control.captcha.eu Open in urlscan Pro
156.58.253.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://control.captcha.eu/
Submission Tags: phishingrod
Submission: On October 24 via api (October 24th 2024, 6:03:25 am UTC) from DE — Scanned from AT

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 156.58.253.17, located in Vienna, Austria and belongs to MP-AS, AT. The main domain is control.captcha.eu.
TLS certificate: Issued by E6 on October 24th 2024. Valid for: 3 months.

This is the only time control.captcha.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	156.58.253.17 156.58.253.17	199083 (MP-AS) (MP-AS)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
1	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2	95.101.111.180 95.101.111.180	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	4

4 156.58.253.17 (Vienna, Austria)

ASN199083 (MP-AS, AT)
PTR: 17.krone.at

control.captcha.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.180 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-180.deploy.static.akamaitechnologies.com

www.captcha.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	captcha.eu control.captcha.eu www.captcha.eu — Cisco Umbrella Rank: 638105	506 KB
1	gstatic.com fonts.gstatic.com	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	992 B
8	3

	Domain	Requested by
4	control.captcha.eu	control.captcha.eu
2	www.captcha.eu	control.captcha.eu
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	control.captcha.eu
8	4

This site contains no links.

Subject Issuer	Validity	Valid
control.captcha.eu E6	`2024-10-24` - `2025-01-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
krone.at R11	`2024-09-12` - `2024-12-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://control.captcha.eu/
Frame ID: CFFF16E841DF83C294018FA3665E4FF3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Captcha.eu Control

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

543 kB
Transfer

1699 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
control.captcha.eu/ 598 B
528 B 169ms
32ms Document
text/html 156.58.253.17
MP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://control.captcha.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.58.253.17 Vienna, Austria, ASN199083 (MP-AS, AT),
Reverse DNS: 17.krone.at
Software: Caddy SimpleHTTP/0.6 Python/3.11.8 /
Resource Hash: dcb4b89a92413689725415e4009ea54638259bac8336963555d7882fffef939a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
content-encoding: zstd
content-length: 372
content-type: text/html
date: Thu, 24 Oct 2024 06:03:14 GMT
last-modified: Thu, 11 Apr 2024 21:10:52 GMT
server: Caddy SimpleHTTP/0.6 Python/3.11.8
vary: Accept-Encoding

GET
H2 200 main.dc4b1382.js Show response
control.captcha.eu/static/js/ 2 MB
497 KB 37ms
33ms Script
text/javascript 156.58.253.17
MP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://control.captcha.eu/static/js/main.dc4b1382.js
Requested by: Host: control.captcha.eu
URL: https://control.captcha.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.58.253.17 Vienna, Austria, ASN199083 (MP-AS, AT),
Reverse DNS: 17.krone.at
Software: Caddy, SimpleHTTP/0.6 Python/3.11.8 /
Resource Hash: 1d05c603d87833f5ec3b14e19a9d53ab580ff6e5085966a066fc63cd095bea39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://control.captcha.eu/

Response headers

alt-svc: h3=":443"; ma=2592000
content-encoding: zstd
date: Thu, 24 Oct 2024 06:03:14 GMT
content-type: text/javascript
last-modified: Thu, 11 Apr 2024 21:10:52 GMT
server: Caddy, SimpleHTTP/0.6 Python/3.11.8
vary: Accept-Encoding

GET
H2 200 main.39486b67.css
control.captcha.eu/static/css/ 6 KB
1 KB 25ms
24ms Stylesheet
text/css 156.58.253.17
MP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://control.captcha.eu/static/css/main.39486b67.css
Requested by: Host: control.captcha.eu
URL: https://control.captcha.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.58.253.17 Vienna, Austria, ASN199083 (MP-AS, AT),
Reverse DNS: 17.krone.at
Software: Caddy, SimpleHTTP/0.6 Python/3.11.8 /
Resource Hash: 267e64692caedf9611bde25e2bad8071dd7e75fb2e85bbe01758f5138dbd6425

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://control.captcha.eu/

Response headers

content-encoding: zstd
alt-svc: h3=":443"; ma=2592000
content-length: 1431
date: Thu, 24 Oct 2024 06:03:14 GMT
content-type: text/css
last-modified: Thu, 11 Apr 2024 21:10:52 GMT
server: Caddy, SimpleHTTP/0.6 Python/3.11.8
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
992 B 117ms
39ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: control.captcha.eu
URL: https://control.captcha.eu/static/css/main.39486b67.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

2e89d939931d41d4426c386db3bcd415956772c069285f85cfdd92ed52f4b0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://control.captcha.eu/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 06:03:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 06:03:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 24 Oct 2024 05:51:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
36 KB 287ms
39ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://control.captcha.eu
Referer: https://fonts.googleapis.com/

Response headers

age: 134517
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:41:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:41:18 GMT
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36848
x-xss-protection: 0
server: sffe

GET
H2 200 logo_large.svg
www.captcha.eu/legacy-assets/ 5 KB
2 KB 356ms
74ms Image
image/svg+xml 95.101.111.180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.captcha.eu/legacy-assets/logo_large.svg

Requested by

Host: control.captcha.eu
URL: https://control.captcha.eu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

3ccfcf20ddfc155b495f5e0da0c40739695f28f3422f0f317f41d8c562866a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://control.captcha.eu/

Response headers

krn-aka-group: captcha
content-encoding: gzip
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
expires: Sat, 23 Nov 2024 06:03:15 GMT
alt-svc: h3=":443"; ma=93600
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date: Thu, 24 Oct 2024 06:03:15 GMT
content-type: image/svg+xml
vary: Accept-Encoding
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Rest-Key
strict-transport-security: max-age=600
edge-cache-tag: captcha
x-captcha-server: true-406
krn-global: 1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1817

POST
H2 403 dashboard Show response
www.captcha.eu/cc/ 21 B
583 B 298ms
70ms Fetch
application/json 95.101.111.180
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.captcha.eu/cc/dashboard?cors=true

Requested by

Host: control.captcha.eu
URL: https://control.captcha.eu/static/js/main.dc4b1382.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-180.deploy.static.akamaitechnologies.com

Software

Resource Hash

1946860f1e51361a1800ca4c26397af70998ad8b6b8a9d2f13098d8b5da45780

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://control.captcha.eu/

Response headers

krn-aka-group: captcha
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
acao-denied: https://control.captcha.eu
alt-svc: h3=":443"; ma=93600
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
date: Thu, 24 Oct 2024 06:03:15 GMT
content-type: application/json; charset=utf-8
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Rest-Key
strict-transport-security: max-age=600
inorigin: https://control.captcha.eu
edge-cache-tag: captcha
x-captcha-server: true-406
access-control-allow-credentials: true
krn-global: 1
access-control-allow-origin: https://control.captcha.eu
content-length: 21

GET
H2 200 favicon.ico
control.captcha.eu/ 4 KB
4 KB 28ms
26ms Other
image/vnd.microsoft.icon 156.58.253.17
MP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://control.captcha.eu/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.58.253.17 Vienna, Austria, ASN199083 (MP-AS, AT),
Reverse DNS: 17.krone.at
Software: Caddy, SimpleHTTP/0.6 Python/3.11.8 /
Resource Hash: 9adc3478fa8179fab21d71d16ad953490f0a80f9936c4ec14dbd21e5d1c65f4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://control.captcha.eu/

Response headers

alt-svc: h3=":443"; ma=2592000
content-length: 4286
date: Thu, 24 Oct 2024 06:03:15 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 11 Apr 2024 21:09:53 GMT
server: Caddy, SimpleHTTP/0.6 Python/3.11.8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| TreemapSquared function| SVG object| Apex function| ApexCharts

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.captcha.eu/cc/dashboard?cors=true Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

control.captcha.eu
fonts.googleapis.com
fonts.gstatic.com
www.captcha.eu
142.250.184.202
142.250.186.131
156.58.253.17
95.101.111.180
1946860f1e51361a1800ca4c26397af70998ad8b6b8a9d2f13098d8b5da45780
1d05c603d87833f5ec3b14e19a9d53ab580ff6e5085966a066fc63cd095bea39
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
267e64692caedf9611bde25e2bad8071dd7e75fb2e85bbe01758f5138dbd6425
2e89d939931d41d4426c386db3bcd415956772c069285f85cfdd92ed52f4b0ec
3ccfcf20ddfc155b495f5e0da0c40739695f28f3422f0f317f41d8c562866a64
9adc3478fa8179fab21d71d16ad953490f0a80f9936c4ec14dbd21e5d1c65f4f
dcb4b89a92413689725415e4009ea54638259bac8336963555d7882fffef939a

control.captcha.eu Open in urlscan Pro 156.58.253.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

543 kBTransfer

1699 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

control.captcha.eu Open in urlscan Pro
156.58.253.17 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

543 kB
Transfer

1699 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions