urlscan.io logo urlscan.io
SecurityTrails logo

auth.tdameritrade.com Open in urlscan Pro
198.200.171.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trade.thinkorswim.com/
Effective URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdP...
Submission: On March 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 45 HTTP transactions. The main IP is 198.200.171.172, located in United States and belongs to T2-CT-CN, US. The main domain is auth.tdameritrade.com. The Cisco Umbrella rank of the primary domain is 206151.
TLS certificate: Issued by DigiCert Global G3 TLS ECC SHA384 202... on November 29th 2023. Valid for: a year.
This is the only time auth.tdameritrade.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a02:26f0:710... 20940 (AKAMAI-ASN1)
5 2600:9000:235... 16509 (AMAZON-02)
1 23.53.43.18 20940 (AKAMAI-ASN1)
2 198.200.171.191 1399 (T2-CT-CN)
1 2 52.208.77.120 16509 (AMAZON-02)
2 23.212.212.65 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 63.140.62.27 16509 (AMAZON-02)
4 151.101.194.217 54113 (FASTLY)
15 198.200.171.172 1399 (T2-CT-CN)
3 3.160.150.62 16509 (AMAZON-02)
1 13.248.151.210 16509 (AMAZON-02)
1 1 108.128.117.205 16509 (AMAZON-02)
3 23.212.210.31 16625 (AKAMAI-AS)
45 14
6    2a02:26f0:7100::687e:257b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
trade.thinkorswim.com
5    2600:9000:235a:4800:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    23.53.43.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-18.deploy.static.akamaitechnologies.com
c.evidon.com
2    198.200.171.191 (United States)

ASN1399 (T2-CT-CN, US)
PTR: analytics-tx-tmp.tdameritrade.com
analytics.tdameritrade.com
2    52.208.77.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-77-120.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    23.212.212.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-212-65.deploy.static.akamaitechnologies.com
www.everestjs.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net
sstats.tdameritrade.com
4    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
15    198.200.171.172 (United States)

ASN1399 (T2-CT-CN, US)
PTR: tx-cfe-oauth.tdameritrade.com
auth.tdameritrade.com
3    3.160.150.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-62.fra60.r.cloudfront.net
cdn.appdynamics.com
1    13.248.151.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com
clientstream.launchdarkly.com
1    108.128.117.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-117-205.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
3    23.212.210.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-210-31.deploy.static.akamaitechnologies.com
media.tdameritrade.com
Apex Domain
Subdomains		 Transfer
22 tdameritrade.com
analytics.tdameritrade.com — Cisco Umbrella Rank: 131006
sstats.tdameritrade.com — Cisco Umbrella Rank: 270096
auth.tdameritrade.com — Cisco Umbrella Rank: 206151
media.tdameritrade.com — Cisco Umbrella Rank: 214330
188 KB
6 thinkorswim.com
trade.thinkorswim.com — Cisco Umbrella Rank: 918720
1 MB
5 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 962
clientstream.launchdarkly.com — Cisco Umbrella Rank: 1054
922 B
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1332
69 KB
3 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 7269
63 KB
2 everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 11146
12 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 307
1 KB
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 8589
689 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
71 KB
1 evidon.com
c.evidon.com — Cisco Umbrella Rank: 2696
450 B
45 10
Domain Requested by
15 auth.tdameritrade.com trade.thinkorswim.com
auth.tdameritrade.com
6 trade.thinkorswim.com 1 redirects trade.thinkorswim.com
5 tags.tiqcdn.com trade.thinkorswim.com
tags.tiqcdn.com
4 app.launchdarkly.com trade.thinkorswim.com
3 media.tdameritrade.com auth.tdameritrade.com
media.tdameritrade.com
3 cdn.appdynamics.com trade.thinkorswim.com
cdn.appdynamics.com
2 sstats.tdameritrade.com tags.tiqcdn.com
2 www.everestjs.net tags.tiqcdn.com
www.everestjs.net
2 dpm.demdex.net 1 redirects trade.thinkorswim.com
2 analytics.tdameritrade.com tags.tiqcdn.com
1 pixel.everesttech.net 1 redirects
1 clientstream.launchdarkly.com
1 www.googletagmanager.com tags.tiqcdn.com
1 c.evidon.com tags.tiqcdn.com
45 14

This site contains links to these domains. Also see Links.

Domain
invest.ameritrade.com
trade.thinkorswim.com
www.finra.org
www.sipc.org
www.theocc.com
Subject Issuer Validity Valid
tosweb.schwab.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2024-06-21		 10 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
betrad.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh
*.tdameritrade.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-30		 a year crt.sh
www.everestjs.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-25 -
2024-10-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sstats.tdameritrade.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-07 -
2025-04-07		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
www.tdameritrade.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-21 -
2024-12-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Frame ID: A7AA3E3CB74669A6F0F7C1245FF3D028
Requests: 41 HTTP requests in this frame

Frame: https://www.everestjs.net/static/pixel_details.html
Frame ID: 3618FA434591CA9BCC2C39E42D9A424D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.appdynamics.com/adrum-xd.89188edf1c7df38b8e63edb7368e911e.html
Frame ID: 02817AABEC01D076CCA99A6DA4A417F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in | thinkorswim Web

Page URL History Show full URLs

  1. http://trade.thinkorswim.com/ HTTP 302
    https://trade.thinkorswim.com/ Page URL
  2. https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • c\.evidon\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

98 %
HTTPS

21 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

1937 kB
Transfer

5481 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trade.thinkorswim.com/ HTTP 302
    https://trade.thinkorswim.com/ Page URL
  2. https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://trade.thinkorswim.com/ HTTP 302
  • https://trade.thinkorswim.com/
Request Chain 8
  • https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1711132446068 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1711132446068
Request Chain 24
  • https://pixel.everesttech.net/2521/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26imsId%3D__EFIMSORGID__%26is_fb_cookie_synced%3D__EFFB__%26optout%3D__EFOPTOUT__%26throttleCookie%3D__EFSYNC__%26time%3D__EFTIME__ HTTP 302
  • https://www.everestjs.net/static/pixel_details.html

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
trade.thinkorswim.com/
Redirect Chain
  • http://trade.thinkorswim.com/
  • https://trade.thinkorswim.com/
3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:257b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
93fcce836acd3c5fddef72886198a8a9b58b7230bd295f3bb7440e89f3ab8efb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-aP7HbhMtPn25QbI1TGTI/A==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1815
content-security-policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-aP7HbhMtPn25QbI1TGTI/A==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
content-type
text/html; charset=utf-8
date
Fri, 22 Mar 2024 18:34:05 GMT
etag
W/"cce-zeA78Rcsf5KUnZVDpwzL1+jREMY"
f5ip
162.93.118.11
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 22 Mar 2024 18:34:04 GMT
Location
https://trade.thinkorswim.com/
index-5mQ1w0F0.js
trade.thinkorswim.com/assets/ 		2 MB
685 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/assets/index-5mQ1w0F0.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:257b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
68ff7fd6acd1a4ba82d64f7318f2d332b71b944591899f8a50247e60693ef014
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-tdM5+E1PGtuNJwsISoBkOw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
Origin
https://trade.thinkorswim.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-tdM5+E1PGtuNJwsISoBkOw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
date
Fri, 22 Mar 2024 18:34:05 GMT
f5ip
162.93.118.11
content-length
699508
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 20:32:39 GMT
etag
W/"1a937e-18e62b73a58"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://trade.thinkorswim.com
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
vendor-hQXhpZZN.js
trade.thinkorswim.com/assets/ 		3 MB
807 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/assets/vendor-hQXhpZZN.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:257b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af152bf7bcd78e9d79e3d61d4e1825aba0470d55b0c692fc92846cdac16d078e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-qpSCXmfSM6FtVFvFyidEcg==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
Origin
https://trade.thinkorswim.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-qpSCXmfSM6FtVFvFyidEcg==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
date
Fri, 22 Mar 2024 18:34:05 GMT
f5ip
162.93.118.11
content-length
824559
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 20:32:40 GMT
etag
W/"28329b-18e62b73e40"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
index-_ATbfLHL.css
trade.thinkorswim.com/assets/ 		142 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/assets/index-_ATbfLHL.css
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:257b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
29c607d2ea094c3c4a40b995533ffc025fa7fa5ead56e7962116cdeb2aa096f2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-oWCcFCrDkrCCqZCZ/8LJxw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
Origin
https://trade.thinkorswim.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-oWCcFCrDkrCCqZCZ/8LJxw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15768000
date
Fri, 22 Mar 2024 18:34:05 GMT
f5ip
162.93.118.11
content-length
35819
x-xss-protection
1; mode=block
last-modified
Thu, 21 Mar 2024 20:32:38 GMT
etag
W/"23818-18e62b73670"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
utag.sync.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
730fe2e07397893c2a624605f90870de0340d9ae3c456006beb394c7b968ac58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
2cSDgUJ00erfyJOk0GUjQ.cEk6dGzGx.
content-encoding
br
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 18:31:23 GMT
last-modified
Sat, 11 Mar 2023 05:16:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
247
x-amz-server-side-encryption
AES256
etag
W/"ec5e1f1f3107a79a352b045d1f8023de"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
i9e_PwcL9s3HkkoMx1iS0_Xh0HfrdnqbyYEb5QI8Riob-dRXLDrR3Q==
utag.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4517219142aaf0b2a98a4f21ddff15b56568bd66ce24e28293e5482728715658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
vjm6DaC0S6XBLZ0lT1Je7QmXzRQrTu29
content-encoding
gzip
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 18:34:06 GMT
last-modified
Sat, 11 Mar 2023 05:16:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
52
x-amz-server-side-encryption
AES256
etag
W/"79f347344d4beec7ba335412600916c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
5oUP4KlNUywL15pmU4CAKgHP2-M1G3u3xYj7UoDe-mq5knfHf1liyQ==
country.js
c.evidon.com/geo/ 		252 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.43.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-43-18.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 18:34:06 GMT
content-encoding
gzip
last-modified
Fri, 13 Mar 2020 23:46:45 GMT
server
AkamaiNetStorage
etag
"61397050076da6e6062ac7b53a8ef498:1584143205.714402"
vary
Accept-Encoding, Origin
access-control-max-age
108000
content-type
application/x-javascript
access-control-allow-origin
access-control-allow-methods
GET,OPTIONS,POST
accept-ranges
bytes
access-control-allow-headers
*
content-length
174
events
analytics.tdameritrade.com/clickstream-v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.tdameritrade.com/clickstream-v1/events
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.191 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
analytics-tx-tmp.tdameritrade.com
Software
1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://trade.thinkorswim.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Authorization, Origin, X-Requested-With, Content-Type
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://trade.thinkorswim.com
Access-Control-Max-Age
1800
Date
Fri, 22 Mar 2024 18:34:05 GMT
P3P
CP: CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL HIS OTP OUR IND CNT
Server
1
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1711132446068
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1711132446068
221 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1711132446068
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/
Protocol
H2
Server
52.208.77.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-77-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
363d3952ac01a3d875ef487456e3979e52884434a8a9d3ac88848aee6aea299d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v058-0ad823aca.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Fri, 22 Mar 2024 18:34:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
GDQ1vWf8TIo=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://trade.thinkorswim.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
218
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v058-033a81dc6.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 22 Mar 2024 18:34:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
Mvtnxy0fQC8=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F3470978534690820A490D4C%40AdobeOrg&d_nsid=0&ts=1711132446068
access-control-allow-origin
https://trade.thinkorswim.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
events
analytics.tdameritrade.com/clickstream-v1/ 		0
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.tdameritrade.com/clickstream-v1/events
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
198.200.171.191 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
analytics-tx-tmp.tdameritrade.com
Software
1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trade.thinkorswim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 22 Mar 2024 18:34:07 GMT
Strict-Transport-Security
max-age=31536000
Server
1
Transfer-Encoding
chunked
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://trade.thinkorswim.com
P3P
CP: CAO DSP COR CUR ADM DEV TAI PSA PSD IVA IVD CON TEL HIS OTP OUR IND CNT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Allow-Origin, Authorization, Origin, X-Requested-With, Content-Type
utag.9.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.9.js?utv=ut4.46.202005212049
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b674df5f41de4465baf6655fe57d73a4b003ab0fe10e924205fa292bec2df14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
p0Z6UjMoSBUY8v8a7zKvnReT6ucrB_aR
content-encoding
br
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 18:34:06 GMT
last-modified
Sat, 11 Mar 2023 05:16:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
247
x-amz-server-side-encryption
AES256
etag
W/"08a628640d38ba154a41c68fc059e7f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
_j6G5A-DE4Bri2mntL1skzfwEv-KRZSs_wIUBbS2pBlDpypsaeq7Iw==
utag.11.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.11.js?utv=ut4.46.202007082036
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1931bca29d0c4b439119ec87a7b17da82c10b3b56a255fb8180db822de4ebf5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
_eItvOGNy.U433zWa5IP_laQNcQFfEwY
content-encoding
gzip
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 18:34:06 GMT
last-modified
Sat, 11 Mar 2023 05:16:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
247
x-amz-server-side-encryption
AES256
etag
W/"d5afb549968cb250834533a22339b213"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
1wvkGrrYdv3s_uKjbNkF9DzD42lP_Dj8AXW-8g84SuQo_OTbW9Vx2g==
utag.13.js
tags.tiqcdn.com/utag/tdameritrade/traderx/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.13.js?utv=ut4.46.202006012056
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4800:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b2ff07865c5661f29a3ae95f3c1f4cda186faf0b7c3eb78c8a706b446e25185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
jk1Sg9J9aSDq1BYvZUOiwuwkPXr4q1Fv
content-encoding
br
via
1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront)
date
Fri, 22 Mar 2024 18:34:06 GMT
last-modified
Sat, 11 Mar 2023 05:16:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
247
x-amz-server-side-encryption
AES256
etag
W/"38a399d65187d6c9f5abfdbb6e212946"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
PAQyJ2iYtcuMXsofQSuVIL9I8HaZ87uzP6pGsgEVaSoDtK_Tw2LY-A==
config
trade.thinkorswim.com/v1/api/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trade.thinkorswim.com/v1/api/config
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/assets/index-5mQ1w0F0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::687e:257b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-uX9ajETNsUOfN0CXbxNqOw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-uX9ajETNsUOfN0CXbxNqOw==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 22 Mar 2024 18:34:06 GMT
strict-transport-security
max-age=15768000
etag
W/"43a-IGKy0Wp75lUnE90PF5vGeddaRFY"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
f5ip
162.93.118.11
content-length
571
x-xss-protection
1; mode=block
st.v2.js
www.everestjs.net/static/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/st.v2.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.212.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-212-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Date
Fri, 22 Mar 2024 18:34:06 GMT
Last-Modified
Tue, 13 Feb 2024 11:01:30 GMT
Server
AmazonS3
x-amz-request-id
S40HQWMKZ8XXQCKW
ETag
"d73d8ba2b42bc9ea3b8e7648872af35d"
x-amz-server-side-encryption
AES256
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11674
x-amz-id-2
nOsUyLyMdGo1sQ72cWawws7AwRzwN/kZAmc1Y2wyKSvEmZp55hFe7ZCcdY1gfPW8ftF06jEdW+s=
js
www.googletagmanager.com/gtag/ 		193 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-1620481
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 18:34:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72065
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Mar 2024 18:34:06 GMT
id
sstats.tdameritrade.com/ 		48 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.tdameritrade.com/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=F3470978534690820A490D4C%40AdobeOrg&mid=57932405720315556150677386363666547451&ts=1711132446655
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-27.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Mar 2024 18:34:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://trade.thinkorswim.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
61fc0ce9f38fac1718d5c11e
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/61fc0ce9f38fac1718d5c11e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://trade.thinkorswim.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 22 Mar 2024 18:34:06 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220077-FRA
x-timer
S1711132447.774302,VS0,VE1
61fc0ce9f38fac1718d5c11e
app.launchdarkly.com/sdk/goals/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/61fc0ce9f38fac1718d5c11e
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/assets/vendor-hQXhpZZN.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trade.thinkorswim.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.6
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish
date
Fri, 22 Mar 2024 18:34:06 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220077-FRA
x-timer
S1711132447.796805,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYzNmZjU5ZDAtZTg3YS0xMWVlLWEyODMtYWZmYTFmMDE5NjM4In0
app.launchdarkly.com/sdk/evalx/61fc0ce9f38fac1718d5c11e/contexts/ 		2 KB
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/61fc0ce9f38fac1718d5c11e/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYzNmZjU5ZDAtZTg3YS0xMWVlLWEyODMtYWZmYTFmMDE5NjM4In0
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/assets/vendor-hQXhpZZN.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://trade.thinkorswim.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.6
accept-language
de-DE,de;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 18:34:06 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
MISS
content-length
362
x-served-by
cache-fra-eddf8230042-FRA, cache-fra-etou8220077-FRA
x-timer
S1711132447.796020,VS0,VE45
etag
"0dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYzNmZjU5ZDAtZTg3YS0xMWVlLWEyODMtYWZmYTFmMDE5NjM4In0
app.launchdarkly.com/sdk/evalx/61fc0ce9f38fac1718d5c11e/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/61fc0ce9f38fac1718d5c11e/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYzNmZjU5ZDAtZTg3YS0xMWVlLWEyODMtYWZmYTFmMDE5NjM4In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://trade.thinkorswim.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 22 Mar 2024 18:34:06 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220077-FRA
x-timer
S1711132447.773993,VS0,VE1
s89523604826434
sstats.tdameritrade.com/b/ss/tdameritrade-client,tdameritrade-rollup/10/JS-2.7.0/ 		117 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sstats.tdameritrade.com/b/ss/tdameritrade-client,tdameritrade-rollup/10/JS-2.7.0/s89523604826434?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F2%2F2024%2019%3A34%3A6%205%20-60&d.&nsid=0&jsonv=1&.d&mid=57932405720315556150677386363666547451&aamlh=6&ce=UTF-8&ns=F3470978534690820A490D4C%40AdobeOrg&pageName=traderx%3A%3Ahome&g=https%3A%2F%2Ftrade.thinkorswim.com%2F&c.&cm.&ssf=1&.cm&.c&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&h1=traderx%3A%3Ahome&c6=Prospect&v8=D%3Dc6&c21=https%3A%2F%2Ftrade.thinkorswim.com%2F&v21=D%3Dc22&c22=1%3A30PM&v22=D%3Dc23&c23=Friday&v23=D%3Dc24&c24=Weekday&v45=3.0.0&c49=traderx%7Cprod%7C202209212311%7Cmissing%20tda_dl%20event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F3470978534690820A490D4C%40AdobeOrg&AQE=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/tdameritrade/traderx/prod/utag.sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-27.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Mar 2024 18:34:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 23 Mar 2024 18:34:06 GMT
server
jag
etag
3674628948849000448-4617801562787407440
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
117
x-xss-protection
1; mode=block
expires
Thu, 21 Mar 2024 18:34:06 GMT
Primary Request auth
auth.tdameritrade.com/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/assets/index-5mQ1w0F0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
f66222fa877b5654d2952c08f1b2f46fb3883cf4bb0e9270fe9eb6769f1f2581
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trade.thinkorswim.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Authorization-Response-Type
1
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Fri, 22 Mar 2024 18:34:06 GMT
Expires
0
Keep-Alive
timeout=60
Pragma
no-cache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
vary
accept-encoding
adrum-23.8.0.4309.js
cdn.appdynamics.com/adrum/ 		111 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-23.8.0.4309.js
Requested by
Host: trade.thinkorswim.com
URL: https://trade.thinkorswim.com/assets/index-5mQ1w0F0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-62.fra60.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 21:26:04 GMT
content-encoding
gzip
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
2495282
x-cache
Hit from cloudfront
last-modified
Fri, 25 Aug 2023 06:34:15 GMT
server
nginx/1.16.1
etag
W/"64e84b67-1bb2f"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
fWXZ2Xj5gYxl8qcASyYMrqU30MjNJJ1-BbveGl05p0tAA6hnMR1exw==
eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYzNmZjU5ZDAtZTg3YS0xMWVlLWEyODMtYWZmYTFmMDE5NjM4In0
clientstream.launchdarkly.com/eval/61fc0ce9f38fac1718d5c11e/ 		2 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/61fc0ce9f38fac1718d5c11e/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiYzNmZjU5ZDAtZTg3YS0xMWVlLWEyODMtYWZmYTFmMDE5NjM4In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://trade.thinkorswim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 18:34:07 GMT
strict-transport-security
max-age=31536000
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
1852
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
pixel_details.html
www.everestjs.net/static/ Frame 3618
Redirect Chain
  • https://pixel.everesttech.net/2521/gr?ev_gb=0&url=https%3A%2F%2Fwww.everestjs.net%2Fstatic%2Fpixel_details.html%23google%3D__EFGCK__%26gsurfer%3D__EFGSURFER__%26imsId%3D__EFIMSORGID__%26is_fb_cooki...
  • https://www.everestjs.net/static/pixel_details.html
166 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.everestjs.net/static/pixel_details.html
Requested by
Host: www.everestjs.net
URL: https://www.everestjs.net/static/st.v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.212.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-212-65.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://trade.thinkorswim.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
146
Content-Type
text/html
Date
Fri, 22 Mar 2024 18:34:07 GMT
ETag
"003ecf27f0c456effed26f884130b077"
Last-Modified
Mon, 15 Mar 2021 04:37:06 GMT
Server
AmazonS3
Vary
Accept-Encoding
x-amz-id-2
Ah9w+HahS9wA5bbjydKBJQoTI+AQaMdbEb5AJ0x8tY5M8WALJ+/mE66FXMJKmfQjBbDh4rBQf48=
x-amz-request-id
9JYHGJ1GB6B8AVQ2
x-amz-version-id
null

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
382
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Mar 2024 18:34:07 GMT
Location
https://www.everestjs.net/static/pixel_details.html#google=Zf3PHwAAAA00ByYV&gsurfer=Zf3PHwAAAA00ByYV&imsId=&is_fb_cookie_synced=0&optout=0&throttleCookie=&time=20240322183407
P3P
CP="NOI DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
Server
Apache
adrum-ext.89188edf1c7df38b8e63edb7368e911e.js
cdn.appdynamics.com/ 		53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.89188edf1c7df38b8e63edb7368e911e.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-23.8.0.4309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-62.fra60.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trade.thinkorswim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 02:18:07 GMT
content-encoding
gzip
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P7
age
2045760
x-cache
Hit from cloudfront
last-modified
Fri, 25 Aug 2023 06:34:16 GMT
server
nginx/1.16.1
etag
W/"64e84b68-d40e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
MRulrhcMKMl-_m4ERgBJx1TOzbxc7zbNnQw0IzJ25UsMuomUGb50tg==
adrum-xd.89188edf1c7df38b8e63edb7368e911e.html
cdn.appdynamics.com/ Frame 0281 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-xd.89188edf1c7df38b8e63edb7368e911e.html
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-23.8.0.4309.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-62.fra60.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://trade.thinkorswim.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
age
268679
cache-control
public, max-age=2678400, s-max-age=14400
content-encoding
gzip
content-type
text/html
date
Tue, 19 Mar 2024 15:56:08 GMT
etag
W/"64e84b68-7c8"
last-modified
Fri, 25 Aug 2023 06:34:16 GMT
server
nginx/1.16.1
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-amz-cf-id
-D07mAQst0ReDy4293uklP2UCg7Mj30xC6n-n6Dyd33xObL4jQ7dpQ==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
tdasans_remote.css
media.tdameritrade.com/media/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.tdameritrade.com/media/css/tdasans_remote.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.210.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-210-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9583f9709cda6506cb1f30e7420f6c8f03d8ec2c843d9007d1d92bfc99dd681
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 07 Mar 2021 23:20:17 GMT
Server
Apache
Date
Fri, 22 Mar 2024 18:34:07 GMT
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43293
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
445
X-Xss-Protection
1; mode=block
Expires
Sat, 23 Mar 2024 06:35:40 GMT
verde-components-0.1.0.css
auth.tdameritrade.com/ux/c5703/default-client/verde/ 		58 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c5703/default-client/verde/verde-components-0.1.0.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
63952f93e27100bd5758410ed43996ad09523c932311072bb6d17f79a5373faa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:06 GMT
Last-Modified
Thu, 21 Mar 2024 00:43:50 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
verde-global-0.1.0.css
auth.tdameritrade.com/ux/c5703/default-client/verde/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c5703/default-client/verde/verde-global-0.1.0.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
019eb78081e4a0a7716ceef2117c0a1d34204cbb1a64cb4e5244ddfd359a85d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:06 GMT
Last-Modified
Thu, 21 Mar 2024 00:43:50 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
authorize_tdspec.css
auth.tdameritrade.com/ux/c5703/default-client/verde/ 		53 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c5703/default-client/verde/authorize_tdspec.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
7368c6c38ed72b6abda1a2b941bb0eb3da26ac0eb5e65807c2d6d0c66a3a4a71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Thu, 21 Mar 2024 00:43:50 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
breakpoints.css
auth.tdameritrade.com/ux/c5703/default-client/verde/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c5703/default-client/verde/breakpoints.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
9b2872155bd1a64e04332cfd04603c2d3b97233be0da9c303e0b67ea7744c9a5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Thu, 21 Mar 2024 00:43:50 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
beta.css
auth.tdameritrade.com/ux/c5703/tda_trader_x/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c5703/tda_trader_x/beta.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
42233038f8c9240bcdeb2250bd7d96c91fce53f46067cd4770386e20e0c36c22
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Thu, 21 Mar 2024 00:43:51 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
clwe.css
auth.tdameritrade.com/ux/c5703/tda_trader_x/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/ux/c5703/tda_trader_x/clwe.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
e8836856f9db95f7378de2dd4f2291f6b8879c6c1b7e35a19d28100fb3ed07bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Thu, 21 Mar 2024 00:43:51 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
text/css
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
details-shim.min.css
auth.tdameritrade.com/js/jc9982/ 		441 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/details-shim.min.css
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
bcc1197e8910e9555167790b1162ddd6276733001966535181a4af3462d89c01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Date
Fri, 22 Mar 2024 18:34:07 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
441
X-XSS-Protection
1; mode=block
liveTrading.svg
auth.tdameritrade.com/ux/c5703/tda_trader_x/logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.tdameritrade.com/ux/c5703/tda_trader_x/logos/liveTrading.svg
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
eec4fa70bee34de35f4d3f455c48018abf381031b5890ccf29afb688bc9ce834
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Date
Fri, 22 Mar 2024 18:34:07 GMT
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 21 Mar 2024 00:43:51 GMT
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
5648
X-XSS-Protection
1; mode=block
fp.js
auth.tdameritrade.com/js/jc9982/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/fp.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
99d5464382afb4cff84d2230c8820ce516cb2b11a7d1224cadf67312dc90ee8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
Strict-Transport-Security
max-age=31536000
X-Frame-Options
DENY
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
cfpJSON.js
auth.tdameritrade.com/js/jc9982/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/cfpJSON.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
85b8a82558e7bf225419aa9bccf4f869428295ca559236f45e84325070b056cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
Strict-Transport-Security
max-age=31536000
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
gfp.js
auth.tdameritrade.com/js/jc9982/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/gfp.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
8470441449e3a3d2ed4a81ca77ec9a106fc9ca8b4f0b8427515444172df087ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
Strict-Transport-Security
max-age=31536000
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
details-shim.min.js
auth.tdameritrade.com/js/jc9982/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/details-shim.min.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
dd65e802ac90410bdef1f148c75f8c1d40638db70495c6000d089d09f8aada8d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
Strict-Transport-Security
max-age=31536000
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
auth.js
auth.tdameritrade.com/js/jc9982/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/auth.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
560636338ac599e39117a7e8e6e95b0f4fb680f68cc63f958caeb204024b9c0f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
Strict-Transport-Security
max-age=31536000
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
dropdowns.js
auth.tdameritrade.com/js/jc9982/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tdameritrade.com/js/jc9982/dropdowns.js
Requested by
Host: auth.tdameritrade.com
URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
198.200.171.172 , United States, ASN1399 (T2-CT-CN, US),
Reverse DNS
tx-cfe-oauth.tdameritrade.com
Software
/
Resource Hash
bf870463825b85ea22d90d8cbeb8ebc1858850f352cbd9d9ed952201c68a5ef0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Fri, 22 Mar 2024 18:34:07 GMT
Last-Modified
Tue, 08 Aug 2023 13:43:03 GMT
Strict-Transport-Security
max-age=31536000
Vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
X-Frame-Options
DENY
Content-Type
application/javascript
Transfer-Encoding
chunked
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
X-XSS-Protection
1; mode=block
TDAmeritradeSans-Medium_v1-12.woff2
media.tdameritrade.com/media/fonts/tdasans-display/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.tdameritrade.com/media/fonts/tdasans-display/TDAmeritradeSans-Medium_v1-12.woff2
Requested by
Host: media.tdameritrade.com
URL: https://media.tdameritrade.com/media/css/tdasans_remote.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.210.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-210-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d467a2863558a9754a650569c532f1a03e6d2e02e62524d739d9af73cf4c048c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.tdameritrade.com/media/css/tdasans_remote.css
Origin
https://auth.tdameritrade.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 29 Apr 2019 18:21:08 GMT
Server
Apache
Date
Fri, 22 Mar 2024 18:34:08 GMT
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46852
X-Xss-Protection
1; mode=block
TDAmeritradeSans-Regular_v1-12.woff2
media.tdameritrade.com/media/fonts/tdasans-display/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.tdameritrade.com/media/fonts/tdasans-display/TDAmeritradeSans-Regular_v1-12.woff2
Requested by
Host: media.tdameritrade.com
URL: https://media.tdameritrade.com/media/css/tdasans_remote.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.210.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-210-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
de2b959a7a7718c4931a64a1514a54fc30bacc383a44a90f139b0af2560f0c41
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://media.tdameritrade.com/media/css/tdasans_remote.css
Origin
https://auth.tdameritrade.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors 'self' *.tdameritrade.com *.ameritrade.com http://*.tdameritrade.com/ https://*.tdainstitutional.com https://*.amtd.com https://amtd.com https://*.tradewise.com https://tdaconferences.com https://*.tdameritradeconferences.com https://*.exploringyourindependence.com https://*.thinkorswim.com https://*.tdameritradenetwork.com https://tdameritradenetwork.com https://*.eliteadvisorsummit.com https://*.essentialoptionstrategies.com; object-src 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 29 Apr 2019 18:21:09 GMT
Server
Apache
Date
Fri, 22 Mar 2024 18:34:08 GMT
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44768
X-Xss-Protection
1; mode=block
truncated
/ 		611 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0376e1284d59c310ce07d9ff2261410bee8e134e54dcb2e3f7f56ce4b4238fe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| Fingerprint2 function| Refingerprint function| CFingerprint function| md5 string| SEP string| PAIR string| DEV number| ver function| URLencode function| encode_deviceprint function| post_deviceprint function| activeXDetect function| stripIllegalChars function| stripFullPath function| deviceprint_browser function| deviceprint_display function| deviceprint_software function| deviceprint_timezone function| deviceprint_language function| deviceprint_java function| deviceprint_cookie function| Hashtable string| ua boolean| opera boolean| ie boolean| iemac number| moz string| os function| details_shim function| expandDetails function| togglePassword function| trim boolean| hasStorage boolean| activeactive string| clientId function| localStore function| localGet function| localRemove function| performOnce function| performMany function| hide function| show function| isClass function| resetAuthenticator function| breakout object| intervalActual function| wait function| toggleMyForm function| checkstatus function| getOptionalParams function| copy function| clwe function| clientRedirectDefault function| clientRedirect boolean| submitted function| formSubmitted function| reset function| clearForm function| changeLanguage function| toggleAll function| getValue function| isAutofilled function| testElement function| test function| shouldStore function| setRememberUserId function| _checkForm function| updateForm function| validate function| offset function| closeDropdowns function| isMobileDevice function| _typeof function| _classCallCheck function| _defineProperties function| _createClass function| _possibleConstructorReturn function| _assertThisInitialized function| _inherits function| _wrapNativeSuper function| isNativeReflectConstruct function| _construct function| _isNativeFunction function| _setPrototypeOf function| _getPrototypeOf object| tdaDropdownTemplate function| tdaDropDown function| renderNativeDropdowns object| ctx string| t

19 Cookies

Domain/Path Name / Value
trade.thinkorswim.com/ Name: language
Value: en-US
.thinkorswim.com/ Name: ak_bmsc
Value: 9000C3E12EAF231EBFA21AF2AA7A8A92~000000000000000000000000000000~YAAQdyV+aGChS2KOAQAAiAxxZxd9+/asb6QjyN3t/c5Mxjj4VMyNH+B/cxqfFEZfIwSHy+5+K1rYZVEJTewzEZvJoxBTWoseYg86dqsU0E3CaZsc/QpbsGO/Y7DN6P9pT/Lq8EuZqz1V3DeZEMmt1tYzRWN+QG8b5F5QQSCHvBTo1VWXJtc97/fjJAD1eGKxVZA+WX1N/c/Tb8ZFTokJBMTZgw6b74bOShpq8LoDk/jivvtr7VMf1OMKtlBq8SYD9Ymd7HYCQQ8BIhDSiSHvxJytBN00ryfqMqCWz9scPV4wqt2v0psV/d99cpE2DEqx4uhTx3ng4MAk7aI/j5oytWXhtTvvC2AFosM3K+S24PMrgw00yy3aKMrvqvEH7J2soG8dQ1zBQQs8Mbbglw9iD+zqAZbBxly56w==
.thinkorswim.com/ Name: utag_main
Value: v_id:018e67710d610012cf94c842a82a03074001e06c00b08$_sn:1$_se:1$_ss:1$_st:1711134246051$ses_id:1711132446051%3Bexp-session$_pn:1%3Bexp-session
.demdex.net/ Name: demdex
Value: 57953079426972572950679523518960096171
.thinkorswim.com/ Name: gdpr
Value: true
.thinkorswim.com/ Name: AMCVS_F3470978534690820A490D4C%40AdobeOrg
Value: 1
.thinkorswim.com/ Name: bm_sv
Value: 55C3DD4E501720C34C0AAC195B645BF5~YAAQdyV+aPihS2KOAQAA2w9xZxcoR8Jsxq9GTzvlSOVbv8N+X7AVc28Xyg2jSTeToqKqOheft+9rxqsmg+l7Gr0t6hc+jPw+VAH1vxQNyYiJH+mRNArmqVRyrTijrh92B8Bh25JIHafRmu96hvjKiqMqupw/VDRGng7e7GIvBz7Czl/GHbwSvPPyReleLWH6Vv9/upyeCNrCN8YYzbXxrcFErmK9hj4rwfTA9Mlu4JX7Rq+WdbinLw52x3j/FZgv1cUVm8Q=~1
.thinkorswim.com/ Name: _gcl_au
Value: 1.1.1270716053.1711132447
.thinkorswim.com/ Name: AMCV_F3470978534690820A490D4C%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C19805%7CMCMID%7C57932405720315556150677386363666547451%7CMCAAMLH-1711737246%7C6%7CMCAAMB-1711737246%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1711139646s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.3.0
.thinkorswim.com/ Name: s_pers
Value: %20s_pageName%3Dtraderx%253A%253Ahome%7C1711134246813%3B
.thinkorswim.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zf3PHwAAAA00ByYV
.everesttech.net/ Name: everest_session_v2
Value: Zf3PHwAAAA00ByYV
auth.tdameritrade.com/ Name: ADRUM_BTa
Value: R:30|g:f663273d-b4df-4ec8-b471-4189f49f4217|n:customer1_bb5bb0b7-421e-4345-9ad7-62a11b741bf7
auth.tdameritrade.com/ Name: SameSite
Value: None
auth.tdameritrade.com/ Name: ADRUM_BT1
Value: R:30|i:5254|e:14
auth.tdameritrade.com/ Name: NSC_JOkuz4qpe4efcwddlqol43cysdy1pd3
Value: 14b5a3d9852b4f2d249322ee84dfff62a353643fab6d0d7a3bfc51cc613093191f0d74f4
.thinkorswim.com/ Name: ADRUM
Value: s=1711132447433&r=https%3A%2F%2Ftrade.thinkorswim.com%2F
auth.tdameritrade.com/ Name: SESSION
Value: VERBVFJBREVSWCBiNTkwNjVlNC01ODI1LTQ5MzYtOTkxMi03MDY3NWJlNjM5MjcgMCBhY2Q0MzA4NC0xYzU0LTQ3YjctODRlOC1iZjgzNWUxNmZmMmE=

5 Console Messages

Source Level URL
Text
other warning URL: https://trade.thinkorswim.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://trade.thinkorswim.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://trade.thinkorswim.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://auth.tdameritrade.com/auth?response_type=code&client_id=TDATRADERX%40AMER.OAUTHAP&code_challenge=z1gj-bpecbI8KeZtrbLdPQmrn39sHhgwOjOK9gpavXw&code_challenge_method=S256&exp=1711134246876&redirect_uri=https%3A%2F%2Ftrade.thinkorswim.com%2Foauth&cv=default&lang=en-us&state=isSchwab%3Dfalse
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://www.tdameritrade.com; default-src 'self' https://sws-gateway-nr.thinkorswim.com https://sws-gateway.thinkorswim.com https://*.schwab.tech https://*.everesttech.net https://*.rcrsv.io https://*.tdameritrade.com https://ste03lbclkapp00.iteclientsys.local https://*.ameritrade.com https://www.everestjs.net/ https://*.demdex.net/ https://tags.tiqcdn.com/utag/tdameritrade/traderx https://*.launchdarkly.com https://cdn.appdynamics.com 'nonce-aP7HbhMtPn25QbI1TGTI/A==' wss://services.thinkorswim.com/Services/WsJson wss://services-demo.thinkorswim.com/Services/WsJson wss://thinkorswim-services.schwab.com/Services/WsJson wss://papermoney-services.schwab.com/Services/WsJson https://*.schwab.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.schwab.com https://cdn.appdynamics.com https://tags.tiqcdn.com https://*.evidon.com https://www.everestjs.net https://www.googletagmanager.com https://*.rcrsv.io https://sstats.tdameritrade.com/; style-src 'self' 'unsafe-inline' https://*.rcrsv.io; object-src 'none'; img-src https: data:;
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tdameritrade.com
app.launchdarkly.com
auth.tdameritrade.com
c.evidon.com
cdn.appdynamics.com
clientstream.launchdarkly.com
dpm.demdex.net
media.tdameritrade.com
pixel.everesttech.net
sstats.tdameritrade.com
tags.tiqcdn.com
trade.thinkorswim.com
www.everestjs.net
www.googletagmanager.com
108.128.117.205
13.248.151.210
151.101.194.217
198.200.171.172
198.200.171.191
23.212.210.31
23.212.212.65
23.53.43.18
2600:9000:235a:4800:7:2bfb:7c00:93a1
2a00:1450:4001:810::2008
2a02:26f0:7100::687e:257b
3.160.150.62
52.208.77.120
63.140.62.27
019eb78081e4a0a7716ceef2117c0a1d34204cbb1a64cb4e5244ddfd359a85d7
0376e1284d59c310ce07d9ff2261410bee8e134e54dcb2e3f7f56ce4b4238fe0
0b2ff07865c5661f29a3ae95f3c1f4cda186faf0b7c3eb78c8a706b446e25185
1931bca29d0c4b439119ec87a7b17da82c10b3b56a255fb8180db822de4ebf5c
29c607d2ea094c3c4a40b995533ffc025fa7fa5ead56e7962116cdeb2aa096f2
2b674df5f41de4465baf6655fe57d73a4b003ab0fe10e924205fa292bec2df14
363d3952ac01a3d875ef487456e3979e52884434a8a9d3ac88848aee6aea299d
42233038f8c9240bcdeb2250bd7d96c91fce53f46067cd4770386e20e0c36c22
4517219142aaf0b2a98a4f21ddff15b56568bd66ce24e28293e5482728715658
560636338ac599e39117a7e8e6e95b0f4fb680f68cc63f958caeb204024b9c0f
63952f93e27100bd5758410ed43996ad09523c932311072bb6d17f79a5373faa
68ff7fd6acd1a4ba82d64f7318f2d332b71b944591899f8a50247e60693ef014
730fe2e07397893c2a624605f90870de0340d9ae3c456006beb394c7b968ac58
7368c6c38ed72b6abda1a2b941bb0eb3da26ac0eb5e65807c2d6d0c66a3a4a71
8470441449e3a3d2ed4a81ca77ec9a106fc9ca8b4f0b8427515444172df087ed
85b8a82558e7bf225419aa9bccf4f869428295ca559236f45e84325070b056cc
93fcce836acd3c5fddef72886198a8a9b58b7230bd295f3bb7440e89f3ab8efb
99d5464382afb4cff84d2230c8820ce516cb2b11a7d1224cadf67312dc90ee8a
9b2872155bd1a64e04332cfd04603c2d3b97233be0da9c303e0b67ea7744c9a5
af152bf7bcd78e9d79e3d61d4e1825aba0470d55b0c692fc92846cdac16d078e
bcc1197e8910e9555167790b1162ddd6276733001966535181a4af3462d89c01
bf870463825b85ea22d90d8cbeb8ebc1858850f352cbd9d9ed952201c68a5ef0
d467a2863558a9754a650569c532f1a03e6d2e02e62524d739d9af73cf4c048c
dd65e802ac90410bdef1f148c75f8c1d40638db70495c6000d089d09f8aada8d
de2b959a7a7718c4931a64a1514a54fc30bacc383a44a90f139b0af2560f0c41
e8836856f9db95f7378de2dd4f2291f6b8879c6c1b7e35a19d28100fb3ed07bd
eec4fa70bee34de35f4d3f455c48018abf381031b5890ccf29afb688bc9ce834
f66222fa877b5654d2952c08f1b2f46fb3883cf4bb0e9270fe9eb6769f1f2581
f9583f9709cda6506cb1f30e7420f6c8f03d8ec2c843d9007d1d92bfc99dd681
fd6321a73fa53c24f5ac39432a3eaf12305d410b415349e19278548b8a4deb75