-2.compute.amazonaws.com

auth.simonmarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	simonmarkets.com 2 redirects simonmarkets.com — Cisco Umbrella Rank: 436360 www.simonmarkets.com — Cisco Umbrella Rank: 615008 cdn.mxpnl.simonmarkets.com auth.simonmarkets.com — Cisco Umbrella Rank: 552243	1012 KB
3	sentry.io sentry.io — Cisco Umbrella Rank: 307	1 KB
18	2

	Domain	Requested by
12	www.simonmarkets.com	1 redirects www.simonmarkets.com
3	auth.simonmarkets.com	www.simonmarkets.com
3	sentry.io	www.simonmarkets.com
1	cdn.mxpnl.simonmarkets.com	www.simonmarkets.com
1	simonmarkets.com	1 redirects
18	5

This site contains links to these domains. Also see Links.

Domain
simon.io
brokercheck.finra.org
www.finra.org
www.sipc.org

Subject Issuer	Validity	Valid
simonmarkets.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-19` - `2023-02-19`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
auth.prod.simonmarkets.com GeoTrust RSA CA 2018	`2021-12-21` - `2023-01-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.simonmarkets.com/simon/
Frame ID: 6A5335D9A267518C3C35ABF055AC675D
Requests: 16 HTTP requests in this frame

Frame: https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/authorize?client_id=0oadjggdmyOlW19D12p7&code_challenge=AGZtxbs91uwedUvgaBDz9IFoRnRtY3eiigcYYCFEW18&code_challenge_method=S256&nonce=hAxGBE529eGTtnanpcIn3U7LF2BBKNWP7D5ccI2grfxtShMoXZYZwK9SLWqKs32k&prompt=none&redirect_uri=https%3A%2F%2Fwww.simonmarkets.com%2Fsimon%2F&response_mode=okta_post_message&response_type=code&state=8cUXtg3jaguu6Mz7G8K0cYpI3GPtfduEwPqYUbJhPfp1k7wnedbrKSpIsVer038B&scope=openid%20profile%20email
Frame ID: 2944ADFAD6D9DD353B06FABD897A899B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SIMONSIMON

Page URL History Show full URLs

http://simonmarkets.com/ HTTP 301
https://www.simonmarkets.com/ HTTP 302
https://www.simonmarkets.com/simon/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

1013 kB
Transfer

3306 kB
Size

5
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://simon.io/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://simon.io/terms-and-conditions
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://simon.io/business-continuity-planning
Title: BCP Disclosure

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA's BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.finra.org/
Title: FINRA

Search URL Search Domain Scan URL

URL: https://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://simonmarkets.com/ HTTP 301
https://www.simonmarkets.com/ HTTP 302
https://www.simonmarkets.com/simon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.simonmarkets.com/simon/
Redirect Chain

http://simonmarkets.com/
https://www.simonmarkets.com/
https://www.simonmarkets.com/simon/

14 KB
11 KB

193ms
193ms

Document
text/html

184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

6cf410d035ddaafa7b39e867b7e1c9f2b39998db621a48b77e9a20ae3420f1ee

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 6827
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-type: text/html; charset=UTF-8
date: Wed, 18 May 2022 14:45:23 GMT
etag: "627e7796-3801"
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-kong-proxy-latency: 0
x-kong-upstream-latency: 1
x-simon-external: True
x-trace-id: 22782bc3-522e-42d1-aec8-b806558944bc
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Wed, 18 May 2022 14:45:23 GMT
location: https://www.simonmarkets.com/simon/
server: AkamaiGHost
x-simon-external: True

GET
H2 200 6900.d3bafcc7.js Show response
www.simonmarkets.com/simon/static/js/ 2 MB
660 KB 396ms
395ms Script
application/javascript 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

2f18216d40bf1b171060ee04cbc638a7558a5d381194cbe248a1d0842e755692

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 1
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-trace-id: 50e2aa9e-3906-44f5-ade1-91e75425dc95
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-209397"
accept-ranges: bytes

GET
H2 200 main.66b399db.js Show response
www.simonmarkets.com/simon/static/js/ 46 KB
19 KB 497ms
497ms Script
application/javascript 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/js/main.66b399db.js

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

795f7041fe2760a21d76b9297ea4f061e506689db0a4504bc7d7a38f21c05587

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 0
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
vary: Accept-Encoding
content-length: 16070
x-xss-protection: 1; mode=block
x-trace-id: 890ed191-5514-43af-a869-e50cf54a7b08
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-b929"
accept-ranges: bytes

GET
H2 200 main.9afb5133.css
www.simonmarkets.com/simon/static/css/ 404 KB
53 KB 495ms
494ms Stylesheet
text/css 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/css/main.9afb5133.css

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

16934f849e0a957019b9f070c96bc7ea200eaa926e9c627eaf380e95a9e2f114

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 1
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-trace-id: 5efe99d0-1c92-4afb-b707-71dc390bd3a4
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-64e4f"
accept-ranges: bytes

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.simonmarkets.com/libs/ 50 KB
18 KB 176ms
119ms Script
text/javascript 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.simonmarkets.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-25.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 14:45:23 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtDOQoxiGWyK8HO2iJWe7Yd7iavmGWKDSyUMPlg-FeVy6xp_WsVOd_5U3KuqI4otSJuJm1T4STr9q8GUx9aT9e9KQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 17435
pragma: no-cache
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 18 May 2022 14:45:23 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1475595/envelope/ 2 B
410 B 850ms
112ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1475595/envelope/?sentry_key=730ba1a47ca448f3aa5aabf9e1c6cfa8&sentry_version=7

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.simonmarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 18 May 2022 14:45:25 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.simonmarkets.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
H2 200 Roboto-Regular.176f8f5bd5f02b3abfcf.woff2
www.simonmarkets.com/simon/static/media/ 15 KB
19 KB 134ms
133ms Font
font/woff2 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/media/Roboto-Regular.176f8f5bd5f02b3abfcf.woff2

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/css/main.9afb5133.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.simonmarkets.com/simon/static/css/main.9afb5133.css
Origin: https://www.simonmarkets.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-content-type-options: nosniff
x-kong-proxy-latency: 0
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
x-simon-external: True
content-length: 15736
x-xss-protection: 1; mode=block
x-trace-id: 71a70e9d-bca1-45a2-9064-3c1b3625e15d
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: font/woff2
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-3d78"
accept-ranges: bytes

GET
H/1.1 200
OK openid-configuration Show response
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/ 2 KB
3 KB 136ms
136ms Fetch
application/json 52.14.242.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/openid-configuration

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.242.17 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-242-17.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f74b50b1e34cd9c6f74d4f582087e836b4d3340dda5e74a2330365778c92abfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.simonmarkets.com/
X-Okta-User-Agent-Extended: okta-auth-js/6.1.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

X-Okta-Request-Id: YoUGhfaxq1ozSpKtEirVXgAAC0c
Date: Wed, 18 May 2022 14:45:25 GMT
x-content-type-options: nosniff
Transfer-Encoding: chunked
p3p: CP="HONK"
Connection: Keep-Alive
vary: Origin
x-xss-protection: 0
Server: nginx
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
Strict-Transport-Security: max-age=315360000; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://www.simonmarkets.com
cache-control: max-age=86400, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99
expires: Thu, 19 May 2022 14:45:25 GMT

OPTIONS
H/1.1 200
OK openid-configuration
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/ Frame 0
0 696ms
114ms Preflight
application/octet-stream 52.14.242.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/.well-known/openid-configuration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.242.17 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-242-17.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://www.simonmarkets.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.simonmarkets.com
Access-Control-Max-Age: 3600
Connection: Keep-Alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Wed, 18 May 2022 14:45:25 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Vary: Origin
X-Okta-Request-Id: YoUGhfaxq1ozSpKtEirVXAAAC0c

GET
H/1.1 200
OK authorize Show response
auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/ Frame 2944 2 KB
2 KB 374ms
155ms Document
text/html 52.14.242.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.simonmarkets.com/oauth2/aus12xhtrm4lv59w32p7/v1/authorize?client_id=0oadjggdmyOlW19D12p7&code_challenge=AGZtxbs91uwedUvgaBDz9IFoRnRtY3eiigcYYCFEW18&code_challenge_method=S256&nonce=hAxGBE529eGTtnanpcIn3U7LF2BBKNWP7D5ccI2grfxtShMoXZYZwK9SLWqKs32k&prompt=none&redirect_uri=https%3A%2F%2Fwww.simonmarkets.com%2Fsimon%2F&response_mode=okta_post_message&response_type=code&state=8cUXtg3jaguu6Mz7G8K0cYpI3GPtfduEwPqYUbJhPfp1k7wnedbrKSpIsVer038B&scope=openid%20profile%20email

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.242.17 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-242-17.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

4a02b8177f53ea6903a8c8144eb237b2cc739e1d6857d34830eeb126340118d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.simonmarkets.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 18 May 2022 14:45:25 GMT
Keep-Alive: timeout=5, max=100
Server: nginx
Strict-Transport-Security: max-age=315360000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex,nofollow
cache-control: no-cache, no-store
content-language: de
expect-ct: report-uri="https://oktaexpectct.report-uri.com/r/t/ct/reportOnly", max-age=0
expires: 0
p3p: CP="HONK"
pragma: no-cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-okta-request-id: YoUGheXERnqRQaB66KUb2AAACIs
x-rate-limit-limit: 60
x-rate-limit-remaining: 59
x-rate-limit-reset: 1652885185
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
sentry.io/api/1475595/envelope/ 2 B
410 B 112ms
111ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1475595/envelope/?sentry_key=730ba1a47ca448f3aa5aabf9e1c6cfa8&sentry_version=7

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.simonmarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 18 May 2022 14:45:25 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.simonmarkets.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
sentry.io/api/1475595/envelope/ 2 B
410 B 224ms
112ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1475595/envelope/?sentry_key=730ba1a47ca448f3aa5aabf9e1c6cfa8&sentry_version=7

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/static/js/6900.d3bafcc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.simonmarkets.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 18 May 2022 14:45:26 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://www.simonmarkets.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
H2 200 4968.b460bd5f.chunk.js Show response
www.simonmarkets.com/simon/static/js/ 289 KB
79 KB 286ms
285ms Script
application/javascript 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/js/4968.b460bd5f.chunk.js

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

055cc645f2c418ff9fb6f675804009252f308589b3e2f8f85a29fc2a284855f4

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 1
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-trace-id: 7dda48fe-7b1b-4a7b-a3ea-e51787629ed0
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-4843c"
accept-ranges: bytes

GET
H2 200 2142.5a522ef9.chunk.css
www.simonmarkets.com/simon/static/css/ 53 KB
15 KB 178ms
178ms Stylesheet
text/css 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/css/2142.5a522ef9.chunk.css

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

ecfdcb03c73e5a03fe555a25b3a409e76e62bc40f7ef28a1c6613756cdfbfd04

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 0
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
vary: Accept-Encoding
content-length: 12158
x-xss-protection: 1; mode=block
x-trace-id: aafdafb2-9347-4b4f-a779-9c25891690ce
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-d206"
accept-ranges: bytes

GET
H2 200 2142.fc263dae.chunk.js Show response
www.simonmarkets.com/simon/static/js/ 257 KB
86 KB 602ms
601ms Script
application/javascript 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/js/2142.fc263dae.chunk.js

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

0e6952027bead3824956939fa708ed575c3ff837af15d72806bc8b2cf6981ff2

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 1
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 1
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-trace-id: 22774e46-ef7e-4df1-8543-787dabe4b679
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-4041c"
accept-ranges: bytes

GET
H2 200 AppPublic.d313a2a6.chunk.css
www.simonmarkets.com/simon/static/css/ 8 KB
6 KB 358ms
358ms Stylesheet
text/css 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/css/AppPublic.d313a2a6.chunk.css

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

ec517973009901809750bc5aef0f578746d1856dd423474209d89ff1ee30ae59

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 0
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 2
vary: Accept-Encoding
content-length: 2276
x-xss-protection: 1; mode=block
x-trace-id: ba6396f7-50ba-485a-a0a4-4b6e7e344096
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-1fb9"
accept-ranges: bytes

GET
H2 200 AppPublic.a2ae1761.chunk.js Show response
www.simonmarkets.com/simon/static/js/ 60 KB
19 KB 460ms
460ms Script
application/javascript 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.simonmarkets.com/simon/static/js/AppPublic.a2ae1761.chunk.js

Requested by

Host: www.simonmarkets.com
URL: https://www.simonmarkets.com/simon/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

8771bee6c76328b7cdc07c64107ec5878054dbca0522ff24ada19039a47a0c68

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-simon-external: True
content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
content-encoding: gzip
x-content-type-options: nosniff
x-kong-proxy-latency: 1
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 0
vary: Accept-Encoding
content-length: 15643
x-xss-protection: 1; mode=block
x-trace-id: f4bed9fd-8cf2-41a7-84b2-970ded7b46aa
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-f1b2"
accept-ranges: bytes

GET
H2 200 simon-mascot-small.3f2dd5b3d6b4c24c967d.svg
www.simonmarkets.com/simon/static/media/ 20 KB
24 KB 142ms
141ms Image
image/svg+xml 184.86.251.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.simonmarkets.com/simon/static/media/simon-mascot-small.3f2dd5b3d6b4c24c967d.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-25.deploy.static.akamaitechnologies.com

Software

nginx/1.20.2 /

Resource Hash

deb2b790f448e5027944245be677bc1e526c0cb0a2bb5b8f7cd17b67a356dc9f

Security Headers

Name	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.simonmarkets.com/simon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-content-type-options: nosniff
x-kong-proxy-latency: 0
content-security-policy-report-only: report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com *.figmarketing.com https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://fast.appcues.com https://*.olark.com https://aacdn.nagich.com; connect-src 'self' wss://*.simonmarkets.com:* simongroup.okta.com *.figmarketing.com https://*.akstat.io https://*.go-mpulse.net *.simonmarkets.com:* https://sentry.io https://*.sentry.io https://api.appcues.net wss://api.appcues.net https://*.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src *.simonmarkets.com:* *.figmarketing.com https://access.nagich.com *.simon.io:* simon.io:* simongroup.okta.com data: blob: https://*.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' *.simonmarkets.com:* *.figmarketing.com simongroup.okta.com https://fast.appcues.com https://*.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' *.simonmarkets.com:* *.figmarketing.com https://*.simon.io blob: https://*.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com *.figmarketing.com; font-src 'self' *.simonmarkets.com:* *.figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src *.simonmarkets.com:* *.figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' *.bonddesk.com:* https://*.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ *.ebix.com:* *.docusign.net:* *.docusign.com:* *.streetscape.com:* *.advisorchannel.com:* *.fidelity.com:* *.rjf.com:* *.rbc.com:* https://*.olark.com https://my.appcues.com *.bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com *.rjf.com:* https://form.typeform.com; worker-src blob: *.simonmarkets.com:* *.figmarketing.com; default-src *.simonmarkets.com:* 'unsafe-inline';
x-kong-upstream-latency: 1
x-simon-external: True
content-length: 20759
x-xss-protection: 1; mode=block
x-trace-id: 4312158d-d1c0-4fe2-99c2-0f0108a2024a
last-modified: Fri, 13 May 2022 15:21:58 GMT
server: nginx/1.20.2
x-frame-options: SAMEORIGIN
date: Wed, 18 May 2022 14:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: no-store, no-cache, must-revalidate
etag: "627e7796-5117"
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.simonmarkets.com/	1969-12-31 23:59:59	Name: akacd_www_simon Value: 3830337922~rv=34~id=fb05fb9229b271be806e6c855dd4fad3
.simonmarkets.com/	1970-01-20 03:08:12	Name: ak_bmsc Value: CD3619FEC068783A73C52116FCFC499A~000000000000000000000000000000~YAAQGdhUuOQuhdCAAQAAJHKh1w+etZbLFX8Co8VZflPZQ0yvypUnRmIEILSyXbjlkibKhQ0s8cLsSKj1fPg90TU7fJg8VlXww0fHiE7YGSUNTH24wsTdtXyzpet8ft9gBpoW65kAZwKnMaX1Qs++egvYVpGymO2uuGZY2gVLcTkXK2a1ryr1naT2fxXsQeauu3zfgxmsqnxlmJNWQVKCqJ64pI3enkEO5UpyQiSHmLMY72JeH46XXHpPc6NlxmBiQDa7y8XINIE5OdzxmmiRnLleMMQZwXtjYA0hvyITjV/ebtG8HZQmi+XMEhMC1G3qnpRDbpmzcjoUlL43MEs5pAC7ufCOnikgMFg9L3O5jH0DGpKOHOdxEqBbpUnUV7AcpY6Vvo3LL3542wzRbidgFA==
auth.simonmarkets.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: E779433699FFF1FBC2D826AAA1D2FBA7
auth.simonmarkets.com/	1969-12-31 23:59:59	Name: t Value: sea
auth.simonmarkets.com/	1970-01-20 20:39:17	Name: DT Value: DI0hoL9ckvDR-SbTa5lICsTuA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /error-reporter/v1/csp-violations; script-src 'unsafe-inline' 'unsafe-eval' https://amp.akamaized.net simongroup.okta.com .figmarketing.com https://.go-mpulse.net .simonmarkets.com: https://sentry.io https://.sentry.io https://fast.appcues.com https://.olark.com https://aacdn.nagich.com; connect-src 'self' wss://.simonmarkets.com: simongroup.okta.com .figmarketing.com https://.akstat.io https://.go-mpulse.net .simonmarkets.com:* https://sentry.io https://.sentry.io https://api.appcues.net wss://api.appcues.net https://.olark.com https://fast.appcues.com https://aacdn.nagich.com https://access.nagich.com https://simon.io https://www.firelighteapp.com; img-src .simonmarkets.com: .figmarketing.com https://access.nagich.com .simon.io:* simon.io:* simongroup.okta.com data: blob: https://.olark.com https://www.firelighteapp.com https://res.cloudinary.com; style-src 'unsafe-inline' .simonmarkets.com:* .figmarketing.com simongroup.okta.com https://fast.appcues.com https://.olark.com https://res.cloudinary.com https://fonts.googleapis.com; media-src 'self' .simonmarkets.com: .figmarketing.com https://.simon.io blob: https://.olark.com; frame-ancestors 'self' https://clientworkseqh.lpl.com https://clientworks.lpl.com .figmarketing.com; font-src 'self' .simonmarkets.com: .figmarketing.com 'unsafe-inline' https://fonts.gstatic.com data:; frame-src .simonmarkets.com:* .figmarketing.com https://infonet.corp.isib.net https://clientworkseqh.lpl.com https://clientworks.lpl.com https://clientworkseqh.lpl.com https://clientworks.lpl.com 'unsafe-inline' .bonddesk.com:* https://.usbank.com https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com https://aacdn.nagich.com/ https://access.nagich.com/ .ebix.com:* .docusign.net: .docusign.com: .streetscape.com: .advisorchannel.com: .fidelity.com: .rjf.com: .rbc.com: https://.olark.com https://my.appcues.com .bonddesk.com:* https://subscribeplatform.com https://api.subscribeplatform.com https://app.subscribeplatform.com .rjf.com: https://form.typeform.com; worker-src blob: .simonmarkets.com: .figmarketing.com; default-src .simonmarkets.com:* 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.simonmarkets.com
cdn.mxpnl.simonmarkets.com
sentry.io
simonmarkets.com
www.simonmarkets.com
184.86.251.25
35.188.42.15
52.14.242.17
52.217.4.75
055cc645f2c418ff9fb6f675804009252f308589b3e2f8f85a29fc2a284855f4
0e6952027bead3824956939fa708ed575c3ff837af15d72806bc8b2cf6981ff2
16934f849e0a957019b9f070c96bc7ea200eaa926e9c627eaf380e95a9e2f114
2f18216d40bf1b171060ee04cbc638a7558a5d381194cbe248a1d0842e755692
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4a02b8177f53ea6903a8c8144eb237b2cc739e1d6857d34830eeb126340118d0
6cf410d035ddaafa7b39e867b7e1c9f2b39998db621a48b77e9a20ae3420f1ee
795f7041fe2760a21d76b9297ea4f061e506689db0a4504bc7d7a38f21c05587
8771bee6c76328b7cdc07c64107ec5878054dbca0522ff24ada19039a47a0c68
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
deb2b790f448e5027944245be677bc1e526c0cb0a2bb5b8f7cd17b67a356dc9f
ec517973009901809750bc5aef0f578746d1856dd423474209d89ff1ee30ae59
ecfdcb03c73e5a03fe555a25b3a409e76e62bc40f7ef28a1c6613756cdfbfd04
f74b50b1e34cd9c6f74d4f582087e836b4d3340dda5e74a2330365778c92abfc

www.simonmarkets.com Open in urlscan Pro 184.86.251.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

5 Subdomains

3 IPs

2 Countries

1013 kBTransfer

3306 kBSize

5 Cookies

6 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

www.simonmarkets.com Open in urlscan Pro
184.86.251.25 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

1013 kB
Transfer

3306 kB
Size

5
Cookies

18 HTTP transactions
0 data transactions