partnership-card.co.uk Open in urlscan Pro
94.242.227.57 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://partnership-card.co.uk/
Effective URL:
https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/login.php?ssl_id=b30eefa9a6f5e5a3930bef861046019b
Submission: On February 27 via manual (February 27th 2019, 7:47:26 am UTC) from GB

Summary HTTP 70 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 17 domains to perform 70 HTTP transactions. The main IP is 94.242.227.57, located in Luxembourg and belongs to ROOT, LU. The main domain is partnership-card.co.uk.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 11th 2019. Valid for: 3 months.

This is the only time partnership-card.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: John Lewis Finance (Financial)

Domain & IP information

	IP Address	AS Autonomous System
3 54	94.242.227.57 94.242.227.57	5577 (ROOT) (ROOT)
1 5	34.247.143.160 34.247.143.160	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	54.154.86.186 54.154.86.186	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	130.248.145.246 130.248.145.246	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	2.19.41.153 2.19.41.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	35.190.74.53 35.190.74.53	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.248.208.147 34.248.208.147	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.33.223.206 185.33.223.206	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	18.153.11.15 18.153.11.15	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	18.153.11.16 18.153.11.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	172.217.22.34 172.217.22.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	213.19.162.80 213.19.162.80	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1 1	2a00:1288:110... 2a00:1288:110:422::3000	() ()
1	104.108.51.30 104.108.51.30	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 1	54.246.153.43 54.246.153.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.154.0.227 54.154.0.227	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
70	15

54 94.242.227.57 (Luxembourg) 3 redirects

ASN5577 (ROOT, LU)
PTR: cat24.steeldns.com

partnership-card.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.247.143.160 (United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-143-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.86.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-86-186.eu-west-1.compute.amazonaws.com

johnlewis.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.248.145.246 (San Jose, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: johnlewis-insurance.com.102.112.2o7.net

ssite.johnlewis-insurance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.41.153 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-41-153.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.74.53 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 53.74.190.35.bc.googleusercontent.com

pix.impdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.208.147 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-248-208-147.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.206 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.11.15 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-15.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.153.11.16 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.34 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f34.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:422::3000 (United Kingdom) 1 redirects

ASN- ()

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.51.30 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-51-30.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.153.43 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-153-43.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.0.227 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-0-227.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	partnership-card.co.uk 3 redirects partnership-card.co.uk	1 MB
6	demdex.net 1 redirects dpm.demdex.net johnlewis.demdex.net	4 KB
3	impdesk.com pix.impdesk.com	405 B
2	adsrvr.org 1 redirects insight.adsrvr.org match.adsrvr.org	465 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	812 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
1	bluekai.com tags.bluekai.com	676 B
1	yahoo.com 1 redirects ads.yahoo.com	684 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	adnxs.com ib.adnxs.com	832 B
1	google-analytics.com ssl.google-analytics.com	269 B
1	thebrighttag.com s.thebrighttag.com	710 B
1	btstatic.com s.btstatic.com	12 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	johnlewis-insurance.com ssite.johnlewis-insurance.com	735 B
1	google.co.uk www.google.co.uk	383 B
1	google.com www.google.com	109 B
70	17

	Domain	Requested by
54	partnership-card.co.uk	3 redirects partnership-card.co.uk
5	dpm.demdex.net	1 redirects partnership-card.co.uk
3	pix.impdesk.com	partnership-card.co.uk
2	cm.g.doubleclick.net	2 redirects
2	x.bidswitch.net	1 redirects partnership-card.co.uk
1	match.adsrvr.org	partnership-card.co.uk
1	insight.adsrvr.org	1 redirects
1	tags.bluekai.com	partnership-card.co.uk
1	ads.yahoo.com	1 redirects
1	pixel.rubiconproject.com	partnership-card.co.uk
1	ib.adnxs.com	partnership-card.co.uk
1	ssl.google-analytics.com	partnership-card.co.uk
1	s.thebrighttag.com	partnership-card.co.uk
1	s.btstatic.com	partnership-card.co.uk
1	cm.everesttech.net	1 redirects
1	ssite.johnlewis-insurance.com	partnership-card.co.uk
1	johnlewis.demdex.net	partnership-card.co.uk
1	www.google.co.uk	partnership-card.co.uk
1	www.google.com	partnership-card.co.uk
70	19

This site contains no links.

Subject Issuer	Validity	Valid
www.partnership-card.accounts-one.com Let's Encrypt Authority X3	`2019-02-11` - `2019-05-12`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
www.google.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
www.google.co.uk Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
ssite.johnlewis-insurance.com DigiCert SHA2 Secure Server CA	`2019-02-06` - `2020-07-26`	a year	crt.sh
a.s.thebrighttag.com DigiCert SHA2 Secure Server CA	`2018-03-02` - `2020-02-20`	2 years	crt.sh
*.impdesk.com Starfield Secure Certificate Authority - G2	`2018-03-20` - `2019-04-03`	a year	crt.sh
*.thebrighttag.com DigiCert SHA2 Secure Server CA	`2018-04-04` - `2020-04-03`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-01-29` - `2019-04-23`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert ECC Secure Server CA	`2018-12-10` - `2020-03-10`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2017-02-15` - `2019-04-19`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/login.php?ssl_id=b30eefa9a6f5e5a3930bef861046019b
Frame ID: DBFB1A1B5BD77171BF62734FBFE9B38D
Requests: 54 HTTP requests in this frame

Frame: https://johnlewis.demdex.net/dest5.html?d_nsid=0
Frame ID: 2AFA903FA96137534FB11EFAB4BA9F14
Requests: 1 HTTP requests in this frame

Frame: https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/assets/activityi.htm
Frame ID: 0415F1605901AEAA2F91EB19E17376C7
Requests: 3 HTTP requests in this frame

Frame: https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/assets/smart.htm
Frame ID: 8B9496D8EACBC1360DE77DAE47E5224E
Requests: 1 HTTP requests in this frame

Frame: https://pix.impdesk.com/csync/fire/multi.html?inc=adb,obk
Frame ID: 6905E44035521CDE780AB33C5E85E846
Requests: 1 HTTP requests in this frame

Frame: https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/assets/smart_data/multi.htm
Frame ID: 542D5F59B4CAA95D58D2A63B69E57E1E
Requests: 7 HTTP requests in this frame

Frame: https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/assets/activityi_data/up.htm
Frame ID: 0DE6FCDCB92A87ED3D669BA5B215C54C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=t72xvkg&ref=https%3A%2F%2Fpartnership-card.co.uk%2Fsecure%2F87e5b105c853dc479aeb368bac173e17%2Flogin.php%3Fssl_id%3Db30eefa9a6f5e5a3930bef861046019b&upid=6eyynsh&osi=639c26af03a5446c3a3acd09b20132f9&osv=1.1&upv=1.1.3
Frame ID: 4BF92EB58AA43750624F56BB9C1EEAF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://partnership-card.co.uk/ HTTP 301
https://partnership-card.co.uk/ HTTP 302
https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/index.php?ssl_id=b30eefa9a6f5e5a3930... HTTP 302
https://partnership-card.co.uk/secure/87e5b105c853dc479aeb368bac173e17/login.php?ssl_id=b30eefa9a6f5e5a3930... Page URL