captcha.best Open in urlscan Pro
2606:4700:3033::6815:3c58  Malicious Activity! Public Scan

URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Submission: On June 18 via manual from GB — Scanned from GB

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::6815:3c58, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.best.
TLS certificate: Issued by GTS CA 1P5 on June 18th 2023. Valid for: 3 months.
This is the only time captcha.best was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Discord (Instant Messenger)

Live information

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:303... 13335 (CLOUDFLAR...)
1 162.159.130.233 13335 (CLOUDFLAR...)
14 2
Apex Domain
Subdomains
Transfer
13 captcha.best
captcha.best
386 KB
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2390
12 KB
14 2
Domain Requested by
13 captcha.best captcha.best
1 cdn.discordapp.com captcha.best
14 2

This site contains links to these domains. Also see Links.

Domain
discord.com
Subject Issuer Validity Valid
captcha.best
GTS CA 1P5
2023-06-18 -
2023-09-16
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-11-19 -
2023-11-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Frame ID: 8E91EB3BBFC98F7C298DD27F4417613E
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

Login - App Verify

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

398 kB
Transfer

2053 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request verify
captcha.best/
2 MB
339 KB
Document
General
Full URL
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
04e604eaca394c1cfdb9290c459685edc00afdc55dfb73948cc4c54b5723a065

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d93af60e97f8885-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 18 Jun 2023 12:55:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px0qX6tZ9LTdrd95v9t5Tfp%2BVwLo38ncqTmA%2BAFiTQJ0KIxJ5r1iemf07VwPeUodroVRgW8zNZzXGhWAD%2FCDh6JO%2Bw6SEwslKahy3Z9g3jh26kJ6zgHjrAT%2B2lcoZYCPPDL66oYvTPxw3zM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
get
captcha.best/
121 KB
31 KB
Script
General
Full URL
https://captcha.best/get?js=captcha
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
213be8ebd0d04a11942e62d3c199c390d04436dfdd3b51b33e47cfb0ff622d92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 16 Jun 2023 11:12:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1e40b-188c3e7e4cf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIeXJw8ttgKkKtwsUsTJBxuFfsJWSFXVubzPaNVPbbFXOQ59Fcqo%2BdfZbJV5hQ%2FvCKbQV1rGf9sZ6x9SDlnbR70fp4nPPl%2FeERriaoBE6x9G4GQ6QbFnzy05rZBwFqlRl%2BMeRGP617eFOk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
7d93af6d6fa18885-LHR
alt-svc
h3=":443"; ma=86400
22fd790491653d837422d80e3500cf92.svg
captcha.best/assets/
164 B
164 B
Image
General
Full URL
https://captcha.best/assets/22fd790491653d837422d80e3500cf92.svg
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1506
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBIOD8QYetoZXZr1YRiIrR8CkxsRrnP8dnU0xIhNRN%2Fw4pIBYxmpUhENhbq%2FK49cmB3g%2BEfFy7sgDMrAoAQNJDbq3vkAyRYWaLOFlItE0n6aylxE2HLicBxZRNGDpsEHPTYhfJeeOhmqmj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d93af6d8ff98885-LHR
alt-svc
h3=":443"; ma=86400
get
captcha.best/
7 KB
4 KB
Image
General
Full URL
https://captcha.best/get?ico=discord
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6817cfb84bc65b63f73c80c0ef16524bb32c4cf5c9a07c0c664d3ae5e022e1a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 16 Jun 2023 11:12:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1dc0-188c3e7d0ff"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwzXoLYzYqC6lJ4bHY9B8wA9EKjmKd4xOHBasJv5WxkClpNt%2BLHoQKRTEd7d9wWWWzmRdSssQ49ZYOrTuouiYR1pB5GOE%2FnEkbnqV%2FfuCbqdR%2BUHWkmp6ComkZacE6O3exmtXTLRMNIZ16o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0
cf-ray
7d93af6d98038885-LHR
alt-svc
h3=":443"; ma=86400
27737ee12149c40ce6af21f6a7ac7265.png
cdn.discordapp.com/avatars/948313795120484413/
11 KB
12 KB
Image
General
Full URL
https://cdn.discordapp.com/avatars/948313795120484413/27737ee12149c40ce6af21f6a7ac7265.png?size=80
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8667f8f09246b47991e71a86cd4cd41c0ba5fcb6a4e60dd94b5038813079898a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
11468
last-modified
Fri, 13 Jan 2023 06:57:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OulkZHNxl3zxDq%2B7Sf7I7RLN6aZi2J88CyX9uJ2KzYS%2Bo3EWBZ11YBNKEUpsN4ckWpNpUnygHkLGSv9QrY7hRpspLsyqHGav9DbrUNrIlX%2FGJIa19hKG1sXxZDdgKwFoKc%2BXVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
cf-ray
7d93af6df9460762-MAN
expires
Mon, 17 Jun 2024 12:55:12 GMT
get
captcha.best/
4 KB
1 KB
Script
General
Full URL
https://captcha.best/get?js=qr
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
18eafb772e970cd43b1c2a000c667c63f6cf39382e40557e95a219a4cbce9d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBNzevQDOQw48%2F8BhHBhllBXbhVXYVXSphmiKj%2Bcl3vmbvhmoS%2BfEc1Susv%2B1sAeYg23rJYcHmxdSw1Z3xX5cgZvKExWc8PeeqPmNvlCTZz3fEuBCAx1H8uUXJzU4sgoQa2iyFV8dYZs8s8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
7d93af6d98058885-LHR
alt-svc
h3=":443"; ma=86400
get
captcha.best/
10 KB
3 KB
Script
General
Full URL
https://captcha.best/get?js=login&id=zWRRaT1f4h6aCM9UPKwqAEu2
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
223133b44a26fa6af7a9f9e6bf29f320bd8165bc99367fbfefaf94c8e9feac38

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJEMiJ6VujQ4yCfZEdh3opdsJJfs4mKIcNPikRjg79VqAfB%2BACJLP2fJRoYcqYSW0i8ViDml%2BhRjpU6kn0NqwBIUo1qFHuejEvTZfc5AXkyzCsaqE6bKATDcPQ3S4LyjICXYXKTUq6iMv5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
7d93af6da82b8885-LHR
alt-svc
h3=":443"; ma=86400
e8acd7d9bf6207f99350ca9f9e23b168.woff
captcha.best/assets/
164 B
387 B
Font
General
Full URL
https://captcha.best/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5fb47fbd3ca39b348ab51f5698b4184a58ea9c83f1daae8e65b6c45dbe1626fa

Request headers

Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Origin
https://captcha.best
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1506
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lldVulQ51IjHF2ox00vAAU8Y5QMt8N12hcEowJ01aQHd9QFeudlTZ09IgezB%2Bj3PapPCUjzXY%2BYyiGk%2F8yhj0yueLx8p3gjALjkYGWkal4S9zT2fwGGbcg0TqUFGIHDUIr6hdvq5syIGlxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d93af6db8568885-LHR
alt-svc
h3=":443"; ma=86400
88055567e3d928bcb1e67e967081572e.woff
captcha.best/assets/
164 B
395 B
Font
General
Full URL
https://captcha.best/assets/88055567e3d928bcb1e67e967081572e.woff
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5fb47fbd3ca39b348ab51f5698b4184a58ea9c83f1daae8e65b6c45dbe1626fa

Request headers

Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Origin
https://captcha.best
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1696
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb%2FFoMmKNsW7FQGEkXDDnm6DmJ56e6L42OZk9Vi3F3q3L9eqMOKKOgtaR7tPtZ7ZtPBk%2BPSq8VwS%2BH4NDqD9JnW96VlcdgHhkJ9T97dEXPnxneZmXCHEfU2%2FTqKatGnM6yCV3J13iSgHc3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d93af6db85a8885-LHR
alt-svc
h3=":443"; ma=86400
3bdef1251a424500c1b3a78dea9b7e57.woff
captcha.best/assets/
164 B
388 B
Font
General
Full URL
https://captcha.best/assets/3bdef1251a424500c1b3a78dea9b7e57.woff
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5fb47fbd3ca39b348ab51f5698b4184a58ea9c83f1daae8e65b6c45dbe1626fa

Request headers

Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Origin
https://captcha.best
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1506
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZO6w5y0Pi0W2yMwjK01MjwxutKdiIPF1HpOzcY3B%2FXUGW22qNIjAvEkRmEaCoI5IzMQNmBNihh%2FGvDa6QMmVDjeU9Yb5SgmwMabfVB45sqgNzokbcf3%2Bu7cAJAQY3R1wvih0B1ZTJBMhXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d93af6db85c8885-LHR
alt-svc
h3=":443"; ma=86400
be0060dafb7a0e31d2a1ca17c0708636.woff
captcha.best/assets/
164 B
523 B
Font
General
Full URL
https://captcha.best/assets/be0060dafb7a0e31d2a1ca17c0708636.woff
Requested by
Host: captcha.best
URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5fb47fbd3ca39b348ab51f5698b4184a58ea9c83f1daae8e65b6c45dbe1626fa

Request headers

Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Origin
https://captcha.best
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:12 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8lMp3EwIY%2BxhupK3sTpQpmjnNePeuD7FkfKI3dBgQ9z1wGf1Q8%2FRBAW4S1zBJUsCmpOF6FpJ%2Fr6hb6yhnkxBtRQcflCFGnRaZ4tVmnOfz6Po%2FBqAEUwFVs30bS%2F5%2BKhMpQOECgJbz54%2Ft4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
7d93af6db85e8885-LHR
alt-svc
h3=":443"; ma=86400
/
captcha.best/create-qr-code/
2 KB
2 KB
Image
General
Full URL
https://captcha.best/create-qr-code/?size=176x176&data=https%3A%2F%2Fdiscord.com%2Fra%2FzH8obnsJ5faZyX0ARzqbokfpbq2D0WiCYSsCZP0bDlI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2dbbd80865c32d7226f63753a96f926ac292a92a4a41f08c79308e30393ef92d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZEt0XKEudUGrnzIBUYQZW7GYwWTASOk5qWCo9Kq6BxKdi%2BrQnkDlBnMmrLmhQTVRnESBQ7g1OO7yKsG1rvTAQXqHT%2BwU67EdL0nsIpuySPfLgri0conkfXy4wTx0Kfq%2BQiV1khZAyGd0P8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7d93af787f0c8897-LHR
alt-svc
h3=":443"; ma=86400
/
captcha.best/create-qr-code/
2 KB
2 KB
Image
General
Full URL
https://captcha.best/create-qr-code/?size=176x176&data=https%3A%2F%2Fdiscord.com%2Fra%2FzH8obnsJ5faZyX0ARzqbokfpbq2D0WiCYSsCZP0bDlI
Requested by
Host: captcha.best
URL: https://captcha.best/get?js=qr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2dbbd80865c32d7226f63753a96f926ac292a92a4a41f08c79308e30393ef92d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1e%2Bx74NLYez5Xs9fAGgpUBcLNUKQulnIBDTh38eLAjAqkbtjaoooA%2F52%2Bj4xn%2BQOp5CQxyShkOXQ2z9AHuq4b46ITsgonxw1v5tiJxdFs3pH8S6RucCo8vQH9eNC5ZxoWxA3Vo7HDnEwn0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7d93af7b5bac8897-LHR
alt-svc
h3=":443"; ma=86400
get
captcha.best/
1 KB
2 KB
Image
General
Full URL
https://captcha.best/get?ico=discordlogo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 18 Jun 2023 12:55:14 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 16 Jun 2023 11:12:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"5fc-188c3e7d31f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3NKuWYApAylSAOPyyMJYf%2BH8yGNeSoxGvG1iCvBVbSbDv9nIWku59oLgfvRHLH6srRpZl%2F%2BJ4ax9RNr%2Fqk2bkX6HwzlswE%2FV3S364xQqKPCLdZrFUuLSUru5mUD%2FMEwo3jXhZ%2FqXK5710k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
7d93af7b5bad8897-LHR
alt-svc
h3=":443"; ma=86400
content-length
1532

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| page object| hcaptcha function| init function| onMessage function| removeImage function| cancel string| t_locale object| lastotp object| rightotp boolean| gettingotp object| gettingotpid function| tryLogin function| openCaptchaPage function| parseMfa function| submitOTP function| checkTotpButton function| sendSms function| checkTotp function| closeMfaPage function| openMfaPage function| showMfaError function| submitCode function| initCaptchaCheck function| captchaChecked function| closeCaptchaPage function| showError function| showErrors function| getErrorContent

1 Cookies

Domain/Path Name / Value
.discordapp.com/ Name: __cf_bm
Value: m5JNfLZoiwCHVFbl_Hksdvzbsj.A8x.iRIqF2QTo9kc-1687092912-0-ARr2ASxu0OIZz/T4XFmeem56O+HGtiR9+/LYfxHfOWkWG153ShgNB7pXCbFJ9Z/HDGrqqG+AOeLcd6+Kwq4wVyQ=

8 Console Messages

Source Level URL
Text
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
Failed to decode downloaded font: https://captcha.best/assets/88055567e3d928bcb1e67e967081572e.woff
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
OTS parsing error: invalid sfntVersion: 218774632
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
Failed to decode downloaded font: https://captcha.best/assets/e8acd7d9bf6207f99350ca9f9e23b168.woff
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
OTS parsing error: invalid sfntVersion: 218774632
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
Failed to decode downloaded font: https://captcha.best/assets/3bdef1251a424500c1b3a78dea9b7e57.woff
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
OTS parsing error: invalid sfntVersion: 218774632
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
Failed to decode downloaded font: https://captcha.best/assets/be0060dafb7a0e31d2a1ca17c0708636.woff
other warning URL: https://captcha.best/verify?id=zWRRaT1f4h6aCM9UPKwqAEu2
Message:
OTS parsing error: invalid sfntVersion: 218774632