forum.square-enix.com-e.top
Open in
urlscan Pro
169.255.59.92
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On August 22 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 29th 2022. Valid for: 3 months.
This is the only time forum.square-enix.com-e.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 2 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 169.255.59.92 169.255.59.92 | 327813 (Web4Africa) (Web4Africa) | |
13 | 124.150.158.110 124.150.158.110 | 23784 (POLEXCHEN...) (POLEXCHENGE SQUARE ENIX CO.) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 4 |
ASN327813 (Web4Africa, ZA)
PTR: server1.xpresstrategy.net
forum.square-enix.com-e.top |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
square-enix.com
secure.square-enix.com — Cisco Umbrella Rank: 388352 |
164 KB |
1 |
gstatic.com
www.gstatic.com |
156 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 9 |
968 B |
1 |
com-e.top
forum.square-enix.com-e.top |
6 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
13 | secure.square-enix.com |
forum.square-enix.com-e.top
secure.square-enix.com |
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
forum.square-enix.com-e.top
|
1 | forum.square-enix.com-e.top | |
16 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
na.finalfantasyxiv.com |
www.square-enix.com |
square-enix-games.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
forum.square-enix.com-e.top cPanel, Inc. Certification Authority |
2022-06-29 - 2022-09-27 |
3 months | crt.sh |
secure.square-enix.com DigiCert SHA2 Extended Validation Server CA |
2022-04-27 - 2023-05-28 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://forum.square-enix.com-e.top/ffxiv/forums/827941/reply
Frame ID: 61BF401BAF0CD0E43D9B083452D0B4A5
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
FINAL FANTASY XIV, The LodestoneDetected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: About Square Enix Accounts
Search URL Search Domain Scan URL
Title: SQUARE ENIX
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
reply
forum.square-enix.com-e.top/ffxiv/forums/827941/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
secure.square-enix.com/oauth/content/css/ffxiv_lodestone/pc/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
secure.square-enix.com/oauth/content/css/ffxiv_lodestone/pc/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
secure.square-enix.com/oauth/content/jquery/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.easing.1.3.js
secure.square-enix.com/oauth/content/js/ |
8 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oauth.js
secure.square-enix.com/oauth/content/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
is_iframe.js
secure.square-enix.com/oauth/content/js/ |
173 B 575 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swk.js
secure.square-enix.com/oauth/content/swk/ |
33 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 968 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lds_sqex_logo.png
secure.square-enix.com/oauth/content/image/common/ffxiv_lodestone/pc/ |
930 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lds_body-bk_en.png
secure.square-enix.com/oauth/content/image/common/ffxiv_lodestone/pc/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lds_line.png
secure.square-enix.com/oauth/content/image/common/ffxiv_lodestone/pc/ |
148 B 522 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lds_btHomeIcon.png
secure.square-enix.com/oauth/content/image/common/ffxiv_lodestone/pc/ |
983 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lds_navi_arrow.png
secure.square-enix.com/oauth/content/image/common/ffxiv_lodestone/pc/ |
348 B 723 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lds_footer_bk_janaeufr.png
secure.square-enix.com/oauth/content/image/common/ffxiv_lodestone/pc/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__fi.js
www.gstatic.com/recaptcha/releases/PRMRaAwB3KlylGQR57Dyk-pF/ |
390 KB 156 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.domain
Submitted on
August 22nd 2022, 4:13:52 pm
UTC —
From United Kingdom
Threats:
Phishing
Brand Impersonation
Scam
Comment: Phishing site for square-enix.com for stealing login details
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
223 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery boolean| g_clickCheck string| g_eventElementName function| ctrEvent undefined| g_ctrClickCheckTimer function| ctrResetClickCheck function| ctrStartClickCheckResetTimer function| ctrGetKeyCode object| h object| aa object| m function| ba function| n function| q function| ca function| r function| da function| ea function| s string| t number| ga function| ha function| ia function| ja function| ka function| u object| v function| w function| x function| la function| ma undefined| na function| y function| z function| A function| oa function| pa object| qa function| ra function| sa object| ta object| ua object| va object| wa object| xa function| ya function| za boolean| B boolean| Aa boolean| Ba boolean| Ca boolean| Da boolean| Ea function| Fa function| Ga string| Ha object| Ia boolean| Ja boolean| C boolean| D boolean| Ka boolean| La object| Ma boolean| Na string| Oa string| Pa object| Qa undefined| Ra object| Sa object| Ta function| E function| F function| Ua function| Va object| Wa function| Xa function| Ya function| Za function| $a function| bb function| ab function| G function| H function| I function| J object| cb boolean| db function| eb number| fb function| K function| L function| M function| gb boolean| hb string| ib function| jb function| kb function| lb function| mb function| nb function| ob function| pb function| qb function| rb function| sb function| tb object| N object| O object| P object| ub function| Q function| wb function| R function| xb function| yb function| vb function| zb function| Ab function| S object| Bb function| Cb function| Db function| T boolean| Eb function| Fb function| Gb function| Kb function| Lb function| Ib function| Jb function| Hb function| Mb function| Nb function| Pb function| Qb object| Rb function| Ob function| Sb function| Tb function| Ub function| Vb object| Wb function| Xb function| Yb function| U function| $b function| Zb function| ac function| bc function| cc object| dc function| ec number| fc function| V function| W object| gc object| hc object| ic object| jc object| kc function| lc function| X function| mc object| nc object| oc function| pc function| qc function| rc function| sc function| tc object| uc number| wc number| xc object| yc function| vc function| zc function| Ac function| Bc function| Ec function| Dc function| Fc object| Y function| Z function| Gc function| Hc function| Jc function| Ic function| Kc function| Lc function| Mc function| Nc function| Oc function| Pc function| Qc function| Rc function| Sc object| Tc object| Uc function| Vc function| Wc function| Xc function| Yc string| Zc string| $c function| ad function| bd function| cd function| dd number| closure_hashCode_btqqa3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
forum.square-enix.com-e.top
secure.square-enix.com
www.google.com
www.gstatic.com
124.150.158.110
169.255.59.92
2a00:1450:4001:810::2004
2a00:1450:4001:829::2003
055654da8cf7fe8a41c3721c41ccf4ba7494e954fb7f48ec178add236e22a87f
1362b0ef745a730decd10e03638fe521aa90c834962b143badc56875c8867d73
39f027b29a794a11bba08ed6af710cbd54fc03742acab73de8b477a87a6eb97e
58ca479c147ea9a2cadd80662bfbbd939baf2c35361dd8010d1a38d456ed3e00
67fb5990afc0f67a3670a612ae89f94c290c08957938f48ea3e12a5cdb8d5517
727954b42405a4c14860ee50158454ba15d800a150364b13ccce103a17361849
73d066fdcf0ef3de55c490a4105672112f64f5df30b4029d95c96441c4a1a886
758d74d40dbab7ab6d66e3fad810ab250d69a812ab06a41696cec288ae8d39c9
91edb3c289aafd7384bcf935a583883dad251d9def1f55110f4eb00f632a0336
b8f7b6fcfe4c0baee0c9b1f10aa3aa42b35eb3a6583a97fcef1287e959a52b6a
beb1ffa90a4ab9037b57c3fcfb7f47874db40b2c67d1d213151a083ea0126c20
cb1b4495577f5e3c20f5e111c559df0ae753595e3c8951780f302e5e263407e7
d3906b242e62d21e76a257d4208e9380b0e0c9f637fc4ac92d63ca2586cced25
dbc4530dae0064f3d06ba1384c1883194e51aedfc94e2505a5fdaf3a901e3d74
df1298a4143e339316b78e4de77da2ff08d25e6c8f6fa3f40f5e367ba4cd6ea2
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d