verve-lounge.com
Open in
urlscan Pro
50.87.2.116
Malicious Activity!
Public Scan
Effective URL: https://verve-lounge.com/37642/3680/zmfwx36lierf1stbpt4eiv8u.php?wa=wsignin1.0&rpsnv=13&ct=958401163&rver=7aa878a83310ae7...
Submission: On February 28 via manual from IN
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 18th 2019. Valid for: 3 months.
This is the only time verve-lounge.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 21 | 50.87.2.116 50.87.2.116 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
1 1 | 163.166.156.201 163.166.156.201 | 15914 () () | |
1 | 104.111.238.75 104.111.238.75 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
21 | 2 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 50-87-2-116.unifiedlayer.com
verve-lounge.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-238-75.deploy.static.akamaitechnologies.com
www.britishairways.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
verve-lounge.com
1 redirects
verve-lounge.com |
194 KB |
1 |
britishairways.com
www.britishairways.com |
849 B |
1 |
ba.com
1 redirects
ba.com |
526 B |
21 | 3 |
Domain | Requested by | |
---|---|---|
21 | verve-lounge.com |
1 redirects
verve-lounge.com
|
1 | www.britishairways.com |
verve-lounge.com
|
1 | ba.com | 1 redirects |
21 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
theverve.bar Let's Encrypt Authority X3 |
2019-01-18 - 2019-04-18 |
3 months | crt.sh |
www.britishairways.com GlobalSign Extended Validation CA - SHA256 - G3 |
2018-07-30 - 2019-09-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://verve-lounge.com/37642/3680/zmfwx36lierf1stbpt4eiv8u.php?wa=wsignin1.0&rpsnv=13&ct=958401163&rver=7aa878a83310ae701c835665a4448fd6&wp=MBI_SSL_SHARED&wreply=inbox&lc=1024&id=7AA878A83310AE701C835665A4448FD6&mkt=en-us&cbcxt=mai&email=gurpreet.k.grewal@ba.com
Frame ID: 7CAA470AADFB43D183CCBD7DE79381CB
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://verve-lounge.com/37642/3680/?email=gurpreet.k.grewal@ba.com
HTTP 302
https://verve-lounge.com/37642/3680/zmfwx36lierf1stbpt4eiv8u.php?wa=wsignin1.0&rpsnv=13&ct=958401163&... Page URL
Detected technologies
RoundCube (Web Mail) ExpandDetected patterns
- env /^(?:rcmail|rcube_|roundcube)/i
PHP (Programming Languages) Expand
Detected patterns
- env /^(?:rcmail|rcube_|roundcube)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery-ui.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://verve-lounge.com/37642/3680/?email=gurpreet.k.grewal@ba.com
HTTP 302
https://verve-lounge.com/37642/3680/zmfwx36lierf1stbpt4eiv8u.php?wa=wsignin1.0&rpsnv=13&ct=958401163&rver=7aa878a83310ae701c835665a4448fd6&wp=MBI_SSL_SHARED&wreply=inbox&lc=1024&id=7AA878A83310AE701C835665A4448FD6&mkt=en-us&cbcxt=mai&email=gurpreet.k.grewal@ba.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- http://ba.com/favicon.ico HTTP 301
- https://www.britishairways.com/favicon.ico
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
zmfwx36lierf1stbpt4eiv8u.php
verve-lounge.com/37642/3680/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
verve-lounge.com/37642/3680/bootstrap/ |
46 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.9.2.custom.css
verve-lounge.com/37642/3680/plugins/jqueryui/themes/larry/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui.js
verve-lounge.com/37642/3680/bootstrap/ |
34 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
verve-lounge.com/37642/3680/bootstrap/ |
94 KB 38 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.min.js
verve-lounge.com/37642/3680/bootstrap/ |
13 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.min.js
verve-lounge.com/37642/3680/bootstrap/ |
128 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jstz.min.js
verve-lounge.com/37642/3680/bootstrap/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui-1.9.2.custom.min.js
verve-lounge.com/37642/3680/bootstrap/ |
231 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.britishairways.com/ Redirect Chain
|
1 KB 849 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linen.jpg
verve-lounge.com/37642/3680/bootstrap/images/ |
421 B 421 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajaxloader.gif
verve-lounge.com/37642/3680/skins/larry/images/ |
428 B 428 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.png
verve-lounge.com/37642/3680/skins/larry/images/ |
425 B 425 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
addcontact.png
verve-lounge.com/37642/3680/skins/larry/images/ |
428 B 428 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
filetypes.png
verve-lounge.com/37642/3680/skins/larry/images/ |
427 B 427 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
listicons.png
verve-lounge.com/37642/3680/skins/larry/images/ |
427 B 427 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messages.png
verve-lounge.com/37642/3680/skins/larry/images/ |
426 B 426 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quota.png
verve-lounge.com/37642/3680/skins/larry/images/ |
423 B 423 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
selector.png
verve-lounge.com/37642/3680/skins/larry/images/ |
426 B 426 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
splitter.png
verve-lounge.com/37642/3680/skins/larry/images/ |
426 B 426 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watermark.jpg
verve-lounge.com/37642/3680/skins/larry/images/ |
427 B 427 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| rcube_mail_ui function| rcube_scroller function| rcube_splitter function| $ function| jQuery number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_check_email function| rcube_clone_object function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie function| rcube_console object| bw object| Base64 function| rcube_webmail object| jstz object| rcmail function| MM_findObj function| MM_validateForm object| jQuery111005603501728864118 function| DP_jQuery_1551355724288 object| UI object| img1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
verve-lounge.com/ | Name: PHPSESSID Value: 89bvtado7chr9kcdthfjuh1vg5 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ba.com
verve-lounge.com
www.britishairways.com
104.111.238.75
163.166.156.201
50.87.2.116
04226e27215fbae4f9a3bed6912905277a512d7f1b906cf494d1d6a5ddd93d20
2d7f43c7ddda4bc107c80e268023650196b790f2b9ebc4b73e8908af1787d4f5
32f59f8128d42dda46d1e3234d326574d25659bda0cd5762021e619c1a738ea6
3a0f63086f14f8ee84e56e453b1ff5dfecf322242093bee619ba07f9f6223277
42932b93fe9a57a2a25b421135116b1e2aa55a6b8a4da17b4f5c9c0d3c2c1c23
68c5afc4adfc13ed54a96b67bb860d47bb7603527a13c80d0e15e62b5acd4658
750b4c101a27d505e2956026fbfce175b62e96ac876599733915a227c217a066
928e2c42cb067d77bb189653926f4e4e5e506387a9e5d85d08d5d43a6983b0d9
9697db1d579ff117251adef6949264c9e3462d49cccd0c824ce90b15ea6161a8
a747a338fc426e592439a836cc8e6cd1e12b1a251dc4d5d88f85d2e1a323e736
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
c21819444c59933ada030bc71b93325df463d5644fd75181f8bbd5c69c07912a
c334e433237e05bcf69dede2d3c1b44df6a5078f2a35fb69fabd1bca908aecb5
c8c6739600603a431c5ad11aee30a8cecda0a2853f542a3996ab53fb1035df39
d3e113dfb56bb68b06229fd81043f18d44613913d451dd329441cdec128d2281
d48434a2020a93155c82f615d93a5af2f4c7bf494dd4353532bf7c158dd25ce5
e06b41e2ced731e888fbf430c42172f20e4b8c36cb23acb851a16c6da649a290
e4048613475c00b1a77c90d3f7a8f9c0986cc710eff9ad990db9701d2e9995c4
f3ffb0e895c8503c8ae77b9ab28700f88c7fc5d966882634c059042f94dc3f85
f63ffa752044f857838b22cab1b1098dfab0701184ab6fcbf447c63e829660f5