urlscan.io logo urlscan.io
SecurityTrails logo

forum.square-enix.com-bg.eu Open in urlscan Pro
78.40.143.142  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Submission Tags: #ff14 #ffxiv #square enix Search All
Submission: On June 26 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 78.40.143.142, located in Bulgaria and belongs to VESTITEL-AS, BG. The main domain is forum.square-enix.com-bg.eu.
TLS certificate: Issued by R3 on June 21st 2023. Valid for: 3 months.
This is the only time forum.square-enix.com-bg.eu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Square Enix (Gaming)

Domain & IP information

IP Address AS Autonomous System
1 78.40.143.142 39505 (VESTITEL-AS)
18 124.150.158.110 23784 (POLEXCHEN...)
4 172.217.175.68 15169 (GOOGLE)
6 142.250.199.99 15169 (GOOGLE)
1 142.250.196.131 15169 (GOOGLE)
30 6
1    78.40.143.142 (Bulgaria)

ASN39505 (VESTITEL-AS, BG)
forum.square-enix.com-bg.eu
18    124.150.158.110 (Japan)

ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP)
secure.square-enix.com
4    172.217.175.68 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f4.1e100.net
www.google.com
6    142.250.199.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f3.1e100.net
www.gstatic.com
1    142.250.196.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
18 square-enix.com
secure.square-enix.com — Cisco Umbrella Rank: 533668
217 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
581 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
31 KB
1 com-bg.eu
forum.square-enix.com-bg.eu
10 KB
30 4
Domain Requested by
18 secure.square-enix.com forum.square-enix.com-bg.eu
secure.square-enix.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com forum.square-enix.com-bg.eu
www.gstatic.com
www.google.com
1 fonts.gstatic.com www.google.com
1 forum.square-enix.com-bg.eu
30 5

This site contains links to these domains. Also see Links.

Domain
square-enix-games.com
support.eu.square-enix.com
Subject Issuer Validity Valid
*.com-bg.eu
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
secure.square-enix.com
DigiCert EV RSA CA G2		 2023-05-01 -
2024-05-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Frame ID: 7CD62E61EBF3BEEF13B21A894329F686
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
Frame ID: E19554E41F61381C414E4A3BAE6F8FB2
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=IqA9DpBOUJevxkykws9RiIBs&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q
Frame ID: 3EF0560404BD47BD43CB21E99B31F1CB
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Square Enix Forums

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

839 kB
Transfer

1703 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request reply
forum.square-enix.com-bg.eu/ffxiv/forums/974915/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.40.143.142 , Bulgaria, ASN39505 (VESTITEL-AS, BG),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d2fb50e4baeeac354da4c495b1d829de2c3c674c355f3bb2ee69bac0a54f7642

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
10347
date
Mon, 26 Jun 2023 08:47:38 GMT
last-modified
Fri, 16 Jun 2023 10:50:45 GMT
server
LiteSpeed
reset.css
secure.square-enix.com/account/content/flat/common/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/account/content/flat/common/css/reset.css?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
4a853ba1edbd4da68cfc48b692d7cedd0bfd81de8a1da01166024ec973aaccc2
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"4ba-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
1210
X-XSS-Protection
1; mode=block
core.css
secure.square-enix.com/account/content/flat/responsive/css/ 		25 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/account/content/flat/responsive/css/core.css?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
9d6f3097426937fdd5f1e6351e2bbd0294705dc333a5a535464c23cf924a0867
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"636b-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
25451
X-XSS-Protection
1; mode=block
base.css
secure.square-enix.com/account/content/flat/responsive/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
2e779a124d810aab2b8d8bef928d36ccf4d7cde7837de93dc182ece24b0e399e
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"5b96-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
23446
X-XSS-Protection
1; mode=block
main.css
secure.square-enix.com/account/content/flat/responsive/css/ 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
ef8e1f482a1e306a18d50fb4b379e8999ae929fc905445166bfed7f9dd239980
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"3fc2-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
16322
X-XSS-Protection
1; mode=block
jquery-3.5.1.min.js
secure.square-enix.com/oauth/content/jquery/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/oauth/content/jquery/jquery-3.5.1.min.js?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Tue, 23 May 2023 05:17:02 GMT
Server
Apache
ETag
"15d84-5fc557f512f80"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
89476
X-XSS-Protection
1; mode=block
jquery.easing.1.3.js
secure.square-enix.com/oauth/content/js/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/oauth/content/js/jquery.easing.1.3.js?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
73d066fdcf0ef3de55c490a4105672112f64f5df30b4029d95c96441c4a1a886
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Tue, 23 May 2023 05:17:11 GMT
Server
Apache
ETag
"1f80-5fc557fda83c0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=100
Content-Length
8064
X-XSS-Protection
1; mode=block
logo.js
secure.square-enix.com/oauth/content/js/ 		341 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/oauth/content/js/logo.js?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
8efe2cd16b305535611ba7eff6711c3b8fa1a1d5c1fbf94531f57c8950712ced
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Tue, 23 May 2023 05:14:10 GMT
Server
Apache
ETag
"155-5fc557510ac80"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
341
X-XSS-Protection
1; mode=block
swk.js
secure.square-enix.com/oauth/content/swk/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/oauth/content/swk/swk.js?ver=09202340023127&lang=en&src=https://secure.square-enix.com/oauth/content/swk
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
cb1b4495577f5e3c20f5e111c559df0ae753595e3c8951780f302e5e263407e7
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Tue, 23 May 2023 05:15:54 GMT
Server
Apache
ETag
"8596-5fc557b439680"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
34198
X-XSS-Protection
1; mode=block
api.js
www.google.com/recaptcha/ 		850 B
878 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
GSE /
Resource Hash
092a690c556396c5c85bb83728e427187415bcc74a7be26c340d0d3affd70129
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 08:47:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
x-xss-protection
1; mode=block
expires
Mon, 26 Jun 2023 08:47:39 GMT
is_iframe.js
secure.square-enix.com/oauth/content/js/ 		173 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.square-enix.com/oauth/content/js/is_iframe.js?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
91edb3c289aafd7384bcf935a583883dad251d9def1f55110f4eb00f632a0336
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Tue, 23 May 2023 05:16:04 GMT
Server
Apache
ETag
"ad-5fc557bdc2d00"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
173
X-XSS-Protection
1; mode=block
login.png
secure.square-enix.com/account/content/flat/responsive/img/login/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/login/icon/login.png?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
3fdef8e0c59e6d05ca7252e08ae8d6c9424773912d3c2f22e9e105b9fb121926
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"7c0-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
1984
X-XSS-Protection
1; mode=block
signup.png
secure.square-enix.com/account/content/flat/responsive/img/login/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/login/icon/signup.png?ver=09202340023127
Requested by
Host: forum.square-enix.com-bg.eu
URL: https://forum.square-enix.com-bg.eu/ffxiv/forums/974915/reply
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
3ab53eebd2750d61104f2bfc0e2350237b119ff8c37dfe880cf672bb57c72339
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://forum.square-enix.com-bg.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"6e5-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
1765
X-XSS-Protection
1; mode=block
pc.png
secure.square-enix.com/account/content/flat/responsive/img/header/logo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/header/logo/pc.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
c7e06e45feb9bba80caa9974d7938e8f2f5ca62989deda329ec248bb4a19d1e0
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"10d8-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=98
Content-Length
4312
X-XSS-Protection
1; mode=block
icon_pc.png
secure.square-enix.com/account/content/flat/responsive/img/contentbox/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/contentbox/header/icon_pc.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
f69809e527e33af6e8c8b4dd7aa4af28747da778e83e675efc7ae2cbe24665aa
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"469-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
1129
X-XSS-Protection
1; mode=block
id.png
secure.square-enix.com/account/content/flat/responsive/img/login/icon/ 		354 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/login/icon/id.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
c09416eded136096230b7096eda4b028e05bd909e010c0a496eaccd726443f8f
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"162-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
354
X-XSS-Protection
1; mode=block
password.png
secure.square-enix.com/account/content/flat/responsive/img/login/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/login/icon/password.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
ae495f3fcf5a0418cc3f9bcdf9541bdb08f6f1841176e5e3527c5d9b075e006c
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"573-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=99
Content-Length
1395
X-XSS-Protection
1; mode=block
onetime.png
secure.square-enix.com/account/content/flat/responsive/img/login/icon/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/login/icon/onetime.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
a067ec66bb9cf8b4bb36b6df52aa7e8ac7054599d078994167a232e929c4a71d
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/main.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"5ea-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
1514
X-XSS-Protection
1; mode=block
pc.png
secure.square-enix.com/account/content/flat/responsive/img/misc/icon/next/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/misc/icon/next/pc.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
d557ff8fc59eb1dbc9bcb2bfdbfe6a7072a53e111391c83fd694e27a957abb17
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"85e-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
2142
X-XSS-Protection
1; mode=block
pc.png
secure.square-enix.com/account/content/flat/responsive/img/footer/icon/arrow/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.square-enix.com/account/content/flat/responsive/img/footer/icon/arrow/pc.png?ver=09202331052622
Requested by
Host: secure.square-enix.com
URL: https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
124.150.158.110 , Japan, ASN23784 (POLEXCHENGE SQUARE ENIX CO., LTD., JP),
Reverse DNS
Software
Apache /
Resource Hash
a2bee0679800bdda01132e21f0afd98c32e72075d6e290a4f62a9d93d87d4cd1
Security Headers
Name Value
Strict-Transport-Security max-age=600; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://secure.square-enix.com/account/content/flat/responsive/css/base.css?ver=09202340023127
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Mon, 26 Jun 2023 08:47:39 GMT
Strict-Transport-Security
max-age=600; includeSubDomains
Last-Modified
Mon, 22 May 2023 00:33:51 GMT
Server
Apache
ETag
"552-5fc3d6cbbb9c0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=3, max=97
Content-Length
1362
X-XSS-Protection
1; mode=block
recaptcha__en.js
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ 		427 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://forum.square-enix.com-bg.eu/
Origin
https://forum.square-enix.com-bg.eu
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 19:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175191
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 18:10:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Jun 2024 19:19:27 GMT
anchor
www.google.com/recaptcha/api2/ Frame E195 		52 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
GSE /
Resource Hash
c1c5b90d121eb82df80d84fbaa24e48d4388932ff263c3596b66fecc1a71ba41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VKB4Rg510vNCHNcZftu7fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forum.square-enix.com-bg.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
29005
content-security-policy
script-src 'report-sample' 'nonce-VKB4Rg510vNCHNcZftu7fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jun 2023 08:47:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame E195 		55 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 03:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 18:10:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jun 2024 03:16:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame E195 		427 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 19:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175191
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 18:10:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Jun 2024 19:19:27 GMT
truncated
/ Frame E195 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E195 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E195 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 14:16:28 GMT
x-content-type-options
nosniff
age
153072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 01 Jul 2023 14:16:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E195 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 09:42:18 GMT
x-content-type-options
nosniff
age
169523
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 09:42:18 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E195 		102 B
203 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=IqA9DpBOUJevxkykws9RiIBs
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
GSE /
Resource Hash
7cdd1ac485682bdbec3acd13ad2f7121dc33a37c8b1b9e295dccf11cab871a0a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q&co=aHR0cHM6Ly9mb3J1bS5zcXVhcmUtZW5peC5jb20tYmcuZXU6NDQz&hl=en&v=IqA9DpBOUJevxkykws9RiIBs&size=normal&cb=wkuc2ez7bu5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 08:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Mon, 26 Jun 2023 08:47:40 GMT
bframe
www.google.com/recaptcha/api2/ Frame 3EF0 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=IqA9DpBOUJevxkykws9RiIBs&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f4.1e100.net
Software
GSE /
Resource Hash
eeed75953670fcb86cee24f99ae9d813f1414dac9444c1f00b38445f9dbb5517
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wXWYpKpZObfBY4I_uxbQ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://forum.square-enix.com-bg.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1157
content-security-policy
script-src 'report-sample' 'nonce-wXWYpKpZObfBY4I_uxbQ7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jun 2023 08:47:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 3EF0 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=IqA9DpBOUJevxkykws9RiIBs&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 03:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106244
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 18:10:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jun 2024 03:16:56 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/ Frame 3EF0 		427 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/IqA9DpBOUJevxkykws9RiIBs/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=IqA9DpBOUJevxkykws9RiIBs&k=6LeJOCYlAAAAAFL8Nt66VzwYEZ3qPO3XOp2WKv2q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
sffe /
Resource Hash
02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 19:19:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134893
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175191
x-xss-protection
0
last-modified
Tue, 20 Jun 2023 18:10:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Jun 2024 19:19:27 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Square Enix (Gaming)

220 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| h object| aa object| m function| ba function| n function| q function| ca function| r function| da function| ea function| s string| t number| ga function| ha function| ia function| ja function| ka function| u object| v function| w function| x function| la function| ma undefined| na function| y function| z function| A function| oa function| pa object| qa function| ra function| sa object| ta object| ua object| va object| wa object| xa function| ya function| za boolean| B boolean| Aa boolean| Ba boolean| Ca boolean| Da boolean| Ea function| Fa function| Ga string| Ha object| Ia boolean| Ja boolean| C boolean| D boolean| Ka boolean| La object| Ma boolean| Na string| Oa string| Pa object| Qa undefined| Ra object| Sa object| Ta function| E function| F function| Ua function| Va object| Wa function| Xa function| Ya function| Za function| $a function| bb function| ab function| G function| H function| I function| J object| cb boolean| db function| eb number| fb function| K function| L function| M function| gb boolean| hb string| ib function| jb function| kb function| lb function| mb function| nb function| ob function| pb function| qb function| rb function| sb function| tb object| N object| O object| P object| ub function| Q function| wb function| R function| xb function| yb function| vb function| zb function| Ab function| S object| Bb function| Cb function| Db function| T boolean| Eb function| Fb function| Gb function| Kb function| Lb function| Ib function| Jb function| Hb function| Mb function| Nb function| Pb function| Qb object| Rb function| Ob function| Sb function| Tb function| Ub function| Vb object| Wb function| Xb function| Yb function| U function| $b function| Zb function| ac function| bc function| cc object| dc function| ec number| fc function| V function| W object| gc object| hc object| ic object| jc object| kc function| lc function| X function| mc object| nc object| oc function| pc function| qc function| rc function| sc function| tc object| uc number| wc number| xc object| yc function| vc function| zc function| Ac function| Bc function| Ec function| Dc function| Fc object| Y function| Z function| Gc function| Hc function| Jc function| Ic function| Kc function| Lc function| Mc function| Nc function| Oc function| Pc function| Qc function| Rc function| Sc object| Tc object| Uc function| Vc function| Wc function| Xc function| Yc string| Zc string| $c function| ad function| bd function| cd function| dd number| closure_hashCode_vgm5h function| changeTabIndex function| ctrSetTabIndex function| setTabIndexLoop object| node string| cr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_270228

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
forum.square-enix.com-bg.eu
secure.square-enix.com
www.google.com
www.gstatic.com
124.150.158.110
142.250.196.131
142.250.199.99
172.217.175.68
78.40.143.142
02ca49fda602d411bc21fbfa941871cd8944352e3ffb6b289b4f86eb1849a6c5
092a690c556396c5c85bb83728e427187415bcc74a7be26c340d0d3affd70129
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2e779a124d810aab2b8d8bef928d36ccf4d7cde7837de93dc182ece24b0e399e
3ab53eebd2750d61104f2bfc0e2350237b119ff8c37dfe880cf672bb57c72339
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdef8e0c59e6d05ca7252e08ae8d6c9424773912d3c2f22e9e105b9fb121926
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a853ba1edbd4da68cfc48b692d7cedd0bfd81de8a1da01166024ec973aaccc2
73d066fdcf0ef3de55c490a4105672112f64f5df30b4029d95c96441c4a1a886
7cdd1ac485682bdbec3acd13ad2f7121dc33a37c8b1b9e295dccf11cab871a0a
8efe2cd16b305535611ba7eff6711c3b8fa1a1d5c1fbf94531f57c8950712ced
91edb3c289aafd7384bcf935a583883dad251d9def1f55110f4eb00f632a0336
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9d6f3097426937fdd5f1e6351e2bbd0294705dc333a5a535464c23cf924a0867
a067ec66bb9cf8b4bb36b6df52aa7e8ac7054599d078994167a232e929c4a71d
a2bee0679800bdda01132e21f0afd98c32e72075d6e290a4f62a9d93d87d4cd1
ae495f3fcf5a0418cc3f9bcdf9541bdb08f6f1841176e5e3527c5d9b075e006c
c09416eded136096230b7096eda4b028e05bd909e010c0a496eaccd726443f8f
c1c5b90d121eb82df80d84fbaa24e48d4388932ff263c3596b66fecc1a71ba41
c7e06e45feb9bba80caa9974d7938e8f2f5ca62989deda329ec248bb4a19d1e0
cb1b4495577f5e3c20f5e111c559df0ae753595e3c8951780f302e5e263407e7
d2fb50e4baeeac354da4c495b1d829de2c3c674c355f3bb2ee69bac0a54f7642
d557ff8fc59eb1dbc9bcb2bfdbfe6a7072a53e111391c83fd694e27a957abb17
eeed75953670fcb86cee24f99ae9d813f1414dac9444c1f00b38445f9dbb5517
ef8e1f482a1e306a18d50fb4b379e8999ae929fc905445166bfed7f9dd239980
f69809e527e33af6e8c8b4dd7aa4af28747da778e83e675efc7ae2cbe24665aa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d