partnershipcard.cc Open in urlscan Pro
2606:4700:30::681b:90bc Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://partnershipcard.cc/
Effective URL:
https://partnershipcard.cc/
Submission: On February 12 via manual (February 12th 2019, 5:46:56 pm UTC) from GB

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2606:4700:30::681b:90bc, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is partnershipcard.cc.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 6th 2019. Valid for: a year.

This is the only time partnershipcard.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: John Lewis Finance (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681b:91bc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
7	2606:4700:30:... 2606:4700:30::681b:90bc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2606:4700::68... 2606:4700::6813:c797	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
18	8

1 2606:4700:30::681b:91bc (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

partnershipcard.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:30::681b:90bc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

partnershipcard.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	partnershipcard.cc 1 redirects partnershipcard.cc	66 KB
3	gstatic.com fonts.gstatic.com	26 KB
2	jsdelivr.net cdn.jsdelivr.net	14 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	jquery.com code.jquery.com	24 KB
0	jqueryvalidation.org Failed jqueryvalidation.org Failed
18	7

	Domain	Requested by
8	partnershipcard.cc	1 redirects partnershipcard.cc
3	fonts.gstatic.com	partnershipcard.cc
2	cdn.jsdelivr.net	partnershipcard.cc
1	cdnjs.cloudflare.com	partnershipcard.cc
1	code.jquery.com	partnershipcard.cc
1	fonts.googleapis.com	partnershipcard.cc
1	ajax.googleapis.com	partnershipcard.cc
0	jqueryvalidation.org Failed	partnershipcard.cc
18	8

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-02-06` - `2020-02-06`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-10-27` - `2019-05-05`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://partnershipcard.cc/
Frame ID: 95CE698EAF7A32B40522DDF9E864EEF9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://partnershipcard.cc/ HTTP 301
https://partnershipcard.cc/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

18
Requests

89 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

171 kB
Transfer

522 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://partnershipcard.cc/ HTTP 301
https://partnershipcard.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
partnershipcard.cc/
Redirect Chain

http://partnershipcard.cc/
https://partnershipcard.cc/

17 KB
4 KB

86ms
34ms

Document
text/html

2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 066e2be7d254e5d13559b742b1099a1bf1f9ede1502944315161c7090f9731ae

Request headers

:method: GET
:authority: partnershipcard.cc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 12 Feb 2019 17:46:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600; expires=Wed, 12-Feb-20 17:46:40 GMT; path=/; domain=.partnershipcard.cc; HttpOnly; Secure
x-powered-by: PHP/5.3.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4a80e0444b7027aa-FRA
content-encoding: br

Redirect headers

Date: Tue, 12 Feb 2019 17:46:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 12 Feb 2019 18:46:40 GMT
Location: https://partnershipcard.cc/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4a80e043d9bd6373-FRA

GET
H2 200 bootstrap.min.css
partnershipcard.cc/assets/css/ 138 KB
19 KB 47ms
46ms Stylesheet
text/css 2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://partnershipcard.cc/assets/css/bootstrap.min.css
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

:path: /assets/css/bootstrap.min.css
pragma: no-cache
cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: partnershipcard.cc
referer: https://partnershipcard.cc/
:scheme: https
:method: GET
Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 02 Jan 2019 08:46:36 GMT
server: cloudflare
etag: W/"805ab-22688-57e75af027300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4a80e0449bda27aa-FRA
expires: Tue, 12 Feb 2019 21:46:40 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 18:55:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 687063
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 33593
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Feb 2020 18:55:37 GMT

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:814::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Rajdhani

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e0d7773ae2372286099dab4db08e7337fa5e4e260270c29b8b27498ff98d4381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 12 Feb 2019 17:46:40 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 12 Feb 2019 17:46:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 12 Feb 2019 17:46:40 GMT

GET
H2 200 master.css
partnershipcard.cc/assets/css/ 3 KB
1 KB 42ms
41ms Stylesheet
text/css 2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://partnershipcard.cc/assets/css/master.css
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fec2006c4d81c6c58e3f66adc5c1c4953086f0e8e720e3a02efea08a29859de

Request headers

:path: /assets/css/master.css
pragma: no-cache
cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: partnershipcard.cc
referer: https://partnershipcard.cc/
:scheme: https
:method: GET
Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 12 Jan 2019 23:24:34 GMT
server: cloudflare
etag: W/"805b0-d35-57f4b1d46b080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4a80e0449bdb27aa-FRA
expires: Tue, 12 Feb 2019 21:46:40 GMT

GET
H2 200 logo-lloyds-bank-print.png
partnershipcard.cc/assets/img/ 23 KB
23 KB 50ms
49ms Image
image/png 2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partnershipcard.cc/assets/img/logo-lloyds-bank-print.png
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6c902601fcf1269e64ece29edfc064716b37c0e315adc1e5138ed73cbf7ecf0

Request headers

:path: /assets/img/logo-lloyds-bank-print.png
pragma: no-cache
cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: partnershipcard.cc
referer: https://partnershipcard.cc/
:scheme: https
:method: GET
Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 03 Jan 2019 11:43:04 GMT
server: cloudflare
etag: "805ba-5c06-57e8c43f1e200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4a80e0449bdc27aa-FRA
content-length: 23558
expires: Tue, 12 Feb 2019 21:46:40 GMT

GET
H2 200 padlock-green.png
partnershipcard.cc/assets/img/ 5 KB
5 KB 43ms
42ms Image
image/png 2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partnershipcard.cc/assets/img/padlock-green.png
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb8b5767ff51dc6742d3a057d30ae9cd3d0ef62d72c0ac1f6283c5180a93ab01

Request headers

:path: /assets/img/padlock-green.png
pragma: no-cache
cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: partnershipcard.cc
referer: https://partnershipcard.cc/
:scheme: https
:method: GET
Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 12 Jan 2019 16:50:10 GMT
server: cloudflare
etag: "805bb-1368-57f459acab480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4a80e0449bdd27aa-FRA
content-length: 4968
expires: Tue, 12 Feb 2019 21:46:40 GMT

GET
H2 200 icon.svg
partnershipcard.cc/assets/img/ 1 KB
871 B 30ms
28ms Image
image/svg+xml 2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partnershipcard.cc/assets/img/icon.svg
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3921aee69395dbf9ec55ac3960e110b98fa5a4e6b16a04b0bfb572cdc3fe001

Request headers

:path: /assets/img/icon.svg
pragma: no-cache
cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: partnershipcard.cc
referer: https://partnershipcard.cc/
:scheme: https
:method: GET
Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Jan 2019 21:46:44 GMT
server: cloudflare
etag: W/"805b8-5c7-57ffecbf7f900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=14400
cf-ray: 4a80e044fc4c27aa-FRA
expires: Tue, 12 Feb 2019 21:46:40 GMT

GET
H/1.1 200
OK jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 110ms
50ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://partnershipcard.cc/
Origin: https://partnershipcard.cc

Response headers

Date: Tue, 12 Feb 2019 17:46:40 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: "5a637bd4-1111d"
Vary: Accept-Encoding
X-HW: 1549993600.dop013.pa1.shc,1549993600.dop013.pa1.t,1549993600.cds032.pa1.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 15ms
14ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://partnershipcard.cc/
Origin: https://partnershipcard.cc

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:26:22 GMT
server: cloudflare
etag: W/"5afd4abe-4f71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 02 Feb 2020 17:46:40 GMT
cache-control: public, max-age=30672000
cf-ray: 4a80e044da06bef8-FRA
served-in-seconds: 0.001

GET
H2 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/ 24 KB
8 KB 85ms
24ms Script
application/javascript 2606:4700::6810:5714
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/jquery.validate.min.js

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4a80e0455d089732-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21046-AMS, cache-fra19130-FRA
server: cloudflare
etag: W/"5f30-OBXPEeECCscMyGeJuira8H09tDQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 additional-methods.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/ 22 KB
6 KB 86ms
25ms Script
application/javascript 2606:4700::6810:5714
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.19.0/dist/additional-methods.min.js

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6773268deb1163aadc77eb188fcb53c1bffe115ff89aca865bb1198907374caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 4a80e0455d0a9732-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21032-AMS, cache-fra19135-FRA
server: cloudflare
etag: W/"5885-AHnngD6mDOjieTCkLxAgCfGORPI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
partnershipcard.cc/assets/js/ 50 KB
13 KB 31ms
29ms Script
text/javascript 2606:4700:30::681b:90bc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://partnershipcard.cc/assets/js/bootstrap.min.js
Requested by: Host: partnershipcard.cc
URL: https://partnershipcard.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:90bc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

:path: /assets/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=dd9c6681f061bd6f3c790fc803728b0b21549993600
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: partnershipcard.cc
referer: https://partnershipcard.cc/
:scheme: https
:method: GET
Referer: https://partnershipcard.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 12 Feb 2019 17:46:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 02 Jan 2019 08:46:38 GMT
server: cloudflare
etag: W/"805c5-c75f-57e75af20f780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4a80e044fc4b27aa-FRA
expires: Tue, 12 Feb 2019 21:46:40 GMT

GET jquery.validate.js
cdn.jsdelivr.net/jquery.validation/1.14.0/ 0
0

GET additional-methods.min.js
jqueryvalidation.org/files/dist/ 0
0

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Rajdhani
Origin: https://partnershipcard.cc

Response headers

date: Fri, 08 Feb 2019 15:38:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
age: 353320
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8916
x-xss-protection: 1; mode=block
expires: Sat, 08 Feb 2020 15:38:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Rajdhani
Origin: https://partnershipcard.cc

Response headers

date: Fri, 21 Dec 2018 06:27:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 4619932
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 21 Dec 2019 06:27:48 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: partnershipcard.cc
URL: https://partnershipcard.cc/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i|Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Rajdhani
Origin: https://partnershipcard.cc

Response headers

date: Mon, 14 Jan 2019 19:46:11 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 2498429
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8800
x-xss-protection: 1; mode=block
expires: Tue, 14 Jan 2020 19:46:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/jquery.validation/1.14.0/jquery.validate.js

Domain: jqueryvalidation.org
URL: http://jqueryvalidation.org/files/dist/additional-methods.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: John Lewis Finance (Financial)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.partnershipcard.cc/	1970-01-19 07:18:49	Name: __cfduid Value: dd9c6681f061bd6f3c790fc803728b0b21549993600

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
jqueryvalidation.org
partnershipcard.cc
cdn.jsdelivr.net
jqueryvalidation.org
205.185.208.52
2606:4700:30::681b:90bc
2606:4700:30::681b:91bc
2606:4700::6810:5714
2606:4700::6813:c797
2a00:1450:4001:814::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200a
066e2be7d254e5d13559b742b1099a1bf1f9ede1502944315161c7090f9731ae
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6773268deb1163aadc77eb188fcb53c1bffe115ff89aca865bb1198907374caf
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
9fec2006c4d81c6c58e3f66adc5c1c4953086f0e8e720e3a02efea08a29859de
b3921aee69395dbf9ec55ac3960e110b98fa5a4e6b16a04b0bfb572cdc3fe001
cb8b5767ff51dc6742d3a057d30ae9cd3d0ef62d72c0ac1f6283c5180a93ab01
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e0d7773ae2372286099dab4db08e7337fa5e4e260270c29b8b27498ff98d4381
f6c902601fcf1269e64ece29edfc064716b37c0e315adc1e5138ed73cbf7ecf0
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

partnershipcard.cc Open in urlscan Pro 2606:4700:30::681b:90bc Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

89 %HTTPS

88 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

171 kBTransfer

522 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

13 JavaScript Global Variables

1 Cookies

Indicators

partnershipcard.cc Open in urlscan Pro
2606:4700:30::681b:90bc Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

171 kB
Transfer

522 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!