urlscan.io logo urlscan.io
SecurityTrails logo

auth.tdameritrade.com Open in urlscan Pro
198.200.171.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trade.thinkorswim.com/trade?symbol=spy
Effective URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8...
Submission Tags: falconsandbox
Submission: On July 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 40 HTTP transactions. The main IP is 198.200.171.172, located in United States and belongs to T2-CT-CN, US. The main domain is auth.tdameritrade.com. The Cisco Umbrella rank of the primary domain is 24343.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on November 19th 2021. Valid for: a year.
This is the only time auth.tdameritrade.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 198.200.171.11 1399 (T2-CT-CN)
3 23.47.212.221 16625 (AKAMAI-AS)
1 23.205.241.144 16625 (AKAMAI-AS)
1 4 52.212.211.89 16509 (AMAZON-02)
2 198.200.171.191 1399 (T2-CT-CN)
1 52.212.134.224 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 1 52.215.243.107 16509 (AMAZON-02)
14 198.200.171.172 1399 (T2-CT-CN)
1 1 18.156.126.13 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
3 96.16.138.170 16625 (AKAMAI-AS)
40 11
6    198.200.171.11 (United States)

ASN1399 (T2-CT-CN, US)
PTR: api.tdameritrade.com
trade.thinkorswim.com
3    23.47.212.221 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-212-221.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
1    23.205.241.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-241-144.deploy.static.akamaitechnologies.com
c.evidon.com
4    52.212.211.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    198.200.171.191 (United States)

ASN1399 (T2-CT-CN, US)
PTR: analytics-tx-tmp.tdameritrade.com
analytics.tdameritrade.com
1    52.212.134.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-134-224.eu-west-1.compute.amazonaws.com
tdameritrade.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
sstats.tdameritrade.com
1    52.215.243.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-243-107.eu-west-1.compute.amazonaws.com
cm.everesttech.net
14    198.200.171.172 (United States)

ASN1399 (T2-CT-CN, US)
PTR: tx-cfe-oauth.tdameritrade.com
auth.tdameritrade.com
1    18.156.126.13 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-126-13.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    96.16.138.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-138-170.deploy.static.akamaitechnologies.com
media.tdameritrade.com
Apex Domain
Subdomains		 Transfer
21 tdameritrade.com
analytics.tdameritrade.com — Cisco Umbrella Rank: 15452
sstats.tdameritrade.com — Cisco Umbrella Rank: 31822
auth.tdameritrade.com — Cisco Umbrella Rank: 24343
api.tdameritrade.com Failed
media.tdameritrade.com — Cisco Umbrella Rank: 24264
182 KB
6 thinkorswim.com
trade.thinkorswim.com — Cisco Umbrella Rank: 205875
1 MB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
tdameritrade.demdex.net — Cisco Umbrella Rank: 28850
9 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 826
67 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 324
140 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 447
477 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 810
517 B
1 evidon.com
c.evidon.com — Cisco Umbrella Rank: 969
459 B
0 doubleclick.net Failed
cm.g.doubleclick.net Failed
0 exelator.com Failed
load77.exelator.com Failed
40 10
Domain Requested by
14 auth.tdameritrade.com trade.thinkorswim.com
auth.tdameritrade.com
6 trade.thinkorswim.com trade.thinkorswim.com
4 dpm.demdex.net 1 redirects trade.thinkorswim.com
3 media.tdameritrade.com auth.tdameritrade.com
media.tdameritrade.com
3 tags.tiqcdn.com trade.thinkorswim.com
tags.tiqcdn.com
2 idsync.rlcdn.com
2 sstats.tdameritrade.com tags.tiqcdn.com
2 analytics.tdameritrade.com tags.tiqcdn.com
1 aa.agkn.com 1 redirects
1 cm.everesttech.net 1 redirects
1 tdameritrade.demdex.net tags.tiqcdn.com
1 c.evidon.com tags.tiqcdn.com
0 cm.g.doubleclick.net Failed
0 load77.exelator.com Failed
0 api.tdameritrade.com Failed trade.thinkorswim.com
40 15

This site contains links to these domains. Also see Links.

Domain
invest.ameritrade.com
www.finra.org
www.sipc.org
www.theocc.com
Subject Issuer Validity Valid
*.thinkorswim.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-14 -
2023-01-14		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.evidon.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-12 -
2023-04-12		 a year crt.sh
*.tdameritrade.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-31 -
2023-05-01		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
sstats.tdameritrade.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-04 -
2023-04-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.tdameritrade.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-11 -
2022-12-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Frame ID: 48F2E7C63EC171EB70403337B79D236B
Requests: 34 HTTP requests in this frame

Frame: https://tdameritrade.demdex.net/dest5.html?d_nsid=0
Frame ID: 2F4000AA4738AAE36E542E1D24A2A1CE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | thinkorswim Web

Page URL History Show full URLs

  1. https://trade.thinkorswim.com/trade?symbol=spy Page URL
  2. https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • c\.evidon\.com

Page Statistics

40
Requests

85 %
HTTPS

0 %
IPv6

10
Domains

15
Subdomains

11
IPs

5
Countries

1345 kB
Transfer

4646 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trade.thinkorswim.com/trade?symbol=spy Page URL
  2. https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1658965349082 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1658965349082
Request Chain 13
  • https://cm.everesttech.net/cm/dd?d_uuid=77533023902758520214559203596194732031 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YuHNZgAAAMOHYgMx
Request Chain 18
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=77533023902758520214559203596194732031 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=217273104225004594932
Request Chain 19
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77533023902758520214559203596194732031 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77533023902758520214559203596194732031&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
trade
trade.thinkorswim.com/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.11 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
api.tdameritrade.com
Software
/ Express
Resource Hash
2583561aba3c1102c80463673965a457bf79b97e253099bc4d5b2b15543ddde9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-iDFcV/6vuVaVPV06UEEgcQ==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-iDFcV/6vuVaVPV06UEEgcQ==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Content-Type
text/html; charset=utf-8
Date
Wed, 27 Jul 2022 23:42:28 GMT
Etag
W/"108f-dgRY10RpitIRZLvKmjdf5NkFaz8"
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Origin, Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
Express
X-Vcap-Request-Id
14f8fe8d-b3de-4cfe-5fac-4f80c3c9e260
X-Xss-Protection
1; mode=block
2.ca5d8636.chunk.css
trade.thinkorswim.com/static/css/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/static/css/2.ca5d8636.chunk.css
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.11 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
api.tdameritrade.com
Software
/ Express
Resource Hash
07b2cf8bda222786ab9aad790a22eb485fbc530edba85a7990bd5854f0843908
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-tdg6fKbci8cOeBbz7jzejQ==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/trade?symbol=spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-tdg6fKbci8cOeBbz7jzejQ==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Content-Encoding
gzip
Etag
W/"248b-18211041b10"
X-Powered-By
Express
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 18 Jul 2022 11:14:18 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 27 Jul 2022 23:42:28 GMT
Vary
Origin, Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Vcap-Request-Id
2732c7e3-8dca-4697-67b9-c3ddb65e154e
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
main.aa1ba48b.chunk.css
trade.thinkorswim.com/static/css/ 		139 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/static/css/main.aa1ba48b.chunk.css
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.11 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
api.tdameritrade.com
Software
/ Express
Resource Hash
116e048509b201f02f34ddd28f8ad324932b7f394d6d31fea17c8ac99164ed31
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-55cPCIlRUpyhzqEAW3f89w==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/trade?symbol=spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-55cPCIlRUpyhzqEAW3f89w==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Content-Encoding
gzip
Etag
W/"22c83-18211041b10"
X-Powered-By
Express
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 18 Jul 2022 11:14:18 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 27 Jul 2022 23:42:28 GMT
Vary
Origin, Accept-Encoding
Content-Type
text/css; charset=UTF-8
X-Vcap-Request-Id
070598f4-a42b-4a80-7868-cd9f6487d550
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
2.64375f01.chunk.js
trade.thinkorswim.com/static/js/ 		2 MB
590 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/static/js/2.64375f01.chunk.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.11 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
api.tdameritrade.com
Software
/ Express
Resource Hash
a7f3524931526ce2427ea974f3b5a03a73317974318be4564ae9123cdb195d69
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-huDDF2Feq17raiDH1QefYg==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/trade?symbol=spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-huDDF2Feq17raiDH1QefYg==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Content-Encoding
gzip
Etag
W/"2036a6-1822291b658"
X-Powered-By
Express
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Xss-Protection
1; mode=block
Last-Modified
Thu, 21 Jul 2022 21:02:31 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 27 Jul 2022 23:42:28 GMT
Vary
Origin, Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Vcap-Request-Id
6944969c-40d7-49cd-58ef-dcb40544e07b
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
main.d0129547.chunk.js
trade.thinkorswim.com/static/js/ 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/static/js/main.d0129547.chunk.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.11 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
api.tdameritrade.com
Software
/ Express
Resource Hash
71ead091e41be1a98651b5acea765d8f931c893d42240022f206d08b92640b56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-YoQElwJSyOxHA+mpuFLOfw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/trade?symbol=spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-YoQElwJSyOxHA+mpuFLOfw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Content-Encoding
gzip
Etag
W/"1bdf21-18211041b10"
X-Powered-By
Express
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Xss-Protection
1; mode=block
Last-Modified
Mon, 18 Jul 2022 11:14:18 GMT
X-Frame-Options
SAMEORIGIN
Date
Wed, 27 Jul 2022 23:42:28 GMT
Vary
Origin, Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
X-Vcap-Request-Id
8ca2fb87-0fe0-4d2f-7440-ae51c1b3b6e9
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Content-Type-Options
nosniff
utag.sync.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		178 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.212.221 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-221.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a8e1d5a34e2e060a279c309595e44e2d70dc9871836d4a8ac700805bd3ebbfc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:28 GMT
content-encoding
gzip
last-modified
Wed, 22 Jul 2020 20:48:56 GMT
server
AkamaiNetStorage
etag
"fc72a1c796a80db0303b99ac07a4594d:1595450936.598199"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
expires
Wed, 27 Jul 2022 23:47:28 GMT
utag.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.212.221 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-221.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9c35ed184a7c2aa2772ab84972d76ca4ea890f0278528ec43ddc1f967aa1a5f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:29 GMT
content-encoding
gzip
last-modified
Wed, 22 Jul 2020 20:48:57 GMT
server
AkamaiNetStorage
etag
"c5904655456e3f2e53db1a8ae8569bec:1595450937.323183"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
9083
expires
Wed, 27 Jul 2022 23:47:29 GMT
country.js
c.evidon.com/geo/ 		252 B
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.205.241.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-241-144.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:29 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:46:45 GMT
server
AkamaiNetStorage
etag
"61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET,OPTIONS,POST
content-type
application/x-javascript
access-control-allow-origin
access-control-max-age
108000
accept-ranges
bytes
access-control-allow-headers
*
content-length
174
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1658965349082
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1658965349082
7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1658965349082
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Server
52.212.211.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
abccbc8d585935386cec3f38f276cffbfd66b774211863592d49af049ea70d41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-07ba81a5c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
x+KSy6lkRWI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://trade.thinkorswim.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2060
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v037-056bbe808.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://trade.thinkorswim.com
X-TID
BRRXjtq0T6A=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1658965349082
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
events
analytics.tdameritrade.com/clickstream-v1/ 		0
934 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.tdameritrade.com/clickstream-v1/events
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.191 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
analytics-tx-tmp.tdameritrade.com
Software
1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trade.thinkorswim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 27 Jul 2022 23:42:29 GMT
Server
1
Transfer-Encoding
chunked
Access-Control-Allow-Methods
POST,OPTIONS
P3P
CP: CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL HIS OTP OUR IND CNT
Access-Control-Allow-Origin
https://trade.thinkorswim.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Authorization, Origin, X-Requested-With, Content-Type
events
analytics.tdameritrade.com/clickstream-v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.tdameritrade.com/clickstream-v1/events
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.191 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
analytics-tx-tmp.tdameritrade.com
Software
1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://trade.thinkorswim.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Authorization, Origin, X-Requested-With, Content-Type
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://trade.thinkorswim.com
Access-Control-Max-Age
1800
Date
Wed, 27 Jul 2022 23:42:29 GMT
P3P
CP: CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL HIS OTP OUR IND CNT
Server
1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
dest5.html
tdameritrade.demdex.net/ Frame 2F40 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tdameritrade.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.134.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-134-224.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://trade.thinkorswim.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v037-051bef4a7.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
bYkQ9c7DRKc=
content-encoding
gzip
date
Wed, 27 Jul 2022 23:42:30 GMT
last-modified
Thu, 21 Jul 2022 19:45:08 GMT
vary
accept-encoding
id
sstats.tdameritrade.com/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.tdameritrade.com/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=F3470978534690820A490D4C%40AdobeOrg&mid=77512350453851974774561341333523187375&ts=1658965349922
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 27 Jul 2022 23:42:30 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-hsznf
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://trade.thinkorswim.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YuHNZgAAAMOHYgMx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=77533023902758520214559203596194732031
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YuHNZgAAAMOHYgMx
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YuHNZgAAAMOHYgMx
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/trade?symbol=spy
Protocol
HTTP/1.1
Server
52.212.211.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0cdb15f2b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
C4whjnWxRT8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YuHNZgAAAMOHYgMx
Date
Wed, 27 Jul 2022 23:42:30 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
config
trade.thinkorswim.com/v1/api/ 		467 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/v1/api/config
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/static/js/main.d0129547.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.11 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
api.tdameritrade.com
Software
/ Express
Resource Hash
ba5291dbef8d1196e502a421896b9772009f249b729a7480d397a547c29ad5a8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-7Ny9uK848gHc4MrXFeJOrg==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/trade?symbol=spy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-7Ny9uK848gHc4MrXFeJOrg==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Vary
Origin, Accept-Encoding
X-Powered-By
Express
Etag
W/"1d3-Lm8gtS19oBK4VboS99NeTd86dZ4"
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
X-Vcap-Request-Id
78a78998-f151-42bb-6af7-158bfad2addc
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 27 Jul 2022 23:42:30 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Credentials
true
Content-Length
467
X-Xss-Protection
1; mode=block
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=tdameritrade/traderx/202007222048&cb=1658965350313
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.212.221 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-212-221.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:30 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Wed, 27 Jul 2022 23:52:30 GMT
Primary Request auth
auth.tdameritrade.com/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/static/js/main.d0129547.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
f54e011f85f3dd3ba8eec89a0f43a2b4929ed7167b9fad7eb91871a4d41dfe6a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Authorization-Response-Type
1
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Wed, 27 Jul 2022 23:42:30 GMT
Expires
0
Keep-Alive
timeout=60
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
vary
accept-encoding
hours
api.tdameritrade.com/v1/marketdata/OPTION/ 		0
0
s74203465082847
sstats.tdameritrade.com/b/ss/tdameritrade-client,tdameritrade-rollup/10/JS-2.7.0/ 		117 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sstats.tdameritrade.com/b/ss/tdameritrade-client,tdameritrade-rollup/10/JS-2.7.0/s74203465082847?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=27%2F6%2F2022%2023%3A42%3A30%203%200&d.&nsid=0&jsonv=1&.d&mid=77512350453851974774561341333523187375&aamlh=6&ce=UTF-8&ns=F3470978534690820A490D4C%40AdobeOrg&pageName=traderx%3A%3Atrade&g=https%3A%2F%2Ftrade.thinkorswim.com%2Ftrade%3Fsymbol%3Dspy&c.&cm.&ssf=1&.cm&.c&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=traderx%3A%3Atrade&c6=Prospect&v8=D%3Dc6&c21=https%3A%2F%2Ftrade.thinkorswim.com%2Ftrade%3Fsymbol%3Dspy&v21=D%3Dc22&c22=6%3A30PM&v22=D%3Dc23&c23=Wednesday&v23=D%3Dc24&c24=Weekday&v45=3.0.0&c49=traderx%7Cprod%7Cut4.46.202007222048%7Cview&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F3470978534690820A490D4C%40AdobeOrg&AQE=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:30 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
117
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 28 Jul 2022 23:42:30 GMT
server
jag
xserver
anedge-69c8d8cc76-9rkf7
etag
3562600963281059840-4619784791833902538
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 26 Jul 2022 23:42:30 GMT
ibs:dpid=21&dpuuid=217273104225004594932
dpm.demdex.net/ Frame 2F40
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=77533023902758520214559203596194732031
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=217273104225004594932
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=217273104225004594932
Protocol
HTTP/1.1
Server
52.212.211.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-211-89.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tdameritrade.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-0824f32eb.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5+CymZyXSM8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 27 Jul 2022 23:42:30 GMT
server
AAWebServer
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=217273104225004594932
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
pixel.gif
load77.exelator.com/ Frame 2F40
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77533023902758520214559203596194732031
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=77533023902758520214559203596194732031&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
0
0
365868.gif
idsync.rlcdn.com/ Frame 2F40 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=77533023902758520214559203596194732031
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tdameritrade.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
365868.gif
idsync.rlcdn.com/ Frame 2F40 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=77533023902758520214559203596194732031
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tdameritrade.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 23:42:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2F40 		0
0
tdasans_remote.css
media.tdameritrade.com/media/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.tdameritrade.com/media/css/tdasans_remote.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.138.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-138-170.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9583f9709cda6506cb1f30e7420f6c8f03d8ec2c843d9007d1d92bfc99dd681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sun, 07 Mar 2021 23:20:17 GMT
Server
Apache
Date
Wed, 27 Jul 2022 23:42:31 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=84586
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
445
X-Xss-Protection
1; mode=block
Expires
Thu, 28 Jul 2022 23:12:17 GMT
verde-components-0.1.0.css
auth.tdameritrade.com/ux/c9977/default-client/verde/ 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c9977/default-client/verde/verde-components-0.1.0.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
63952f93e27100bd5758410ed43996ad09523c932311072bb6d17f79a5373faa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 00:33:50 GMT
Date
Wed, 27 Jul 2022 23:42:30 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
verde-global-0.1.0.css
auth.tdameritrade.com/ux/c9977/default-client/verde/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c9977/default-client/verde/verde-global-0.1.0.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
019eb78081e4a0a7716ceef2117c0a1d34204cbb1a64cb4e5244ddfd359a85d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 00:33:50 GMT
Date
Wed, 27 Jul 2022 23:42:30 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
authorize_tdspec.css
auth.tdameritrade.com/ux/c9977/default-client/verde/ 		46 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c9977/default-client/verde/authorize_tdspec.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
bb77b15347263d48bb1c6554118b9c0e2eaca86901be034f41e037247b92732c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 00:33:49 GMT
Date
Wed, 27 Jul 2022 23:42:30 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
breakpoints.css
auth.tdameritrade.com/ux/c9977/default-client/verde/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c9977/default-client/verde/breakpoints.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
f597b65571ef2801d9dd2eaf400d6450519b23af48b45129dd1710a9cfd90917
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 00:33:49 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
beta.css
auth.tdameritrade.com/ux/c9977/tda_trader_x/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c9977/tda_trader_x/beta.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
216f55d2906c66e17919d4d09d8d79cf64a57240401a49035920db7a35b24e7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 00:33:56 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
details-shim.min.css
auth.tdameritrade.com/js/jc8426/ 		441 B
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/details-shim.min.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
bcc1197e8910e9555167790b1162ddd6276733001966535181a4af3462d89c01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
X-Frame-Options
DENY
Date
Wed, 27 Jul 2022 23:42:31 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length
441
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
liveTrading.svg
auth.tdameritrade.com/ux/c9977/tda_trader_x/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.tdameritrade.com/ux/c9977/tda_trader_x/logos/liveTrading.svg
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
eec4fa70bee34de35f4d3f455c48018abf381031b5890ccf29afb688bc9ce834
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
X-Content-Type-Options
nosniff
Last-Modified
Tue, 28 Jun 2022 00:33:57 GMT
X-Frame-Options
DENY
Date
Wed, 27 Jul 2022 23:42:31 GMT
Strict-Transport-Security
max-age=31536000
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length
5648
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
fp.js
auth.tdameritrade.com/js/jc8426/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/fp.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
99d5464382afb4cff84d2230c8820ce516cb2b11a7d1224cadf67312dc90ee8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
cfpJSON.js
auth.tdameritrade.com/js/jc8426/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/cfpJSON.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
85b8a82558e7bf225419aa9bccf4f869428295ca559236f45e84325070b056cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
gfp.js
auth.tdameritrade.com/js/jc8426/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/gfp.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
8470441449e3a3d2ed4a81ca77ec9a106fc9ca8b4f0b8427515444172df087ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
details-shim.min.js
auth.tdameritrade.com/js/jc8426/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/details-shim.min.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
dd65e802ac90410bdef1f148c75f8c1d40638db70495c6000d089d09f8aada8d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
auth.js
auth.tdameritrade.com/js/jc8426/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/auth.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
a835bc7e0c416f9b5b9ff4e4e95d39ab3fb1b326060dad24e310f698bca3e98f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
dropdowns.js
auth.tdameritrade.com/js/jc8426/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc8426/dropdowns.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
bf870463825b85ea22d90d8cbeb8ebc1858850f352cbd9d9ed952201c68a5ef0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=FfKS-iYhctez_XMAsNjW8tvK5xbff4248GOmyOxflyc&code_challenge_method=S256&exp=1658967150468&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&state=symbol%3Dspy%26route%3D%2Ftrade
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Mar 2022 13:49:33 GMT
Date
Wed, 27 Jul 2022 23:42:31 GMT
X-Frame-Options
DENY
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=60
TDAmeritradeSans-Medium_v1-12.woff2
media.tdameritrade.com/media/fonts/tdasans-display/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.tdameritrade.com/media/fonts/tdasans-display/TDAmeritradeSans-Medium_v1-12.woff2
Requested by
Host: media.tdameritrade.com
URL: https://media.tdameritrade.com/media/css/tdasans_remote.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.138.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-138-170.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d467a2863558a9754a650569c532f1a03e6d2e02e62524d739d9af73cf4c048c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.tdameritrade.com/media/css/tdasans_remote.css
Origin
https://auth.tdameritrade.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Apr 2019 18:21:08 GMT
Server
Apache
Date
Wed, 27 Jul 2022 23:42:31 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46852
X-Xss-Protection
1; mode=block
TDAmeritradeSans-Regular_v1-12.woff2
media.tdameritrade.com/media/fonts/tdasans-display/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.tdameritrade.com/media/fonts/tdasans-display/TDAmeritradeSans-Regular_v1-12.woff2
Requested by
Host: media.tdameritrade.com
URL: https://media.tdameritrade.com/media/css/tdasans_remote.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.138.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-138-170.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de2b959a7a7718c4931a64a1514a54fc30bacc383a44a90f139b0af2560f0c41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.tdameritrade.com/media/css/tdasans_remote.css
Origin
https://auth.tdameritrade.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 29 Apr 2019 18:21:09 GMT
Server
Apache
Date
Wed, 27 Jul 2022 23:42:31 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44768
X-Xss-Protection
1; mode=block
truncated
/ 		611 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0376e1284d59c310ce07d9ff2261410bee8e134e54dcb2e3f7f56ce4b4238fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.tdameritrade.com
URL
https://api.tdameritrade.com/v1/marketdata/OPTION/hours?apikey=TDATRADERX@AMER.OAUTHAP&date=2022-07-27
Domain
load77.exelator.com
URL
https://load77.exelator.com/pixel.gif
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Nzc1MzMwMjM5MDI3NTg1MjAyMTQ1NTkyMDM1OTYxOTQ3MzIwMzE=

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Fingerprint2 function| Refingerprint function| CFingerprint function| md5 string| SEP string| PAIR string| DEV number| ver function| URLencode function| encode_deviceprint function| post_deviceprint function| activeXDetect function| stripIllegalChars function| stripFullPath function| deviceprint_browser function| deviceprint_display function| deviceprint_software function| deviceprint_timezone function| deviceprint_language function| deviceprint_java function| deviceprint_cookie function| Hashtable string| ua boolean| opera boolean| ie boolean| iemac number| moz string| os function| details_shim function| expandDetails function| togglePassword function| trim boolean| hasStorage boolean| activeactive string| clientId function| localStore function| localGet function| localRemove function| performOnce function| performMany function| hide function| show function| isClass function| resetAuthenticator function| breakout object| intervalActual function| wait function| toggleMyForm function| checkstatus function| clwe boolean| submitted function| formSubmitted function| reset function| clearForm function| changeLanguage function| toggleAll function| getValue function| isAutofilled function| testElement function| test function| shouldStore function| setRememberUserId function| _checkForm function| updateForm function| validate function| offset function| closeDropdowns function| isMobileDevice function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _possibleConstructorReturn function| _assertThisInitialized function| _inherits function| _wrapNativeSuper function| isNativeReflectConstruct function| _construct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf object| tdaDropdownTemplate function| tdaDropDown function| renderNativeDropdowns object| ctx string| t

16 Cookies

Domain/Path Name / Value
trade.thinkorswim.com/ Name: language
Value: en-US
.thinkorswim.com/ Name: gdpr
Value: true
.thinkorswim.com/ Name: utag_main
Value: v_id:0182420a53ee000236df77a920f303074002e06c00b08$_sn:1$_se:1$_ss:1$_st:1658967149361$ses_id:1658965349361%3Bexp-session$_pn:1%3Bexp-session
.demdex.net/ Name: demdex
Value: 77533023902758520214559203596194732031
.thinkorswim.com/ Name: AMCVS_F3470978534690820A490D4C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YuHNZgAAAMOHYgMx
.dpm.demdex.net/ Name: dpm
Value: 77533023902758520214559203596194732031
.thinkorswim.com/ Name: s_pers
Value: %20s_pageName%3Dtraderx%253A%253Atrade%7C1658967150604%3B
.thinkorswim.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.thinkorswim.com/ Name: AMCV_F3470978534690820A490D4C%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C19201%7CMCMID%7C77512350453851974774561341333523187375%7CMCAAMLH-1659570149%7C6%7CMCAAMB-1659570149%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1658972550s%7CNONE%7CMCSYNCSOP%7C411-19208%7CMCAID%7CNONE%7CvVersion%7C4.3.0
.agkn.com/ Name: ab
Value: 0001%3AeGI%2FA0Ck9MP2sl4zMDDY6S9Be8dY2ekn
.exelator.com/ Name: EE
Value: "f3268172452a143198386ab4282e3753"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHN2MjMwtDcyMTUKNHQxNjQ0sLYwiwxycTIwijV2NzUeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAeEl%252BUWb6IhfXxUUpaQyLSopPBR9UZAUALggoLA%253D%253D"
.demdex.net/ Name: dextp
Value: 21-1-1658965350615|3-1-1658965350717|60-1-1658965350819|477-1-1658965350922|771-1-1658965351024
auth.tdameritrade.com/ Name: XSRF-TOKEN
Value: VERBVFJBREVSWCA1ZGNhMjcwZi1iMjAwLTRlNTktYmE3ZC05ZDEyZWUzMjlmYmY=
auth.tdameritrade.com/ Name: NSC_JOkuz4qpe4efcwddlqol43cysdy1pd3
Value: 14b5a3d9852b4f2d249322ee84dfff62a353643fab6d0d7a3bfc51cc613093191f0d74f4

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=77533023902758520214559203596194732031
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=77533023902758520214559203596194732031
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx 'nonce-iDFcV/6vuVaVPV06UEEgcQ==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
analytics.tdameritrade.com
api.tdameritrade.com
auth.tdameritrade.com
c.evidon.com
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
idsync.rlcdn.com
load77.exelator.com
media.tdameritrade.com
sstats.tdameritrade.com
tags.tiqcdn.com
tdameritrade.demdex.net
trade.thinkorswim.com
api.tdameritrade.com
cm.g.doubleclick.net
load77.exelator.com
15.236.176.210
18.156.126.13
198.200.171.11
198.200.171.172
198.200.171.191
23.205.241.144
23.47.212.221
35.244.174.68
52.212.134.224
52.212.211.89
52.215.243.107
96.16.138.170
019eb78081e4a0a7716ceef2117c0a1d34204cbb1a64cb4e5244ddfd359a85d7
0376e1284d59c310ce07d9ff2261410bee8e134e54dcb2e3f7f56ce4b4238fe0
07b2cf8bda222786ab9aad790a22eb485fbc530edba85a7990bd5854f0843908
116e048509b201f02f34ddd28f8ad324932b7f394d6d31fea17c8ac99164ed31
216f55d2906c66e17919d4d09d8d79cf64a57240401a49035920db7a35b24e7e
2583561aba3c1102c80463673965a457bf79b97e253099bc4d5b2b15543ddde9
63952f93e27100bd5758410ed43996ad09523c932311072bb6d17f79a5373faa
71ead091e41be1a98651b5acea765d8f931c893d42240022f206d08b92640b56
8470441449e3a3d2ed4a81ca77ec9a106fc9ca8b4f0b8427515444172df087ed
85b8a82558e7bf225419aa9bccf4f869428295ca559236f45e84325070b056cc
99d5464382afb4cff84d2230c8820ce516cb2b11a7d1224cadf67312dc90ee8a
9c35ed184a7c2aa2772ab84972d76ca4ea890f0278528ec43ddc1f967aa1a5f8
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7f3524931526ce2427ea974f3b5a03a73317974318be4564ae9123cdb195d69
a835bc7e0c416f9b5b9ff4e4e95d39ab3fb1b326060dad24e310f698bca3e98f
a8e1d5a34e2e060a279c309595e44e2d70dc9871836d4a8ac700805bd3ebbfc8
abccbc8d585935386cec3f38f276cffbfd66b774211863592d49af049ea70d41
ba5291dbef8d1196e502a421896b9772009f249b729a7480d397a547c29ad5a8
bb77b15347263d48bb1c6554118b9c0e2eaca86901be034f41e037247b92732c
bcc1197e8910e9555167790b1162ddd6276733001966535181a4af3462d89c01
bf870463825b85ea22d90d8cbeb8ebc1858850f352cbd9d9ed952201c68a5ef0
d467a2863558a9754a650569c532f1a03e6d2e02e62524d739d9af73cf4c048c
dd65e802ac90410bdef1f148c75f8c1d40638db70495c6000d089d09f8aada8d
de2b959a7a7718c4931a64a1514a54fc30bacc383a44a90f139b0af2560f0c41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec4fa70bee34de35f4d3f455c48018abf381031b5890ccf29afb688bc9ce834
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f54e011f85f3dd3ba8eec89a0f43a2b4929ed7167b9fad7eb91871a4d41dfe6a
f597b65571ef2801d9dd2eaf400d6450519b23af48b45129dd1710a9cfd90917
f9583f9709cda6506cb1f30e7420f6c8f03d8ec2c843d9007d1d92bfc99dd681
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75