protect-captcha.online
Open in
urlscan Pro
2606:4700:3032::6815:aba
Malicious Activity!
Public Scan
Submission Tags: phishingrod
Submission: On February 28 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on February 28th 2024. Valid for: 3 months.
This is the only time protect-captcha.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Discord (Instant Messenger)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 2606:4700:303... 2606:4700:3032::6815:aba | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 104.19.219.90 104.19.219.90 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
protect-captcha.online
protect-captcha.online |
1 MB |
6 |
hcaptcha.com
newassets.hcaptcha.com — Cisco Umbrella Rank: 6816 api.hcaptcha.com — Cisco Umbrella Rank: 6979 |
408 KB |
22 | 2 |
Domain | Requested by | |
---|---|---|
16 | protect-captcha.online |
protect-captcha.online
|
5 | newassets.hcaptcha.com |
protect-captcha.online
newassets.hcaptcha.com |
1 | api.hcaptcha.com |
newassets.hcaptcha.com
|
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
protect-captcha.online GTS CA 1P5 |
2024-02-28 - 2024-05-28 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-15 - 2024-04-14 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://protect-captcha.online/
Frame ID: 74944FA6B9D7772EA732B9B0C45D047E
Requests: 16 HTTP requests in this frame
Frame:
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=yjwy34n7s1i
Frame ID: A375018EB71820BF4D0D485EEE660135
Requests: 4 HTTP requests in this frame
Frame:
https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html
Frame ID: 13E0B831A0F2FCC7921B83BB4854EA7F
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
protect-captcha.online/ |
163 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.45d4d70d2e41bc34b882.css
protect-captcha.online/public/assets/ |
2 MB 437 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.f01e9143e31c19a68a8e.css
protect-captcha.online/public/assets/ |
538 KB 93 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
protect-captcha.online/public/hcaptcha.com/1/ |
326 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adcf9ed6.js
protect-captcha.online/public/js/ |
968 B 624 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adf75861421c2a6a6269.png
protect-captcha.online/public/assets/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
863db41a48a43395cd55.svg
protect-captcha.online/public/assets/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
protect-captcha.online/public/js/ |
26 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b9811218b3a54ad59fb2.woff2
protect-captcha.online/public/assets/ |
65 B 542 B |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
20ac37ed2576dd48d7dc.woff2
protect-captcha.online/public/assets/ |
65 B 548 B |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
3f46bbecb4287c0a829f.woff2
protect-captcha.online/public/assets/ |
65 B 546 B |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f84e3e81b8d0718cd917.woff2
protect-captcha.online/public/assets/ |
65 B 547 B |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
25f1e66664a140ac84c9.woff2
protect-captcha.online/public/assets/ |
177 KB 178 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
9a02726c2f8410020238.woff2
protect-captcha.online/public/assets/ |
183 KB 184 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ee6b51adb64f6365352c.woff2
protect-captcha.online/public/assets/ |
175 KB 176 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
e0ece3c23b33d18f4d00.woff2
protect-captcha.online/public/assets/ |
182 KB 183 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame A375 |
2 KB 873 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 13E0 |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 13E0 |
326 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame A375 |
326 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 13E0 |
798 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
checksiteconfig
api.hcaptcha.com/ Frame A375 |
721 B 806 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hsw.js
newassets.hcaptcha.com/c/0fb9fb5/ Frame A375 |
508 KB 222 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Discord (Instant Messenger)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 undefined| a2fTicket function| login function| a2fSubmit function| onSuccess function| reset function| openA2f function| closeA2f function| startLoading function| stopLoading function| openModal function| closeModal object| Raven object| hcaptcha object| grecaptcha0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.hcaptcha.com
newassets.hcaptcha.com
protect-captcha.online
104.19.219.90
2606:4700:3032::6815:aba
10ef6aa9f4b834809c3bf32ea271726259a15d565d09dd1fcf013330b603c5f4
135667d8b38dcb9372bf4d65eaa44fa5438d0b06831a2cd562eb82b8d44f4098
151d9c9cc5903316143e42813344e923dba555f5ca554c417be0d24194d700e7
1b03dae61d613604b3d41d61cc4bc2e05f19bd27c7ff2638242f9036f2b8794e
2a9421e36647973f38d80cd149c3d4b30211aba44dbb1c28d82927be59e9a224
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
361b4deff8c6e2e68a0cac7d1ad55f8c07db8e2142d2fc5af390b4a9b1f49811
43bd18e2bd8069e76f61d22c745cc2e97fd9c013104dbe15a872c3d8db5f38f1
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
62e6e88dfc82688e0a3944b73b5d2ee064b727648cd0a86e3b6d661743489964
6f90d69cd594cd1dfae161e885f7ecc54ecb5f4bbce0097789b1e20a9fedfe6b
7ab82ad8f798eb96f6ff201492bb82a1fc64b87a26a33fab12f9d01579e06cf4
7f2fc9c03ac5cee4e206b61d510b427ba6e8f5c7554d1b5db42c5caa7cf2307a
8390503760c8f26556001a28e7d95e4a237a4780e7ceeebf0853ce252fde4ba8
89a8e6fe1c595fb5fe77edd74ee8990458ecbf2941bb44e60ce8d96b6fde660f
a6aeb0f05d454e29935dc8708f1dbdbe27176d849880fdbf1d30d4d5bc6c3c18
a981989aee5d4479ffadf550d9ecff24a4ac829483e3e55c07da3491f84b12ba
c1d71bd80fc3ecf5ef1a97092a456a046d55fd264be721f2a25be3e59ccb8b2b
d6374f9d1b47d190b0032210943fccfbeea383de80cfde5c370b1b26b3d109e3
d8c6f38967f6cf2d568e34abe3e04c2c2c195becd596c1cee7b9b83822dd768c
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144