cards.td.com Open in urlscan Pro
13.111.140.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.email-td.com/?qs=3bdd330b2410f2f45cf0ffdae5c0aee2fbaa581707fb26f8f26454634b9d99f31fa7ba33c744cf6f21fa544bea9f...
Effective URL:
https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491c...
Submission: On October 05 via manual (October 5th 2023, 6:16:21 pm UTC) from CA — Scanned from CA

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 8 domains to perform 19 HTTP transactions. The main IP is 13.111.140.178, located in United States and belongs to SALESFORCE, US. The main domain is cards.td.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 27th 2023. Valid for: a year.

This is the only time cards.td.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.39.44 13.111.39.44	14340 (SALESFORCE) (SALESFORCE)
6	13.111.140.178 13.111.140.178	14340 (SALESFORCE) (SALESFORCE)
1 1	198.245.82.44 198.245.82.44	14340 (SALESFORCE) (SALESFORCE)
1	198.245.82.43 198.245.82.43	14340 (SALESFORCE) (SALESFORCE)
5	3.5.29.47 3.5.29.47	() ()
19	4

1 13.111.39.44 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.e.email-td.com

click.e.email-td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.111.140.178 (United States)

ASN14340 (SALESFORCE, US)
PTR: cards.td.com

cards.td.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.245.82.44 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: pub.s6.exacttarget.com

pub.s6.exacttarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.245.82.43 (United States)

ASN14340 (SALESFORCE, US)

mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.5.29.47 (None, )

ASN- ()

tdloyalty.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	td.com cards.td.com	14 KB
5	amazonaws.com tdloyalty.s3.amazonaws.com	188 KB
1	sfmc-content.com mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com	15 KB
1	exacttarget.com 1 redirects pub.s6.exacttarget.com	256 B
1	email-td.com 1 redirects click.e.email-td.com image.e.email-td.com Failed	660 B
0	googletagmanager.com Failed www.googletagmanager.com Failed
0	polyfill.io Failed cdn.polyfill.io Failed
0	googleapis.com Failed ajax.googleapis.com Failed
19	8

	Domain	Requested by
6	cards.td.com	cards.td.com
5	tdloyalty.s3.amazonaws.com	cards.td.com
1	mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com	cards.td.com
1	pub.s6.exacttarget.com	1 redirects
1	click.e.email-td.com	1 redirects
0	www.googletagmanager.com Failed	cards.td.com
0	image.e.email-td.com Failed	cards.td.com
0	cdn.polyfill.io Failed	cards.td.com
0	ajax.googleapis.com Failed	cards.td.com
19	9

This site contains no links.

Subject Issuer	Validity	Valid
cards.td.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-27` - `2024-05-27`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-03-21` - `2023-12-19`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1
Frame ID: 4708CDA20FA8E06CB9557E4EBE0538D0
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.e.email-td.com/?qs=3bdd330b2410f2f45cf0ffdae5c0aee2fbaa581707fb26f8f26454634b9d99f31fa7ba33... HTTP 302
https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ec... Page URL

Page Statistics

19
Requests

58 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

4
IPs

1
Countries

219 kB
Transfer

283 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.email-td.com/?qs=3bdd330b2410f2f45cf0ffdae5c0aee2fbaa581707fb26f8f26454634b9d99f31fa7ba33c744cf6f21fa544bea9fcddd494c27c06a8a52e4cae36bc271c3bbf5 HTTP 302
https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://pub.s6.exacttarget.com/4zeq0q0zj5n HTTP 301
https://mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com/4zeq0q0zj5n

19 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request LCBOAeroplanOffer Show response cards.td.com/ Redirect Chain https://click.e.email-td.com/?qs=3bdd330b2410f2f45cf0ffdae5c0aee2fbaa581707fb26f8f26454634b9d99f31fa7ba33c744cf6f21fa544bea9fcddd494c27c06a8a52e4cae36bc271c3bbf5 https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:Credi...	9 KB 3 KB	596ms 196ms	Document text/html	13.111.140.178 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.111.140.178 , United States, ASN14340 (SALESFORCE, US), Reverse DNS cards.td.com Software / Resource Hash `a6316449d127a6d7b9d47932959f0f0691c4a6a9daaa8c07f077053c8d58dacc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control no-cache Connection close Content-Encoding gzip Content-Length 2767 Content-Type text/html; charset=utf-8 Date Thu, 05 Oct 2023 18:15:50 GMT Expires -1 Pragma no-cache Redirect headers Cache-Control private Connection close Content-Length 646 Content-Type text/html; charset=utf-8 Date Thu, 05 Oct 2023 18:15:48 GMT Location https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1
GET H/1.1	200 OK	111183963-LCBO_Aeroplan_Offer.css cards.td.com/	2 KB 958 B	263ms 89ms	Stylesheet text/css	13.111.140.178 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://cards.td.com/111183963-LCBO_Aeroplan_Offer.css Requested by Host: cards.td.com URL: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.111.140.178 , United States, ASN14340 (SALESFORCE, US), Reverse DNS cards.td.com Software / Resource Hash `cfe9c64798963a3a4bb92e6f892bc3b6bd820d906d928da7443aebdc2b236661` Request headers accept-language en-CA,en;q=0.9 Referer https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:15:50 GMT Cache-Control private Content-Encoding gzip Connection close Content-Length 775 Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	universal.v11.css cards.td.com/	25 KB 4 KB	265ms 84ms	Stylesheet text/css	13.111.140.178 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://cards.td.com/universal.v11.css Requested by Host: cards.td.com URL: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.111.140.178 , United States, ASN14340 (SALESFORCE, US), Reverse DNS cards.td.com Software / Resource Hash `d4955ea41f1c1b67c7e5b58c16ddd4335324c24b942ff419dc6cba36e07e7418` Request headers accept-language en-CA,en;q=0.9 Referer https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:15:50 GMT Cache-Control private Content-Encoding gzip Connection close Content-Length 3935 Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	legal.v3.css cards.td.com/	3 KB 1 KB	320ms 137ms	Stylesheet text/css	13.111.140.178 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://cards.td.com/legal.v3.css Requested by Host: cards.td.com URL: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.111.140.178 , United States, ASN14340 (SALESFORCE, US), Reverse DNS cards.td.com Software / Resource Hash `81087ecfe65ea448456d525c3f4ca9a2fc4814add39d602f243bf99660f1e2f6` Request headers accept-language en-CA,en;q=0.9 Referer https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:15:50 GMT Cache-Control private Content-Encoding gzip Connection close Content-Length 944 Content-Type text/css; charset=utf-8
GET H/1.1	200 OK	4zeq0q0zj5n mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com/ Redirect Chain https://pub.s6.exacttarget.com/4zeq0q0zj5n https://mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com/4zeq0q0zj5n	40 KB 15 KB	426ms 160ms	Stylesheet text/css	198.245.82.43 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com/4zeq0q0zj5n Requested by Host: cards.td.com URL: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Server 198.245.82.43 , United States, ASN14340 (SALESFORCE, US), Reverse DNS Software / Resource Hash `71e451ac992deb9e1967417132ffbc0f598259033f503ba22c6fe256e81401cc` Request headers accept-language en-CA,en;q=0.9 Referer https://cards.td.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Thu, 05 Oct 2023 18:15:51 GMT Content-Encoding gzip Content-Type text/css; charset=utf-8 Cache-Control no-cache Connection close Content-Length 14780 Expires -1 Redirect headers Location https://mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com/4zeq0q0zj5n Date Thu, 05 Oct 2023 18:15:50 GMT Cache-Control private Connection close Content-Length 186 Content-Type text/html; charset=utf-8
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/3.5.1/	0 0

GET		polyfill.min.js cdn.polyfill.io/v2/	0 0

GET H/1.1	200 OK	111183963-LCBO_Aeroplan_Offer_data.json Show response cards.td.com/	13 KB 4 KB	288ms 96ms	Script application/json	13.111.140.178 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://cards.td.com/111183963-LCBO_Aeroplan_Offer_data.json Requested by Host: cards.td.com URL: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.111.140.178 , United States, ASN14340 (SALESFORCE, US), Reverse DNS cards.td.com Software / Resource Hash `b64bba2ff047e01f048cae8dab92bd400c49fb422ebee0eebdb4c6ffbf4df1dd` Request headers accept-language en-CA,en;q=0.9 Referer https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:15:50 GMT Cache-Control private Content-Encoding gzip Connection close Content-Length 3969 Content-Type application/json; charset=utf-8
GET H/1.1	200 OK	header_footer_data.v1.json Show response cards.td.com/	3 KB 876 B	310ms 110ms	Script application/json	13.111.140.178 SALESFORCE
General Check archive.org Show headers Download Go to Full URL https://cards.td.com/header_footer_data.v1.json Requested by Host: cards.td.com URL: https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.111.140.178 , United States, ASN14340 (SALESFORCE, US), Reverse DNS cards.td.com Software / Resource Hash `cc7d4d5287c39d2296c7d2c9b97080f7fa9059fdb91b59e299f50c00ccb57a77` Request headers accept-language en-CA,en;q=0.9 Referer https://cards.td.com/LCBOAeroplanOffer?qs=66259fc91b7ffbda27b8415302778afac389598c87c41e6627309ecf0ed1f81ae06f237491cd74fc85f78f8871ff376f&cellcode=3-1&JobID=1602713&lang=en&eml=eml:et:Canada:CreditCardsPersonal:Multipleproductcampaign:24979:3-1:Utilization:Existing:RECIPIENT.ENV:EM1:E:3-1::RegisterNow1&utm_source=sfmc&utm_medium=email&utm_campaign=F23LCBO_EM1_E&utm_content=RegisterNow1&sfmc_id=TDCT_0020_0711930286_00067796375_62FE3B4A&sfmc_activityid=1602713&utm_term=RegisterNow1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:15:50 GMT Cache-Control private Content-Encoding gzip Connection close Content-Length 685 Content-Type application/json; charset=utf-8
GET		4add465e-b278-4bf2-85ea-cb44989a1564.png image.e.email-td.com/lib/fe9a12747762077d75/m/9/	0 0

GET		2e81a4df-2588-4912-9551-63208316d881.gif image.e.email-td.com/lib/fe9a12747762077d75/m/1/	0 0

GET		js www.googletagmanager.com/gtag/	0 0

GET		gtm.js www.googletagmanager.com/	0 0

GET		b8f92a44-e15b-4bc0-9bab-274beaae5e14.png image.e.email-td.com/lib/fe9a12747762077d75/m/9/	0 0

GET H/1.1	200 OK	TDGraphik-Semibold-Web.woff2 tdloyalty.s3.amazonaws.com/web-fonts/	37 KB 38 KB	372ms 76ms	Font binary/octet-stream	3.5.29.47
General Check archive.org Show headers Download Go to Full URL https://tdloyalty.s3.amazonaws.com/web-fonts/TDGraphik-Semibold-Web.woff2 Requested by Host: cards.td.com URL: https://cards.td.com/universal.v11.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.29.47 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `c27f4fb33c2e78c692858e61cabf11d0cbc529d3040fcbcc39f3bd91bb6fd9df` Request headers Referer https://cards.td.com/ Origin https://cards.td.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:16:21 GMT Last-Modified Mon, 10 Feb 2020 19:06:24 GMT Server AmazonS3 x-amz-request-id P9JFHHBAEQW5VW8N ETag "36a06880823c61d7b7a15ad207823a85" Access-Control-Max-Age 3000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type binary/octet-stream Accept-Ranges bytes Content-Length 38364 x-amz-id-2 fdVLlrTK7iJyxQdQt8GlnOPF9Hyf3lXZoQbsn4iKK5EKvFET6XF8AzBJiD4nBHmAIBk6Ox+i+71mVdqG/MKYiMoBGYGxGHcWQiAmVxVvlxw=
GET H/1.1	200 OK	TDGraphik-Semilight-Web.woff2 tdloyalty.s3.amazonaws.com/web-fonts/	36 KB 37 KB	375ms 80ms	Font binary/octet-stream	3.5.29.47
General Check archive.org Show headers Download Go to Full URL https://tdloyalty.s3.amazonaws.com/web-fonts/TDGraphik-Semilight-Web.woff2 Requested by Host: cards.td.com URL: https://cards.td.com/universal.v11.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.29.47 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `c44f029613780a488fa1209aa009faefc4eeeb919ff04509d6a17521b93399c0` Request headers Referer https://cards.td.com/ Origin https://cards.td.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:16:21 GMT Last-Modified Mon, 10 Feb 2020 19:06:25 GMT Server AmazonS3 x-amz-request-id P9JFVW9AZB4CPW6S ETag "cef4db0cd00b0591d3de1acb23cd1e1c" Access-Control-Max-Age 3000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type binary/octet-stream Accept-Ranges bytes Content-Length 37208 x-amz-id-2 kvxGCyrblmbV1vH5l2bURQIOls9GCJWvncmLztvYrzHAcOWAuqFVS5R9pNGEUfTko4Ki2+aNbNFxyvQab/yM5P6KXV3zodNFfNWaTgsiaiw=
GET H/1.1	200 OK	TDGraphik-Bold-Web.woff2 tdloyalty.s3.amazonaws.com/web-fonts/	37 KB 37 KB	395ms 98ms	Font binary/octet-stream	3.5.29.47
General Check archive.org Show headers Download Go to Full URL https://tdloyalty.s3.amazonaws.com/web-fonts/TDGraphik-Bold-Web.woff2 Requested by Host: cards.td.com URL: https://cards.td.com/universal.v11.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.29.47 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `dae50dfc870fff6ad532514123c76c87c8a1ca2a966df7242d087c35307b9bbc` Request headers Referer https://cards.td.com/ Origin https://cards.td.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:16:21 GMT Last-Modified Mon, 10 Feb 2020 19:06:25 GMT Server AmazonS3 x-amz-request-id P9JDVHYWXDER3EXP ETag "f6439c639fda20cf2a526499f5f9b483" Access-Control-Max-Age 3000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type binary/octet-stream Accept-Ranges bytes Content-Length 37732 x-amz-id-2 Q0E5emgAViCTLGU1lvn846EomFfoeW4uwDDi8M52JJoCQsCoCrs0GZZbmXCKHbuDMpzEAsSQpncaX9BX1FpQGIPd/qH2nR34sGiLCHgdJmE=
GET H/1.1	200 OK	TDGraphik-Medium-Web.woff2 tdloyalty.s3.amazonaws.com/web-fonts/	37 KB 38 KB	399ms 97ms	Font binary/octet-stream	3.5.29.47
General Check archive.org Show headers Download Go to Full URL https://tdloyalty.s3.amazonaws.com/web-fonts/TDGraphik-Medium-Web.woff2 Requested by Host: cards.td.com URL: https://cards.td.com/universal.v11.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.29.47 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `b329c67ff699bcfdf76c1f6fa5156c348f961210826cd99ee11f4a93276a1165` Request headers Referer https://cards.td.com/ Origin https://cards.td.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:16:21 GMT Last-Modified Mon, 10 Feb 2020 19:06:27 GMT Server AmazonS3 x-amz-request-id P9J7JQ6C8SP10S1Y ETag "9852bc94c9e1b4cbb3e7eda5d6f9dbda" Access-Control-Max-Age 3000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type binary/octet-stream Accept-Ranges bytes Content-Length 38360 x-amz-id-2 4jDx0kjE8fuwtzQrTb/YPtOMJ6XVoq0uL78LRWNlXfSPopl7Ugd8wRyNwmP8xdp039GTFfSUlWlGwkng0+a6qFWaf9CCYbfa+eSHEjjuvBs=
GET DATA	200 OK	truncated /	3 KB 3 KB		Font application/x-font-woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a1fb3d0d81eb5d18ff7c5018c6a46bc8483f4c99abcde9ad4dea536af1e4848b` Request headers Referer Origin https://cards.td.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type application/x-font-woff2;charset=utf-8
GET H/1.1	200 OK	TDGraphik-Light-Web.woff2 tdloyalty.s3.amazonaws.com/web-fonts/	37 KB 37 KB	396ms 94ms	Font binary/octet-stream	3.5.29.47
General Check archive.org Show headers Download Go to Full URL https://tdloyalty.s3.amazonaws.com/web-fonts/TDGraphik-Light-Web.woff2 Requested by Host: cards.td.com URL: https://cards.td.com/universal.v11.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.5.29.47 -, , ASN (), Reverse DNS Software AmazonS3 / Resource Hash `43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97` Request headers Referer https://cards.td.com/ Origin https://cards.td.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Thu, 05 Oct 2023 18:16:21 GMT Last-Modified Mon, 10 Feb 2020 19:06:27 GMT Server AmazonS3 x-amz-request-id P9J5T0HA17KZBBZ7 ETag "7a410328894badfcdb0e2f48e2d2919f" Access-Control-Max-Age 3000 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Content-Type binary/octet-stream Accept-Ranges bytes Content-Length 37564 x-amz-id-2 ii+aHbDGHrRKKIZcQ7eJB7GkJdrUZSN1XAyCE7lHVyoohcaxVLM3Nh0s764L8piflDn0OZ9Zn+ezt0lK/cO+8DDZGpucQ5kscmALnJoJCUU=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Domain: cdn.polyfill.io
URL: https://cdn.polyfill.io/v2/polyfill.min.js

Domain: image.e.email-td.com
URL: https://image.e.email-td.com/lib/fe9a12747762077d75/m/9/4add465e-b278-4bf2-85ea-cb44989a1564.png

Domain: image.e.email-td.com
URL: https://image.e.email-td.com/lib/fe9a12747762077d75/m/1/2e81a4df-2588-4912-9551-63208316d881.gif

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-43755CFQMT

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3WGWZ5G

Domain: image.e.email-td.com
URL: https://image.e.email-td.com/lib/fe9a12747762077d75/m/9/b8f92a44-e15b-4bc0-9bab-274beaae5e14.png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Message: Failed to load resource: net::ERR_TIMED_OUT
network	error	URL: https://cdn.polyfill.io/v2/polyfill.min.js Message: Failed to load resource: net::ERR_TIMED_OUT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cards.td.com
cdn.polyfill.io
click.e.email-td.com
image.e.email-td.com
mc95rnbjq9nctt1bm4p0gs438r08.pub.sfmc-content.com
pub.s6.exacttarget.com
tdloyalty.s3.amazonaws.com
www.googletagmanager.com
ajax.googleapis.com
cdn.polyfill.io
image.e.email-td.com
www.googletagmanager.com
13.111.140.178
13.111.39.44
198.245.82.43
198.245.82.44
3.5.29.47
43ad095f34da8d8d17e1aa49feec927460e0f3cd1d58448164d2f65c19477f97
71e451ac992deb9e1967417132ffbc0f598259033f503ba22c6fe256e81401cc
81087ecfe65ea448456d525c3f4ca9a2fc4814add39d602f243bf99660f1e2f6
a1fb3d0d81eb5d18ff7c5018c6a46bc8483f4c99abcde9ad4dea536af1e4848b
a6316449d127a6d7b9d47932959f0f0691c4a6a9daaa8c07f077053c8d58dacc
b329c67ff699bcfdf76c1f6fa5156c348f961210826cd99ee11f4a93276a1165
b64bba2ff047e01f048cae8dab92bd400c49fb422ebee0eebdb4c6ffbf4df1dd
c27f4fb33c2e78c692858e61cabf11d0cbc529d3040fcbcc39f3bd91bb6fd9df
c44f029613780a488fa1209aa009faefc4eeeb919ff04509d6a17521b93399c0
cc7d4d5287c39d2296c7d2c9b97080f7fa9059fdb91b59e299f50c00ccb57a77
cfe9c64798963a3a4bb92e6f892bc3b6bd820d906d928da7443aebdc2b236661
d4955ea41f1c1b67c7e5b58c16ddd4335324c24b942ff419dc6cba36e07e7418
dae50dfc870fff6ad532514123c76c87c8a1ca2a966df7242d087c35307b9bbc

cards.td.com Open in urlscan Pro 13.111.140.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

19 Requests

58 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

4 IPs

1 Countries

219 kBTransfer

283 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

cards.td.com Open in urlscan Pro
13.111.140.178 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

58 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

4
IPs

1
Countries

219 kB
Transfer

283 kB
Size

0
Cookies

19 HTTP transactions
1 data transactions