login.questrade.com Open in urlscan Pro
204.89.196.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://customer-profile.questrade.com/
Effective URL:
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-...
Submission: On October 12 via automatic, source certstream-suspicious (October 12th 2024, 7:39:51 am UTC) — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 71 HTTP transactions. The main IP is 204.89.196.90, located in Canada and belongs to QUESTADE, CA. The main domain is login.questrade.com. The Cisco Umbrella rank of the primary domain is 501955.
TLS certificate: Issued by DigiCert EV RSA CA G2 on October 12th 2023. Valid for: a year.

This is the only time login.questrade.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	34.117.176.131 34.117.176.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 10	204.89.196.90 204.89.196.90	54167 (QUESTADE) (QUESTADE)
1	2a02:26f0:350... 2a02:26f0:3500:58d::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	34.149.116.147 34.149.116.147	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
71	9

7 34.117.176.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.176.117.34.bc.googleusercontent.com

customer-profile.questrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 204.89.196.90 (Canada) 1 redirects

ASN54167 (QUESTADE, CA)

login.questrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:58d::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.149.116.147 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 147.116.149.34.bc.googleusercontent.com

login.cdn.questrade.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	questrade.com 1 redirects customer-profile.questrade.com login.questrade.com — Cisco Umbrella Rank: 501955 login.cdn.questrade.com — Cisco Umbrella Rank: 841554 Failed gc-web-messenger.questrade.com Failed	915 KB
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 326	16 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 498	312 B
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 1903	88 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 430
0	srcspot.com Failed static.srcspot.com Failed
0	Failed function sub() { [native code] }. Failed
71	8

	Domain	Requested by
14	login.cdn.questrade.com	login.questrade.com
10	login.questrade.com	1 redirects customer-profile.questrade.com login.questrade.com
7	customer-profile.questrade.com	customer-profile.questrade.com
3	cdn.cookielaw.org	login.questrade.com cdn.cookielaw.org
2	fonts.googleapis.com	login.questrade.com login.cdn.questrade.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	ajax.aspnetcdn.com	login.questrade.com
1	assets.adobedtm.com	login.questrade.com
0	gc-web-messenger.questrade.com Failed	login.questrade.com
0	static.srcspot.com Failed	login.questrade.com
0	rumola Failed	login.questrade.com
0	invalid Failed	login.questrade.com
71	12

This site contains no links.

Subject Issuer	Validity	Valid
customer-profile.questrade.com WR3	`2024-10-09` - `2025-01-07`	3 months	crt.sh
login.questrade.com DigiCert EV RSA CA G2	`2023-10-12` - `2024-11-11`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
login.cdn.questrade.com WR3	`2024-08-21` - `2024-11-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Frame ID: D908C37E765B6DBCB875D8F7CCDA42C3
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in to Questrade

Page URL History Show full URLs

https://customer-profile.questrade.com/ Page URL
https://login.questrade.com/connect/authorize?client_id=a4f134e5-e916-48ab-b73d-019bdbab763d&redirect_ur... HTTP 302
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f1... Page URL
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f1... Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

54 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

1021 kB
Transfer

4318 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://customer-profile.questrade.com/ Page URL
https://login.questrade.com/connect/authorize?client_id=a4f134e5-e916-48ab-b73d-019bdbab763d&redirect_uri=https%3A%2F%2Fcustomer-profile.questrade.com%2Foidc%2Fredirect-callback.html&response_type=code&scope=openid+all.customers-profile.all+all.customers-profile.read+all.customers-profile.write+all.customer-profile.read+all.customer-profile.all+all.customer-profile.write+brokerage.securities.read&state=36de9ccf96c14754a098fc3e75f28a4f&code_challenge=wwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk&code_challenge_method=S256&response_mode=query HTTP 302
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery Page URL
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://login.questrade.com/connect/authorize?client_id=a4f134e5-e916-48ab-b73d-019bdbab763d&redirect_uri=https%3A%2F%2Fcustomer-profile.questrade.com%2Foidc%2Fredirect-callback.html&response_type=code&scope=openid+all.customers-profile.all+all.customers-profile.read+all.customers-profile.write+all.customer-profile.read+all.customer-profile.all+all.customer-profile.write+brokerage.securities.read&state=36de9ccf96c14754a098fc3e75f28a4f&code_challenge=wwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk&code_challenge_method=S256&response_mode=query HTTP 302
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
customer-profile.questrade.com/ 41 KB
6 KB 184ms
152ms Document
text/html 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 47447bc52691b64154e9b47bb321ae5e8a0f401e35517ff0518a1779504e0776

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=3600
content-encoding: br
content-type: text/html
date: Sat, 12 Oct 2024 07:39:36 GMT
etag: W/"8dff4c962db208876a5a8ac49172b5c2"
last-modified: Thu, 10 Oct 2024 16:21:34 GMT
server: UploadServer
vary: Origin Accept-Encoding
x-goog-generation: 1728577294222949
x-goog-hash: crc32c=Sf4NKg== md5=jf9Mli2yCIdqWorEkXK1wg==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 41989
x-guploader-uploadid: AHmUCY0nlXkeyAi6irpycuQp751kYfG1mpTxJl1ceZFgIjdIi4BWHw8FN4lRlkIRBE8MTIgYgGcLoWFlEw

GET
H2 200 polyfills.be208373b14e1bf9.js Show response
customer-profile.questrade.com/ 516 KB
160 KB 158ms
157ms Script
text/javascript 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/polyfills.be208373b14e1bf9.js
Requested by: Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 39eb949c82bcbe5ba86018404c2da16aa9fdcbad6e3ffde99ee2d14e05860baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://customer-profile.questrade.com
Referer: https://customer-profile.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=sMmlxg==, md5=RqV8vum214z5WkR6i9xGWQ==
content-encoding: br
etag: W/"46a57cbee9b6d78cf95a447a8bdc4659"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 528344
date: Sat, 12 Oct 2024 07:39:36 GMT
last-modified: Thu, 10 Oct 2024 16:21:35 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY3IdiJXJIfyLGm1QU-IzNzSWVKX6kqmQZWh76c3BXLyP_8t8Fff5sus7-HRB8WJ96Bb3Ybw5C2OWQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: https://customer-profile.questrade.com
x-goog-generation: 1728577294933205
server: UploadServer

GET
H2 200 main.0c50145c85bfef92.js Show response
customer-profile.questrade.com/ 560 KB
169 KB 194ms
194ms Script
text/javascript 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/main.0c50145c85bfef92.js
Requested by: Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 40519030ccd54943d3d2efabd64b500f294e317b4e35538f805beaa979217c4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://customer-profile.questrade.com
Referer: https://customer-profile.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=2DNrvw==, md5=+DAQpWUZB8SZmNUM+3Gf2g==
content-encoding: br
etag: W/"f83010a5651907c49998d50cfb719fda"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 573729
date: Sat, 12 Oct 2024 07:39:36 GMT
last-modified: Thu, 10 Oct 2024 16:21:34 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY3QI42ZH3MGVKYw2JMaKMhnDwHJ4XLbW9gdd-QuvM3hMB4g3frpXdWgydm3ovGHiXrwO7MTbUzRKQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: https://customer-profile.questrade.com
x-goog-generation: 1728577294694862
server: UploadServer

GET
H3 200 styles.8774ea765d4e1eb4.css
customer-profile.questrade.com/ 178 KB
20 KB 150ms
150ms Stylesheet
text/css 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/styles.8774ea765d4e1eb4.css
Requested by: Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e8cb8399e98aa2d49cd514b24e669d09bb06d23608307aa9489dac2edf82012

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://customer-profile.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=iZd9Nw==, md5=yR6O9qqMZ7wrTXXhNrI5GQ==
content-encoding: br
etag: W/"c91e8ef6aa8c67bc2b4d75e136b23919"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 182583
date: Sat, 12 Oct 2024 07:39:36 GMT
last-modified: Thu, 10 Oct 2024 16:21:34 GMT
content-type: text/css
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY1XrOf2CkXJzloqhSksLoYqxYY4bkg7ifVkWRldatV035Y-1rapSiw4jFOCO7GXf_FvEP-y8SO-SQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728577294843607
server: UploadServer

GET
H3 200 571.0b7885ca337e19af.js Show response
customer-profile.questrade.com/ 1 MB
363 KB 164ms
164ms Script
text/javascript 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/571.0b7885ca337e19af.js
Requested by: Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/main.0c50145c85bfef92.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f1f8e184e8be2c604481bed0a68e0a077f7bf4e9a161854c3ca6bb245659a494

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://customer-profile.questrade.com
Referer: https://customer-profile.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Iy8Sbw==, md5=+3pTVGMUBnXEzqvLu5e3Rg==
content-encoding: br
etag: W/"fb7a535463140675c4ceabcbbb97b746"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1543365
date: Sat, 12 Oct 2024 07:39:37 GMT
last-modified: Thu, 10 Oct 2024 16:21:34 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY0T_7rmSj18HE7MWj_aPjUaJWHA-QGaDsMnusLyMbzxdllrqh9KdKZ_M-1o1iHK9FBI8721qJZJSg
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: https://customer-profile.questrade.com
x-goog-generation: 1728577294494552
server: UploadServer

GET
H3 200 892.5bfea3c91f877406.js Show response
customer-profile.questrade.com/ 4 KB
1 KB 169ms
169ms Script
text/javascript 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/892.5bfea3c91f877406.js
Requested by: Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/main.0c50145c85bfef92.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e005ba7b80c227f0c021b90fb24fa786351a97b5f72fcd86b4aa1a3d72637706

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://customer-profile.questrade.com
Referer: https://customer-profile.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=pZHPpg==, md5=0FdEFyYOfc8BnNq6AEq3+A==
content-encoding: br
etag: W/"d0574417260e7dcf019cdaba004ab7f8"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 4120
date: Sat, 12 Oct 2024 07:39:37 GMT
last-modified: Thu, 10 Oct 2024 16:21:34 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY1aBqkvWgBkafBjLzQj5V2FKu9Xzuai5fY1phutTeezscRwC7L-lN8whdHUr2hpHqauZbPvFO8iRw
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
access-control-allow-origin: https://customer-profile.questrade.com
x-goog-generation: 1728577294483469
server: UploadServer

GET
H/1.1 200
OK openid-configuration Show response
login.questrade.com/.well-known/ 2 KB
3 KB 403ms
176ms Fetch
application/json 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.questrade.com/.well-known/openid-configuration

Requested by

Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/polyfills.be208373b14e1bf9.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

f0677b4032b4069d3a4e9bdd827dd292421ac29c690c2d21cd1127bf791d06b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/jwk-set+json, application/json
Referer: https://customer-profile.questrade.com/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; preload
cache-control: max-age=43200
x-envoy-upstream-service-time: 4
access-control-allow-origin: https://customer-profile.questrade.com
date: Sat, 12 Oct 2024 07:39:37 GMT
content-type: application/json; charset=UTF-8
vary: Origin

GET
H3 200 favicon.ico
customer-profile.questrade.com/ 948 B
974 B 160ms
160ms Other
image/vnd.microsoft.icon 34.117.176.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://customer-profile.questrade.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.176.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 131.176.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2d0a4f5a77c788b084919b1b8cad5713d9dfc3388ef29969c4cb66c28092e683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://customer-profile.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=MGMlOw==, md5=H733NaDdPoMhxeCCikWk1Q==
etag: "1fbdf735a0dd3e8321c5e0828a45a4d5"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 948
date: Sat, 12 Oct 2024 07:39:38 GMT
last-modified: Thu, 10 Oct 2024 16:21:34 GMT
content-type: image/vnd.microsoft.icon
vary: Origin
x-guploader-uploadid: AHmUCY2IG_eT1AK5-MhFrhHkdCbMX1PrhKF5mXm6isaWJWt8-hQjNjH6G_T7FD4NcHnUVE0jVvW41CpbzQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1728577294858484
content-length: 948
server: UploadServer

GET
H/1.1

200
OK

https://login.questrade.com/connect/authorize?client_id=a4f134e5-e916-48ab-b73d-019bdbab763d&redirect_uri=https%3A%2F%2Fcustomer-profile.questrade.com%2Foidc%2Fredirect-callback.html&response_type=...
https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questr...

5 KB
6 KB

90ms
90ms

Document
text/html

204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Requested by

Host: customer-profile.questrade.com
URL: https://customer-profile.questrade.com/571.0b7885ca337e19af.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

1ef4d640eda8f959ada41ce7752ea66c628bbdf87d855a83f15d5387b2433b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customer-profile.questrade.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, must-revalidate, no-cache, max-age=0
Content-Length: 5043
Content-Type: text/html
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Strict-Transport-Security: max-age=16070400; preload
content-length: 0
date: Sat, 12 Oct 2024 07:39:37 GMT
location: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
x-envoy-upstream-service-time: 13

GET
H/1.1 200
OK 08005b7230ab200089c22919bca6ed1318dd4ae8f0e50363e86df030f2f2e7ccd697e9ea1c2dea1f Show response
login.questrade.com/TSPD/ 310 KB
92 KB 90ms
90ms Script
text/javascript 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.questrade.com/TSPD/08005b7230ab200089c22919bca6ed1318dd4ae8f0e50363e86df030f2f2e7ccd697e9ea1c2dea1f?type=10

Requested by

Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

43c37077e3699d35b9aceb9298dfb1b617c1df37517456dfd06f8b7fe91033fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Response headers

X-Content-Type-Options: nosniff
Cache-Control: public, max-age=86400
Content-Length: 93614
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
X-Frame-Options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET /
invalid/ 0
0

GET rumola48.png
rumola/content/ 0
0

GET /
invalid/ 0
0

GET
H/1.1 200
OK Primary Request Login Show response
login.questrade.com/Account/ 27 KB
39 KB 142ms
141ms Document
text/html 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.questrade.com
URL: https://login.questrade.com/TSPD/08005b7230ab200089c22919bca6ed1318dd4ae8f0e50363e86df030f2f2e7ccd697e9ea1c2dea1f?type=10

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

2d9c9b728dd1ef3145b634b127c6de308aba3df836f81b213fe225a685b53676

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://www.questrade.com;style-src 'self' 'unsafe-inline' https://www.questrade.com https://.force.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://cdn.userway.org https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://www.questrade.com https://.force.com https://.google-analytics.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.userway.org https://cdnjs.cloudflare.com https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://tagmanager.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://.cac1.pure.cloud https://.force.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://surveydynamix.com https://tagmanager.google.com https://tr.snapchat.com https://unpkg.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;font-src 'self' data: https://fonts.gstatic.com https://www.questrade.com https://cdn.userway.org;img-src 'self' https://www.questrade.com https://.doubleclick.net https://.force.com https://.google-analytics.com https://.google.com.ua https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://connect.facebook.net https://ct.pinterest.com https://fontmetrics.net https://fonts.gstatic.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://t.co https://tr.snapchat.com https://www.facebook.com https://www.google.ca/ads/ga-audiences https://www.google.com.br/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.gstatic.com https://www.pinterest.com data:;media-src 'self' https://.questrade.com;base-uri 'self';object-src 'none';frame-ancestors 'none';frame-src https://.doubleclick.net https://.force.com https://.my.salesforce-sites.com https://.pinterest.ca https://.pinterest.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://apps.cac1.pure.cloud https://cdn.userway.org https://edge.screenmeet.com https://tr.snapchat.com https://www.facebook.com;block-all-mixed-content;sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-modals allow-downloads;connect-src 'self' https://www.questrade.com https://.cac1.pure.cloud https://.force.com https://.google-analytics.com https://.mktoresp.com https://.mktoutil.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://adobedc.demdex.net https://analytics.google.com https://analytics.tiktok.com https://api.questrade.com/v1/analytics/gmpkey https://bat.bing.com https://cdn.cookielaw.org https://.userway.org https://ct.pinterest.com https://edge.adobedc.net https://geolocation.onetrust.com https://ing-district.clicktale.net https://privacyportal-ca.onetrust.com https://stats.g.doubleclick.net https://tr.snapchat.com https://www.facebook.com wss://.cac1.pure.cloud wss://.screenmeet.com;
Strict-Transport-Security	max-age=16070400; preload
X-Content-Security-Policy	default-src 'self' https://www.questrade.com;style-src 'self' 'unsafe-inline' https://www.questrade.com https://.force.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://cdn.userway.org https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://www.questrade.com https://.force.com https://.google-analytics.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.userway.org https://cdnjs.cloudflare.com https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://tagmanager.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://.cac1.pure.cloud https://.force.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://surveydynamix.com https://tagmanager.google.com https://tr.snapchat.com https://unpkg.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;font-src 'self' data: https://fonts.gstatic.com https://www.questrade.com https://cdn.userway.org;img-src 'self' https://www.questrade.com https://.doubleclick.net https://.force.com https://.google-analytics.com https://.google.com.ua https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://connect.facebook.net https://ct.pinterest.com https://fontmetrics.net https://fonts.gstatic.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://t.co https://tr.snapchat.com https://www.facebook.com https://www.google.ca/ads/ga-audiences https://www.google.com.br/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.gstatic.com https://www.pinterest.com data:;media-src 'self' https://.questrade.com;base-uri 'self';object-src 'none';frame-ancestors 'none';frame-src https://.doubleclick.net https://.force.com https://.my.salesforce-sites.com https://.pinterest.ca https://.pinterest.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://apps.cac1.pure.cloud https://cdn.userway.org https://edge.screenmeet.com https://tr.snapchat.com https://www.facebook.com;block-all-mixed-content;sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-modals allow-downloads;connect-src 'self' https://www.questrade.com https://.cac1.pure.cloud https://.force.com https://.google-analytics.com https://.mktoresp.com https://.mktoutil.com https://.my.salesforce-sites.com https://.questrade.com https://.salesforce.com https://.salesforceliveagent.com https://.sandbox.my.salesforce-sites.com https://.screenmeet.com https://adobedc.demdex.net https://analytics.google.com https://analytics.tiktok.com https://api.questrade.com/v1/analytics/gmpkey https://bat.bing.com https://cdn.cookielaw.org https://.userway.org https://ct.pinterest.com https://edge.adobedc.net https://geolocation.onetrust.com https://ing-district.clicktale.net https://privacyportal-ca.onetrust.com https://stats.g.doubleclick.net https://tr.snapchat.com https://www.facebook.com wss://.cac1.pure.cloud wss://.screenmeet.com;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Transfer-Encoding: chunked
cache-control: max-age=0, no-cache, no-store
content-security-policy: default-src 'self' https://www.questrade.com;style-src 'self' 'unsafe-inline' https://www.questrade.com https://*.force.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://cdn.userway.org https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://www.questrade.com https://*.force.com https://*.google-analytics.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.userway.org https://cdnjs.cloudflare.com https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://tagmanager.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://*.cac1.pure.cloud https://*.force.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://surveydynamix.com https://tagmanager.google.com https://tr.snapchat.com https://unpkg.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;font-src 'self' data: https://fonts.gstatic.com https://www.questrade.com https://cdn.userway.org;img-src 'self' https://www.questrade.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com.ua https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://connect.facebook.net https://ct.pinterest.com https://fontmetrics.net https://fonts.gstatic.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://t.co https://tr.snapchat.com https://www.facebook.com https://www.google.ca/ads/ga-audiences https://www.google.com.br/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.gstatic.com https://www.pinterest.com data:;media-src 'self' https://*.questrade.com;base-uri 'self';object-src 'none';frame-ancestors 'none';frame-src https://*.doubleclick.net https://*.force.com https://*.my.salesforce-sites.com https://*.pinterest.ca https://*.pinterest.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://apps.cac1.pure.cloud https://cdn.userway.org https://edge.screenmeet.com https://tr.snapchat.com https://www.facebook.com;block-all-mixed-content;sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-modals allow-downloads;connect-src 'self' https://www.questrade.com https://*.cac1.pure.cloud https://*.force.com https://*.google-analytics.com https://*.mktoresp.com https://*.mktoutil.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://adobedc.demdex.net https://analytics.google.com https://analytics.tiktok.com https://api.questrade.com/v1/analytics/gmpkey https://bat.bing.com https://cdn.cookielaw.org https://*.userway.org https://ct.pinterest.com https://edge.adobedc.net https://geolocation.onetrust.com https://ing-district.clicktale.net https://privacyportal-ca.onetrust.com https://stats.g.doubleclick.net https://tr.snapchat.com https://www.facebook.com wss://*.cac1.pure.cloud wss://*.screenmeet.com;
content-type: text/html; charset=utf-8
date: Sat, 12 Oct 2024 07:39:39 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
referrer-policy: no-referrer, strict-origin-when-cross-origin
strict-transport-security: max-age=16070400; preload
x-content-security-policy: default-src 'self' https://www.questrade.com;style-src 'self' 'unsafe-inline' https://www.questrade.com https://*.force.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://cdn.userway.org https://fonts.googleapis.com https://tagmanager.google.com https://www.googletagmanager.com;script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://www.questrade.com https://*.force.com https://*.google-analytics.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.userway.org https://cdnjs.cloudflare.com https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://tagmanager.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://ajax.googleapis.com https://*.cac1.pure.cloud https://*.force.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://ajax.aspnetcdn.com https://analytics.tiktok.com https://analytics.twitter.com https://assets.adobedtm.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://cdnssl.clicktale.net https://connect.facebook.net https://ct.pinterest.com https://munchkin.marketo.net https://s.pinimg.com https://sc-static.net https://static.ads-twitter.com https://static.srcspot.com https://surveydynamix.com https://tagmanager.google.com https://tr.snapchat.com https://unpkg.com https://www.google-analytics.com https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com;font-src 'self' data: https://fonts.gstatic.com https://www.questrade.com https://cdn.userway.org;img-src 'self' https://www.questrade.com https://*.doubleclick.net https://*.force.com https://*.google-analytics.com https://*.google.com.ua https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://cdn.cookielaw.org https://cdn.userway.org https://connect.facebook.net https://ct.pinterest.com https://fontmetrics.net https://fonts.gstatic.com https://ssl.gstatic.com https://stats.g.doubleclick.net https://t.co https://tr.snapchat.com https://www.facebook.com https://www.google.ca/ads/ga-audiences https://www.google.com.br/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.gstatic.com https://www.pinterest.com data:;media-src 'self' https://*.questrade.com;base-uri 'self';object-src 'none';frame-ancestors 'none';frame-src https://*.doubleclick.net https://*.force.com https://*.my.salesforce-sites.com https://*.pinterest.ca https://*.pinterest.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://apps.cac1.pure.cloud https://cdn.userway.org https://edge.screenmeet.com https://tr.snapchat.com https://www.facebook.com;block-all-mixed-content;sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-modals allow-downloads;connect-src 'self' https://www.questrade.com https://*.cac1.pure.cloud https://*.force.com https://*.google-analytics.com https://*.mktoresp.com https://*.mktoutil.com https://*.my.salesforce-sites.com https://*.questrade.com https://*.salesforce.com https://*.salesforceliveagent.com https://*.sandbox.my.salesforce-sites.com https://*.screenmeet.com https://adobedc.demdex.net https://analytics.google.com https://analytics.tiktok.com https://api.questrade.com/v1/analytics/gmpkey https://bat.bing.com https://cdn.cookielaw.org https://*.userway.org https://ct.pinterest.com https://edge.adobedc.net https://geolocation.onetrust.com https://ing-district.clicktale.net https://privacyportal-ca.onetrust.com https://stats.g.doubleclick.net https://tr.snapchat.com https://www.facebook.com wss://*.cac1.pure.cloud wss://*.screenmeet.com;
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 404 launch-43e2d173137a.min.js
assets.adobedtm.com/5c805daef3d1/d7d7ea830eb0/ 0
0 57ms
21ms Script
text/plain 2a02:26f0:3500:58d::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5c805daef3d1/d7d7ea830eb0/launch-43e2d173137a.min.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
expires: Sat, 12 Oct 2024 08:39:40 GMT
accept-ranges: bytes
access-control-allow-origin: https://login.questrade.com
content-length: 10
date: Sat, 12 Oct 2024 07:39:40 GMT
server: AkamaiNetStorage

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/99771a87-5f28-4d67-a83f-fc7fdd119e57/ 25 KB
6 KB 45ms
25ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/99771a87-5f28-4d67-a83f-fc7fdd119e57/OtAutoBlock.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb5c3f8e16a343b7065ec988366017b7871856c9caac5421c1e01432a62577c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

content-md5: w7XJgPTFEQk2o0QwUJOo+g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA12360E9497E
age: 80655
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 13 Oct 2024 07:39:40 GMT
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: application/javascript
last-modified: Wed, 10 Jul 2024 21:00:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: b9d5befd-001e-00a6-260c-d3ab94000000
cf-ray: 8d156ffa0a9ddc72-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6045
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 39ms
19ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

content-md5: uiXk8gw/ehyoMvZ3GeQiaQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCE9619A9C9A87
x-ms-lease-status: unlocked
age: 65033
cf-cache-status: HIT
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 13:35:47 GMT
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 19:27:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 16fcddd6-201e-00fe-20e2-1bafef000000
cf-ray: 8d156ffa0aa0dc72-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7214
x-ms-blob-type: BlockBlob
server: cloudflare

GET security-information-modal.js
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 0
0

GET allspark.js
login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/ 0
0

GET allspark-modal.js
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 0
0

GET allspark_components.js
login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/ 0
0

GET allspark-enabler.js
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 0
0

GET claribel.js
static.srcspot.com/libs/ 0
0

GET
H2 200 genesyschat-overrides.css
login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/ 99 B
546 B 166ms
118ms Stylesheet
text/css 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/genesyschat-overrides.css
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 95bac1e8a439e22c617c15da651c1ea2cf183b65e20436e00356de497ef114d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=BDHPFA==, md5=rA6ujix3jYFFtVGkLd9Akw==
etag: "ac0eae8e2c778d8145b551a42ddf4093"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 99
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:31 GMT
vary: Origin
content-type: text/css
x-guploader-uploadid: AHmUCY3jBDcj7Ontnf90eZTphAowl4hx7gQMSgHWJ5uLbSHw0AUW5vQK5dDBCTI8o2o4McXC-Ag
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1728606211511214
content-length: 99
server: UploadServer

GET WebMessagingQTcom.js
gc-web-messenger.questrade.com/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400&family=Roboto+Slab:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d29c35a38b8a31782901083a1afd50e6b5a1f9bb158ab13fc67fc7284ea0a66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 07:39:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 12 Oct 2024 07:39:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 allspark.css
login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/ 30 KB
5 KB 178ms
131ms Stylesheet
text/css 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/allspark.css
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 31c53e011196af8786db210c4ee8c8071b4d5f94f807626e9b1c6b20afcd52d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=1UsnIQ==, md5=cTIGkHbIkw+jjfHNmM8eig==
content-encoding: br
etag: W/"7132069076c8930fa38df1cd98cf1e8a"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31219
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:27 GMT
content-type: text/css
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY1yKXbVr-ZVUy71upd4rpyjpYn32innYv5QDNj8UX9cW4tdNnX5o7JaygI60I_rkyAQDOE
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606207337469
server: UploadServer

GET
H2 200 allspark_components.css
login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/ 38 KB
5 KB 174ms
127ms Stylesheet
text/css 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/allspark_components.css
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e34ff7f5c0bf8dc263e8f965454c8b3f4aed9ce23ef822ff5248e23c14d5f85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=j1RiGQ==, md5=zMkXqV2PcT18UuFsjchr9g==
content-encoding: br
etag: W/"ccc917a95d8f713d7c52e16c8dc86bf6"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 38510
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:27 GMT
content-type: text/css
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY0hiiQFMjuHyi552zmU09mx1kYMm1d2gKDLXS84_BVZuKYFiEkZ9TRFfpyM7SDv5rFZeFw
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606207310087
server: UploadServer

GET
H2 200 main.css
login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/ 6 KB
2 KB 176ms
130ms Stylesheet
text/css 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/main.css
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b1ff09f3864dcf1ecd99cd6971dcdf1f4b574635c38688c82a494caaab42ce8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=yfMuUA==, md5=u6t47IdwVMsgEmI7oyD0IQ==
content-encoding: br
etag: W/"bbab78ec877054cb2012623ba320f421"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 6180
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:31 GMT
content-type: text/css
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY1AwtUow3pyjhUTpwFvJ9NV4DprM6OfqvnX2m-iOSlEMjACAxCJErPExqoGSsaivmOTqzA
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606211772389
server: UploadServer

GET
H2 200 login-banner-notification.common.css
login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/ 590 B
823 B 166ms
119ms Stylesheet
text/css 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/login-banner-notification.common.css
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6b97877ef523ef54e5b90d85481b3c9453d92e2301d11dc10f8a144ad7b053d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=XLGd5Q==, md5=KPTrLpbQHvpl5hSq3+4uHA==
etag: "28f4eb2e96d01efa65e614aadfee2e1c"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 590
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:32 GMT
vary: Origin
content-type: text/css
x-guploader-uploadid: AHmUCY3L8qZUrhwnBB0gFK_65Gj6oA_pQ1tBK-GugNqcrjsSi66JZB3OrowaiWN3XOEUsb9_Ido
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1728606212019654
content-length: 590
server: UploadServer

GET
H2 200 login-page.css
login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/ 18 KB
4 KB 170ms
124ms Stylesheet
text/css 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/css/dist/login-page.css
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d9ea448d59fd85fce8835c65eebecf7d21a236fc1ca5861cebe2a5cec2cef4b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=0vs8fw==, md5=hi2+TNRYn9+WDee9vGQLKg==
content-encoding: br
etag: W/"862dbe4cd4589fdf960de7bdbc640b2a"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 18405
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:32 GMT
content-type: text/css
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY2-pzCG8h4_dgFgmJEoVdB2vUaywZDp_2Q6idIng0R82RcJWFKP-tcv9db2EIh0ddV5Pdw
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606212286296
server: UploadServer

GET
H/1.1 200
OK 6163636f756e742f6c6f67696e.js Show response
login.questrade.com/seKYzb7kpb/ 8 KB
8 KB 91ms
90ms Script
text/javascript 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.questrade.com/seKYzb7kpb/6163636f756e742f6c6f67696e.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),
Reverse DNS
Software: /
Resource Hash: 13303fa51a663b636089d27ddb7a344c81191fc9f02f6fc966ca6d86a920d728

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Response headers

Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 8404
Pragma: no-cache
Content-Type: text/javascript

GET
H/1.1 200
OK 08c7ee01d3ab1800a9fef20369792ce420d856ef82b08ff062aea97fa809d8c3.js
login.questrade.com/pOhRRRDN8/ 799 KB
0 183ms
90ms Script
text/javascript 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.questrade.com/pOhRRRDN8/08c7ee01d3ab1800a9fef20369792ce420d856ef82b08ff062aea97fa809d8c3.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Response headers

Content-Type: text/javascript
Cache-Control: private, max-age=7776000
Content-Length: 863841

GET
H/1.1 200
OK / Show response
login.questrade.com/TSPD/ 8 KB
3 KB 275ms
89ms Script
text/javascript 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.questrade.com/TSPD/?type=18

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

eee493c5b0d4bcaf0be0c8c1fa6f6fe01281f50636dc26d189e7fde077fdb367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Response headers

X-Content-Type-Options: nosniff
Cache-Control: public, max-age=86400
Content-Length: 2890
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK 08005b7230ab200089c22919bca6ed1318dd4ae8f0e50363e86df030f2f2e7ccd697e9ea1c2dea1f
login.questrade.com/TSPD/ 0
0 686ms
501ms Script
text/javascript 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to

Full URL

https://login.questrade.com/TSPD/08005b7230ab200089c22919bca6ed1318dd4ae8f0e50363e86df030f2f2e7ccd697e9ea1c2dea1f?type=17

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Response headers

X-Content-Type-Options: nosniff
Cache-Control: public, max-age=86400
Content-Length: 34365
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
X-Frame-Options: SAMEORIGIN

GET
H2 200 questrade-logo.svg
login.cdn.questrade.com/v1.3.801-prod/wwwroot/ 5 KB
2 KB 122ms
122ms Image
image/svg+xml 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/questrade-logo.svg
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae412ffbb239608218ea89f0b853d6d7d4b41c9416b2126fd8a17f42dce3e09e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=N2cIgg==, md5=ZL1rbj1RZOFG4NDmFKwsaw==
content-encoding: br
etag: W/"64bd6b6e3d5164e146e0d0e614ac2c6b"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5160
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:24 GMT
content-type: image/svg+xml
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY0dojOWOXE5S0fyW4-1bIXBmWeIO-1lT5BcRDa_7Q02Rumx3wEFxrk-QTnsSSUbfiXGfn0
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606204913204
server: UploadServer

GET
H/1.1 200
OK norton.png
login.questrade.com/img/ 5 KB
6 KB 342ms
157ms Image
image/png 204.89.196.90
QUESTADE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.questrade.com/img/norton.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.89.196.90 , Canada, ASN54167 (QUESTADE, CA),

Reverse DNS

Software

Resource Hash

aa7378eedcd2d020416a3d90dd632c534bb06e57710f93a89ae8018be47ceaf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=16070400; preload
etag: "1db1b7157736160"
x-envoy-upstream-service-time: 3
accept-ranges: bytes
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: image/png
last-modified: Fri, 11 Oct 2024 00:05:55 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 87 KB
88 KB 70ms
14ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.5.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48F3) /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://login.questrade.com
Referer: https://login.questrade.com/

Response headers

cache-control: public,max-age=31536000
timing-allow-origin: *
etag: "b5ed44c8fd6fd61:0"
age: 17463417
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 89476
date: Sat, 12 Oct 2024 07:39:40 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Tue, 11 Aug 2020 16:38:03 GMT
server: ECAcc (ama/48F3)

GET
H2 200 jquery.validate.min.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/jquery-validation/dist/ 25 KB
8 KB 120ms
119ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/jquery-validation/dist/jquery.validate.min.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ba66d3685c4fdf516fe8ed62b692d2ff7fafe5f3805832ce533966bce19a295e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=BxpINQ==, md5=8VJlovjqClsz02WzJYKnAA==
content-encoding: br
etag: W/"f15265a2f8ea0a5b33d365b32582a700"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 25308
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:27 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY0YTM06_u8VF8BOkYbntXYgFgw2EEudP_iIKOz3eyC0sIFW8OyxVECiMr7VQHZ06JZDshQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606207485188
server: UploadServer

GET
H3 200 jquery.validate.unobtrusive.min.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/jquery-validation-unobtrusive/dist/ 6 KB
2 KB 124ms
124ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/jquery-validation-unobtrusive/dist/jquery.validate.unobtrusive.min.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=cU8DFg==, md5=fmBACAHof1yVAxxOf8eRaA==
content-encoding: br
etag: W/"7e60400801e87f5c95031c4e7fc79168"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5831
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:27 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY361ZdUANNdZUtESf4Y2sGVesVJBktFvSa-IbVh2BF81cg9S3qArjkL3yYkrTwwj9MprHHyQVcI0A
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606207428179
server: UploadServer

GET
H3 200 _common.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 921 B
948 B 115ms
115ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/_common.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d06bdc2842d51a797cb10264680c7af81c44bb8a448b1969c528bae193eb27f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=ovWQ6g==, md5=ZnPAmaKUWpD3SC0k2+XKFg==
etag: "6673c099a2945a90f7482d24dbe5ca16"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 921
date: Sat, 12 Oct 2024 07:39:40 GMT
last-modified: Fri, 11 Oct 2024 00:23:26 GMT
vary: Origin
content-type: text/javascript
x-guploader-uploadid: AHmUCY1tv8m_XgqV5coXK1kcAmAysKSUC-wuNoFVSEDxCwxnI3p9Nw2BWV1d9VTw--H4NmVgubNX-BJRng
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1728606206571468
content-length: 921
server: UploadServer

GET
H3 200 login-saved-users.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/login/ 14 KB
3 KB 135ms
135ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/login/login-saved-users.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d66418df1bfe9988a2cd0a7131a3a0f15517a77197536bc2a74d05da40945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=Ge98Ww==, md5=EZHARvusJQIKkR3gjb4wtQ==
content-encoding: br
etag: W/"1191c046fbac25020a911de08dbe30b5"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 14128
date: Sat, 12 Oct 2024 07:39:41 GMT
last-modified: Fri, 11 Oct 2024 00:23:27 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY1IbQ4mqz4uTJLS4hOiqIE3GI-_1SgyvrV6gXqjj1fUOu8Pr55ZIWRB3Ri6jmsBRiolWoMWlxIQpw
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606207017365
server: UploadServer

GET
H3 200 prevent-double-clicks.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 818 B
845 B 114ms
114ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/prevent-double-clicks.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7c6e0a99311a796a2a99dc06fcc676087bc472b6e31733cbb0295e996629234e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=y4tCqw==, md5=PbRPFzXORIi7H+d2Omxjmg==
etag: "3db44f1735ce4488bb1fe7763a6c639a"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 818
date: Sat, 12 Oct 2024 07:39:41 GMT
last-modified: Fri, 11 Oct 2024 00:23:26 GMT
vary: Origin
content-type: text/javascript
x-guploader-uploadid: AHmUCY0Y0xiDSdgnGgv-pF3il4wPLoaOcxDeHTjB4MgsjR0QF7-EIMVYkchf03m5kBh_xldoqh5Po6Jmng
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1728606206871072
content-length: 818
server: UploadServer

GET
H3 200 show-password.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 2 KB
542 B 120ms
120ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/show-password.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 13ef01d4350a144d07fdf77571f6d061b1aec95d961e3d792ff4207b868b474d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=H9XBcw==, md5=xPRKPTF/q6mB/eytHEEYfw==
content-encoding: br
etag: W/"c4f44a3d317faba981fdecad1c41187f"
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 2279
date: Sat, 12 Oct 2024 07:39:41 GMT
last-modified: Fri, 11 Oct 2024 00:23:26 GMT
content-type: text/javascript
vary: Origin, Accept-Encoding
x-guploader-uploadid: AHmUCY0FlSmc67DFNd5L-M110Ayz4bG3GZ-xfybYy-Y86Wpm_HRR6Xkro-d3N5V0B3vRp3HUrn4MV8uCNQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: none
x-goog-generation: 1728606206856489
server: UploadServer

GET
H3 200 form-event-dispatcher.js Show response
login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/ 590 B
617 B 116ms
116ms Script
text/javascript 34.149.116.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/form-event-dispatcher.js
Requested by: Host: login.questrade.com
URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.116.147 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.116.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1597a9f6be4d5b291b402fce80d677a64fdaa7720bb4367240cf31cec67b8f7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=6VMBTA==, md5=4E/q9k3o0WuJvwKK5LovMg==
etag: "e04feaf64de8d16b89bf028ae4ba2f32"
age: 0
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 590
date: Sat, 12 Oct 2024 07:39:41 GMT
last-modified: Fri, 11 Oct 2024 00:23:26 GMT
vary: Origin
content-type: text/javascript
x-guploader-uploadid: AHmUCY0YplWr33bN4GDi86Vm-OwZMcZBKWmSjvmA0bwGzpdYEi5hO2Meu4z2NYR8VMJft4VxhI08QTyChQ
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
x-goog-generation: 1728606206599412
content-length: 590
server: UploadServer

GET
H2 200 99771a87-5f28-4d67-a83f-fc7fdd119e57.json Show response
cdn.cookielaw.org/consent/99771a87-5f28-4d67-a83f-fc7fdd119e57/ 4 KB
2 KB 46ms
28ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/99771a87-5f28-4d67-a83f-fc7fdd119e57/99771a87-5f28-4d67-a83f-fc7fdd119e57.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0385b761957f1e9c92fa11dda77fb0d20e31d1ea263ca1b66833f4c6c57d813

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.questrade.com/

Response headers

content-md5: SZAzIMIMmSJqKsmbf7y0kA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA12360F9B1D2
age: 62989
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Sun, 13 Oct 2024 07:39:40 GMT
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: application/json
last-modified: Wed, 10 Jul 2024 21:00:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: b297086d-a01e-0045-38c9-e94e1b000000
cf-ray: 8d156ffa583a365d-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1624
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 50ms
34ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
accept: application/json
Referer: https://login.questrade.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8d156ffaafc9bba1-FRA
access-control-allow-origin: *
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 19ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700,800

Requested by

Host: login.cdn.questrade.com
URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/allspark_components.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bdd0a6643ecddbf1e9ed6c921c990baa672d4fd93663dbfa6fc1467b216e919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://login.cdn.questrade.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 07:39:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 07:39:40 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 12 Oct 2024 06:32:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: rumola
URL: chrome://rumola/content/rumola48.png

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: invalid
URL: chrome-extension://invalid/

Domain: login.cdn.questrade.com
URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/security-information-modal.js

Domain: login.cdn.questrade.com
URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/allspark.js

Domain: login.cdn.questrade.com
URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/allspark-modal.js

Domain: login.cdn.questrade.com
URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/lib/@questrade/allspark/dist/allspark_components.js

Domain: login.cdn.questrade.com
URL: https://login.cdn.questrade.com/v1.3.801-prod/wwwroot/js/allspark-enabler.js

Domain: static.srcspot.com
URL: https://static.srcspot.com/libs/claribel.js

Domain: gc-web-messenger.questrade.com
URL: https://gc-web-messenger.questrade.com/WebMessagingQTcom.js

Domain: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.questrade.com/	1970-01-21 00:13:25	Name: qic_ddti.prod Value: 05a0f585-b5db-4f5a-a2e4-2df43519a915
login.questrade.com/	1970-01-21 00:11:58	Name: TSe47000dd078 Value: 08005b7230ab200006d77f0006baceb05504d3c2a4c3b078f65168bb7815b3aee1dd49ab015801f30899567690183001e876878449a5339195f715b44a501483f0898a57dcfa6fad6630df4dc9b63380a76ed251e23204ad6adedb60dc9d076e26d7fa00706d04b5896199cbbe27a6f384bf70c73c25c5dde829ab7e8e46ae4f35a8337dff5340b53a2cb23b9abfb22149d9c7b9fad9a11b0bc2c6eea9c859d1ad7bb077bd62dc061d1857a23873c3855c21372baa52b4443282f92e7cef2dd09f82eb254aa211b9758ae1bd61c7fe55b1e5bbb7df302ba38868df65de7278116f185936b2f837cbed2047cbaaa24ae71d36216e610ffe63d10c38b3a087665d1c77bc2af4f12679f2fdc2cf76a3aabf9ddda0cd4b5343fde1ea7e5b676e709c27d82b70e1a30de8fa877dcbabb38aa44193cf24831421b73d500f3491f4e5ba310ed92e42c0ccd85a53b416fe3aa1221e273a287e775e431883e8d92d0d5cfe
login.questrade.com/	1969-12-31 23:59:59	Name: .AspNetCore.Antiforgery.zbjUl449ekk Value: CfDJ8MUgOSjDiRZKinT0BytMyJ77VbpUifGgy-mUcqMpMa5UgHm5drTyQJMgM4mhTp1zDyp61V_zIcLc9-9u1Cv3rle_XvI30aZbBlDATmlzzEHlUoLDllqpqp4LnaQmpa0Bh51UTfJJy6crzMt5FE1R_sU
.questrade.com/	1970-01-21 09:47:58	Name: uvv Value: data=4E34BD6697D54B6485DFD9238D0D2B8A
login.questrade.com/	1969-12-31 23:59:59	Name: TS0198130f Value: 017986f76b8ae822d39f7b7eea29f60c9e6a76ff2c4f0c70524c2014012cf08ce68a22bf2d878ee2dca394588bb51daf63d50c7d9290d68fc5dab63d064cb98767c5f4aab73de21c1eda82aaaf0d58a7fcda6b4c6c97b4f4cb0fbb08d8f0133e521a16b19f85f8e18a9c1ba8623570cbb2600623eb1a485b1ffface610c5072c7c6e5b67ee54197b9c432efb1463ab1eceda28951b
.questrade.com/	1969-12-31 23:59:59	Name: TS01318163 Value: 017986f76b96a3549cb3e91ccfe0582c67c373b1134f0c70524c2014012cf08ce68a22bf2d878ee2dca394588bb51daf63d50c7d9290d68fc5dab63d064cb98767c5f4aab7a4d9a4b06343bb2d81268379ea4ab061cfc0c34261ab78c47c56cb1ee23b22a3
login.questrade.com/	1970-01-21 02:21:34	Name: qt-fpi-08 Value: 08c7ee01d3ab280014c975152117055b960d546692aa79e05bfc4300e6fc5e84c6ad710e9d5d9043cdc8310eff97edcc
login.questrade.com/	1969-12-31 23:59:59	Name: qt-fpi-06 Value: 0821e1d880052800b0c57f1ff4847c63c3998febc4898d249225e65cf8885b6ca84442790d8372c36ccfd2c1e3588c4b
login.questrade.com/	1970-01-21 00:11:58	Name: TSe47000dd029 Value: 08005b7230ab2800b940a7996027c65fbbf59c1069395850a0719d50aa691d99c88a8d31acdfeabc66b65a64c5870026
login.questrade.com/	1969-12-31 23:59:59	Name: TSPD_101 Value: 08005b7230ab2800e7c647e8a8311202763e415f4a2b685899ddeb51ced7d1ec700f25626096ac40173fc088e0e067cf0844f3bae6051800b1db2d686d5304f69727202673b70d3567537e1eb2d1f3d9
login.questrade.com/	1970-01-21 02:21:34	Name: qt-fpi-07 Value: 0821e1d880064000a3604cbaf7698dacb0fbbbd893feeae79451d40a0a2a985fafaa90057e7f452917b97dd2b4fe7d571c22d32a0ca7626a2fba479578774711d25f6ab20a725ccc
login.questrade.com/	1970-01-21 02:21:34	Name: qt-fpi-03 Value: 0821e1d8800d180043fdc356561b4cd64f5ed82cb2b0035102f01b31b12aad40
login.questrade.com/	1969-12-31 23:59:59	Name: qt-fpi-04 Value: 0821e1d88002100023a9960deb64a6a0cbfad6dc7b3701ee
login.questrade.com/	1969-12-31 23:59:59	Name: TS5046332c027 Value: 08005b7230ab20001a09d76a6bb43c40538ba615efb6a206d92abd63ae04f842f3ad3aa1402b753908974a314e113000fc977f9838990661bec5e40e48e2327bc4781210e39c0b0569732b3b1ebfdd260441b5265d83e566d8bc2824e7f13654

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://login.questrade.com/TSPD/08005b7230ab200089c22919bca6ed1318dd4ae8f0e50363e86df030f2f2e7ccd697e9ea1c2dea1f?type=10(Line 1665) Message: Not allowed to load local resource: chrome://rumola/content/rumola48.png
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
security	warning	URL: https://login.questrade.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Da4f134e5-e916-48ab-b73d-019bdbab763d%26redirect_uri%3Dhttps%253A%252F%252Fcustomer-profile.questrade.com%252Foidc%252Fredirect-callback.html%26response_type%3Dcode%26scope%3Dopenid%2520all.customers-profile.all%2520all.customers-profile.read%2520all.customers-profile.write%2520all.customer-profile.read%2520all.customer-profile.all%2520all.customer-profile.write%2520brokerage.securities.read%26state%3D36de9ccf96c14754a098fc3e75f28a4f%26code_challenge%3DwwjUwEgiVmQIccAOpnBFi9k4Bwzy1NPokZiwshzU1yk%26code_challenge_method%3DS256%26response_mode%3Dquery Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://assets.adobedtm.com/5c805daef3d1/d7d7ea830eb0/launch-43e2d173137a.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
assets.adobedtm.com
cdn.cookielaw.org
customer-profile.questrade.com
fonts.googleapis.com
gc-web-messenger.questrade.com
geolocation.onetrust.com
invalid
login.cdn.questrade.com
login.questrade.com
rumola
static.srcspot.com
cdn.cookielaw.org
gc-web-messenger.questrade.com
invalid
login.cdn.questrade.com
rumola
static.srcspot.com
152.199.19.160
204.89.196.90
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2a00:1450:4001:80f::200a
2a02:26f0:3500:58d::1e80
34.117.176.131
34.149.116.147
13303fa51a663b636089d27ddb7a344c81191fc9f02f6fc966ca6d86a920d728
13ef01d4350a144d07fdf77571f6d061b1aec95d961e3d792ff4207b868b474d
1597a9f6be4d5b291b402fce80d677a64fdaa7720bb4367240cf31cec67b8f7e
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ef4d640eda8f959ada41ce7752ea66c628bbdf87d855a83f15d5387b2433b8d
2d0a4f5a77c788b084919b1b8cad5713d9dfc3388ef29969c4cb66c28092e683
2d9c9b728dd1ef3145b634b127c6de308aba3df836f81b213fe225a685b53676
31c53e011196af8786db210c4ee8c8071b4d5f94f807626e9b1c6b20afcd52d2
39eb949c82bcbe5ba86018404c2da16aa9fdcbad6e3ffde99ee2d14e05860baa
3bdd0a6643ecddbf1e9ed6c921c990baa672d4fd93663dbfa6fc1467b216e919
40519030ccd54943d3d2efabd64b500f294e317b4e35538f805beaa979217c4d
43c37077e3699d35b9aceb9298dfb1b617c1df37517456dfd06f8b7fe91033fb
44558558820fb230780ee711e23ab0c535b0d77666b48facead551d8b2666579
47447bc52691b64154e9b47bb321ae5e8a0f401e35517ff0518a1779504e0776
60d20c34efdd7103c273f54369cfc42c6d0a39126ce22298f2d31924b4ca5a56
6b97877ef523ef54e5b90d85481b3c9453d92e2301d11dc10f8a144ad7b053d9
7c6e0a99311a796a2a99dc06fcc676087bc472b6e31733cbb0295e996629234e
7e34ff7f5c0bf8dc263e8f965454c8b3f4aed9ce23ef822ff5248e23c14d5f85
7e8cb8399e98aa2d49cd514b24e669d09bb06d23608307aa9489dac2edf82012
95bac1e8a439e22c617c15da651c1ea2cf183b65e20436e00356de497ef114d1
aa7378eedcd2d020416a3d90dd632c534bb06e57710f93a89ae8018be47ceaf1
ae412ffbb239608218ea89f0b853d6d7d4b41c9416b2126fd8a17f42dce3e09e
b1ff09f3864dcf1ecd99cd6971dcdf1f4b574635c38688c82a494caaab42ce8c
ba66d3685c4fdf516fe8ed62b692d2ff7fafe5f3805832ce533966bce19a295e
cb8d66418df1bfe9988a2cd0a7131a3a0f15517a77197536bc2a74d05da40945
d0385b761957f1e9c92fa11dda77fb0d20e31d1ea263ca1b66833f4c6c57d813
d06bdc2842d51a797cb10264680c7af81c44bb8a448b1969c528bae193eb27f9
d29c35a38b8a31782901083a1afd50e6b5a1f9bb158ab13fc67fc7284ea0a66b
d9ea448d59fd85fce8835c65eebecf7d21a236fc1ca5861cebe2a5cec2cef4b6
e005ba7b80c227f0c021b90fb24fa786351a97b5f72fcd86b4aa1a3d72637706
eee493c5b0d4bcaf0be0c8c1fa6f6fe01281f50636dc26d189e7fde077fdb367
efad755939e511f2bc1feb0d58d6014006e8598a4d431f27a66dd59e14fc19cb
f0677b4032b4069d3a4e9bdd827dd292421ac29c690c2d21cd1127bf791d06b2
f1f8e184e8be2c604481bed0a68e0a077f7bf4e9a161854c3ca6bb245659a494
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fb5c3f8e16a343b7065ec988366017b7871856c9caac5421c1e01432a62577c9

login.questrade.com Open in urlscan Pro 204.89.196.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

54 %HTTPS

50 %IPv6

8 Domains

12 Subdomains

9 IPs

3 Countries

1021 kBTransfer

4318 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.questrade.com Open in urlscan Pro
204.89.196.90 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

54 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

9
IPs

3
Countries

1021 kB
Transfer

4318 kB
Size

14
Cookies

71 HTTP transactions
3 data transactions