captcha.botlookup.xyz Open in urlscan Pro
2606:4700:3035::6815:5af1  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response captcha.botlookup.xyz/	149 KB 28 KB	358ms 128ms	Document text/html	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 940af324405292a88daa7b5d57d9a1e8de90304563e7f000ae458a4bd3321a3d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85d1190b590081ab-IAD content-encoding br content-type text/html; charset=utf-8 date Thu, 29 Feb 2024 13:01:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi6iIsP55oO7uwLJf6B2mBpDJRTq0TgxirDHUDlsoLpoWHlcyJRZ4cokfk9XpwH174OdiDv6EyoXD8TgG4Xo5YH1G9chutpdhQrsq6qr0cxcTIDkofW8XlnhZZx%2Buu3RBtb%2BhVCfEzVT5d4H3xS7VHZBFrU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	app.45d4d70d2e41bc34b882.css captcha.botlookup.xyz/static/assets/	2 MB 442 KB	176ms 176ms	Stylesheet text/css	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 021cb1900795154820b9ab23f5621933558e336da5660f1928edab740547862f Request headers accept-language de-DE,de;q=0.9 Referer https://captcha.botlookup.xyz/?keepthiz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:11:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301066.0-2527732-4028375056" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWNVYK4tuXb45DDfRCm6hEUC77EYZU%2Bo3pnMnh7ebokOnQsnWilEljBGpnN34iFmOZE2WiigrLPTe2Al1NM4R2V0XkK3s0f00HcdUWdVYkodvr2bzWvTSa%2FsgjMlDy3CY%2BBIF9kKOWPGl8Eb6Eri0ViZmx4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=app.45d4d70d2e41bc34b882.css cf-ray 85d1190c39fb81ab-IAD alt-svc h3=":443"; ma=86400
GET H2	200	shared.f01e9143e31c19a68a8e.css captcha.botlookup.xyz/static/assets/	564 KB 94 KB	136ms 136ms	Stylesheet text/css	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/assets/shared.f01e9143e31c19a68a8e.css Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e15eab63d3de0c80c50155e9eb6f78d5b0d1fb4236e0f1cd0a2d71ef6d37083 Request headers accept-language de-DE,de;q=0.9 Referer https://captcha.botlookup.xyz/?keepthiz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:11:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301088.0-577592-1517756746" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aURAa3U53KEuSbrm6AOSTGiYbHbWij%2BeiMyfTfEHuCbks5%2F4QDpJu%2BU%2F1Eel5yNlkCEDFIJukZMHEBv9cAzdCrMFO8ZKZ%2FUu3TkXLAgJFfqYmlO6c85%2FT2A5CqKSHZNv917rS%2BLrUgsrnQKZx38gZ2CWY8I%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=shared.f01e9143e31c19a68a8e.css cf-ray 85d1190c39fc81ab-IAD alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response hcaptcha.com/1/	376 KB 107 KB	44ms 24ms	Script application/javascript	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hcaptcha.com/1/api.js Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://captcha.botlookup.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 f732889a761ee496e041d15e73c58bd6.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1 age 0 x-amz-cf-pop CDG50-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 26 Feb 2024 13:10:44 GMT server cloudflare etag W/"cf161ae1463888e6b05f1ecd1d11305b" vary Accept-Encoding content-type application/javascript cache-control max-age=300 cf-ray 85d1190c2f20bb37-FRA x-amz-cf-id afxttyYCHbuyLaBXz3HWODZxS3U-HGDYL4J3rIhhRMSmhbtHjpw34w==
GET H2	200	adf75861421c2a6a6269.png captcha.botlookup.xyz/static/assets/	1 KB 2 KB	154ms 154ms	Image image/png	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://captcha.botlookup.xyz/static/assets/adf75861421c2a6a6269.png Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144 Request headers accept-language de-DE,de;q=0.9 Referer https://captcha.botlookup.xyz/?keepthiz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:14:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301240.0-1532-1784946290" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXQVF%2BF30vYsxHzieSmDxwhKHtPbISoE%2BFsCKz2audeiMtu%2BRLBAvp%2BmDr2NFzu4Mw%2Fe69Lnj0iX1nuQe7lbpcP2YlpKAA70Jcg1zgyM%2BATV%2BrEwCgxt4w%2Fs0ZNQJJgn4uRAmSAV8651LGb%2Bv2MKR5XkcTQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 content-disposition inline; filename=adf75861421c2a6a6269.png accept-ranges bytes cf-ray 85d1190c6a3a81ab-IAD alt-svc h3=":443"; ma=86400 content-length 1532
GET H2	200	863db41a48a43395cd55.svg captcha.botlookup.xyz/static/assets/	5 KB 2 KB	154ms 154ms	Image image/svg+xml	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://captcha.botlookup.xyz/static/assets/863db41a48a43395cd55.svg Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93a1168fc0e0e1f524d0e232aee8ee78c4272f0d201389b8e504ed84c699e1ac Request headers accept-language de-DE,de;q=0.9 Referer https://captcha.botlookup.xyz/?keepthiz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1703301146.0-5367-1741102719" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdYI15lvylcAnTFzzeaifjUaW84of%2FfZNHZ2uR%2FJJF4dC4NeOj0CbAnHKQDwRonNHyaBtzsZvF3ojWLO4Bq%2BfEpF%2FVzSVHTojhoPsVVGZCPZWru1nZ00n9D2X1Iy%2BuqrUdUactUzvxnxT%2Fn9Srr8XWsmTzY%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=863db41a48a43395cd55.svg cf-ray 85d1190c6a3e81ab-IAD alt-svc h3=":443"; ma=86400
GET H2	200	script.js Show response captcha.botlookup.xyz/static/js/	25 KB 6 KB	150ms 150ms	Script application/javascript	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/js/script.js Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/?keepthiz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af3912f101b1a9a911cdfb9ec44b64a399470c6b79094d750fabe0054eae2deb Request headers accept-language de-DE,de;q=0.9 Referer https://captcha.botlookup.xyz/?keepthiz User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 26 Feb 2024 05:35:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1708925701.0308568-25583-1501764024" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHJ0fF5Lyk3iiKaPwuMnO7fCdq4NCS2WlKJuvqOtOc4DU8NMoNx5Rry2VYB9pfZBCBAZi2GYqghLukT7zl%2FsmGApM%2FMQyNHEZ2z4iGKAMbUaJRcWF05PlF8%2FnHKM5piJvmc1UsEg2zUu2ih43fEJm1y8V5s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 content-disposition inline; filename=script.js cf-ray 85d1190c6a4c81ab-IAD alt-svc h3=":443"; ma=86400
GET H3	200	b9811218b3a54ad59fb2.woff2 captcha.botlookup.xyz/static/assets/	37 KB 38 KB	244ms 243ms	Font application/octet-stream	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/assets/b9811218b3a54ad59fb2.woff2 Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104 Request headers Referer https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://captcha.botlookup.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:15:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301332.0-38156-2782797628" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yf19XFyPP1Zkinsq8vaMAdY761H2Te9dvuG8yeUyVtx4IQA%2Bq49jI%2BDMrtlVDWw24AyNXP9qG5qabv8%2FvHLo5UboKSTgR4srnA3A0t00YyhJ9bgqlGRxDYZba%2BlP460HGLr2NCWVRAhH6305pUz3sOldaj0%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=b9811218b3a54ad59fb2.woff2 accept-ranges bytes cf-ray 85d1190f3b37b920-AMS alt-svc h3=":443"; ma=86400 content-length 38156
GET H3	200	20ac37ed2576dd48d7dc.woff2 captcha.botlookup.xyz/static/assets/	39 KB 39 KB	224ms 224ms	Font application/octet-stream	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/assets/20ac37ed2576dd48d7dc.woff2 Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813 Request headers Referer https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://captcha.botlookup.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:17:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301450.0-39764-2896371619" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAHWnPHlF31KNMR2eEz5NrpznF2KRcsxvyrsn1muddUir3Vllof4woHsntLf0LQsuDv%2BxMjwsr1fMjNTlAVGGy%2BJsq6jZvwI4m86hSfeDaeSNLRLWrHNXnxNI52FQ34uQgyUcVfd6wiDXydpg%2BP7KuXbgEE%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=20ac37ed2576dd48d7dc.woff2 accept-ranges bytes cf-ray 85d1190f3b38b920-AMS alt-svc h3=":443"; ma=86400 content-length 39764
GET H3	200	3f46bbecb4287c0a829f.woff2 captcha.botlookup.xyz/static/assets/	39 KB 39 KB	188ms 187ms	Font application/octet-stream	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/assets/3f46bbecb4287c0a829f.woff2 Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc Request headers Referer https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://captcha.botlookup.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:17:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301478.0-39724-2957189027" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGgBz6EFaCxPHLV2YCgYSsxZ2f9EtW3JMby%2FbLV7%2B0mjwPOjvlSeNcSl75kf8NT0eqFkoOSAfBslomhfhOUf8AiP0xyuEAx55L0GfuWjBagexJnGFgOb2tj8FLrOjaW2EDwPtOGmzHkmHs67E0ipZ%2FqF7mE%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=3f46bbecb4287c0a829f.woff2 accept-ranges bytes cf-ray 85d1190f3b3ab920-AMS alt-svc h3=":443"; ma=86400 content-length 39724
GET H3	200	f84e3e81b8d0718cd917.woff2 captcha.botlookup.xyz/static/assets/	39 KB 39 KB	244ms 243ms	Font application/octet-stream	2606:4700:3035::6815:5af1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://captcha.botlookup.xyz/static/assets/f84e3e81b8d0718cd917.woff2 Requested by Host: captcha.botlookup.xyz URL: https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:5af1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b Request headers Referer https://captcha.botlookup.xyz/static/assets/app.45d4d70d2e41bc34b882.css Origin https://captcha.botlookup.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 03:18:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1703301488.0-39424-2876055374" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ8lYG7lQoPGDosA6T7PwqjpEMBYHgVITcHwSX1sfGFUHnLInELkgfQtpXEMRoejv3Rd2yiy4upNjmhLTNoQVODhPbNkZseIvoM3QnzPXKLOPo9zD%2FeWPN4aOBbnVMBg%2BwqUL8dFeB3AxpQuRJ7TT5i6o%2FM%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 content-disposition inline; filename=f84e3e81b8d0718cd917.woff2 accept-ranges bytes cf-ray 85d1190f3b3bb920-AMS alt-svc h3=":443"; ma=86400 content-length 39424
GET H2	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/fadb9c6/static/ Frame F130	2 KB 875 B	21ms 21ms	Document text/html	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=ig65otob58 Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc166195321ca62685cca792bb5f9065ef460b0921fd974ffc5a6b9ce66513fb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://captcha.botlookup.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 196870 alt-svc h3=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 85d1190f89d8bb37-FRA content-encoding br content-type text/html cross-origin-embedder-policy credentialless cross-origin-resource-policy cross-origin date Thu, 29 Feb 2024 13:01:46 GMT last-modified Mon, 26 Feb 2024 13:10:44 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront) x-amz-cf-id yFbEdRK9nfyRyCZO3zMhK8uNMQMcTCF3Y1W6oALjjPn0OMB_9zhQQg== x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-amz-version-id w380JAJSDRpHmjdLNet.Oei.HbAumRcl x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	hcaptcha.html Show response newassets.hcaptcha.com/captcha/v1/fadb9c6/static/ Frame 3F68	2 KB 946 B	17ms 17ms	Document text/html	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html Requested by Host: hcaptcha.com URL: https://hcaptcha.com/1/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fe52b41df37301e4619ee895d9fdf23b2a2b6775511a5e57b12f64aade9807c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://captcha.botlookup.xyz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 196870 alt-svc h3=":443"; ma=86400 cache-control max-age=1209600 cf-cache-status HIT cf-ray 85d1190f89dabb37-FRA content-encoding br content-type text/html cross-origin-embedder-policy credentialless cross-origin-resource-policy cross-origin date Thu, 29 Feb 2024 13:01:46 GMT last-modified Mon, 26 Feb 2024 13:10:44 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront) x-amz-cf-id yFbEdRK9nfyRyCZO3zMhK8uNMQMcTCF3Y1W6oALjjPn0OMB_9zhQQg== x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-amz-version-id w380JAJSDRpHmjdLNet.Oei.HbAumRcl x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	hcaptcha.js Show response newassets.hcaptcha.com/captcha/v1/fadb9c6/ Frame 3F68	376 KB 106 KB	28ms 27ms	Script application/javascript	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html Origin https://newassets.hcaptcha.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 f732889a761ee496e041d15e73c58bd6.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1 age 196899 x-amz-cf-pop CDG50-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 26 Feb 2024 13:10:44 GMT server cloudflare etag W/"cf161ae1463888e6b05f1ecd1d11305b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 cf-ray 85d1190fb9fabb37-FRA x-amz-cf-id afxttyYCHbuyLaBXz3HWODZxS3U-HGDYL4J3rIhhRMSmhbtHjpw34w==
GET H2	200	hcaptcha.js Show response newassets.hcaptcha.com/captcha/v1/fadb9c6/ Frame F130	376 KB 106 KB	16ms 16ms	Script application/javascript	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=ig65otob58 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=ig65otob58 Origin https://newassets.hcaptcha.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 f732889a761ee496e041d15e73c58bd6.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id Y83AnVQfVaYtiCkhua7rz_C8xbCj9kI1 age 196899 x-amz-cf-pop CDG50-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 26 Feb 2024 13:10:44 GMT server cloudflare etag W/"cf161ae1463888e6b05f1ecd1d11305b" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=1209600 cf-ray 85d1190fba08bb37-FRA x-amz-cf-id afxttyYCHbuyLaBXz3HWODZxS3U-HGDYL4J3rIhhRMSmhbtHjpw34w==
GET DATA	200 OK	truncated / Frame 3F68	798 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers Content-Type image/png
POST H2	200	checksiteconfig Show response api.hcaptcha.com/ Frame F130	721 B 808 B	38ms 37ms	XHR application/json	104.19.219.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hcaptcha.com/checksiteconfig?v=fadb9c6&host=captcha.botlookup.xyz&sitekey=f5561ba9-8f1e-40ca-9b5b-a0b3f719ef34&sc=1&swa=1&spst=1 Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a08c021fe9b04f9b61603c9a1e590c5e63b2d80c56f6c3e0c062cbe597091304 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept application/json Referer https://newassets.hcaptcha.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Content-Type text/plain Response headers date Thu, 29 Feb 2024 13:01:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff content-encoding br server cloudflare vary Origin, Accept-Encoding access-control-allow-methods GET, HEAD, POST, OPTIONS content-type application/json access-control-allow-origin https://newassets.hcaptcha.com access-control-allow-credentials true cf-ray 85d119102a74bb37-FRA access-control-allow-headers Cache-Control, Content-Type, DNT, Referer, User-Agent alt-svc h3=":443"; ma=86400
GET H3	200	hsw.js Show response newassets.hcaptcha.com/c/4753532/ Frame F130	505 KB 220 KB	31ms 31ms	Script application/javascript	104.19.218.90 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://newassets.hcaptcha.com/c/4753532/hsw.js Requested by Host: newassets.hcaptcha.com URL: https://newassets.hcaptcha.com/captcha/v1/fadb9c6/hcaptcha.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0dc7511f9f3b8369a23f2a94f49b27b025a3719b0fba66b2c20701d6ab82820 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://newassets.hcaptcha.com/captcha/v1/fadb9c6/static/hcaptcha.html?_v=ig65otob58 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36 Response headers date Thu, 29 Feb 2024 13:01:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-content-type-options nosniff x-amz-version-id xYmORh03N7Se5zk_65rH8kcKE5HmZuvB age 173 x-amz-cf-pop FRA56-P4 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Tue, 27 Feb 2024 12:49:07 GMT server cloudflare etag W/"33b2f95bda4299b75e695ffc983fcda5" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=3024000 cf-ray 85d119105a4c9072-FRA x-amz-cf-id UfkWASKNLWhA8SmzQ3Aw7V98oHH64HY7dCJMCSPV2CcT3R8yhTgz4Q==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Discord (Instant Messenger)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| Raven object| hcaptcha object| ref undefined| a2fTicket function| login function| a2fSubmit function| onSuccess function| reset function| openA2f function| closeA2f function| startLoading function| stopLoading function| openModal function| closeModal object| grecaptcha

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hcaptcha.com
captcha.botlookup.xyz
hcaptcha.com
newassets.hcaptcha.com
104.19.218.90
104.19.219.90
2606:4700:3035::6815:5af1
021cb1900795154820b9ab23f5621933558e336da5660f1928edab740547862f
13da02ce62b1a388a7c8d6f3bd286fe774ee2b91ac63d281523e80b2a8a063bc
3fe52b41df37301e4619ee895d9fdf23b2a2b6775511a5e57b12f64aade9807c
440ad8b1449985479bc37265e9912bbf2bf56fe9ffd14709358a8e9c2d5f8e5b
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
8e15eab63d3de0c80c50155e9eb6f78d5b0d1fb4236e0f1cd0a2d71ef6d37083
8e401b056dc1eb48d44a01407ceb54372bbc44797d3259069ce96a96dfd8c104
93a1168fc0e0e1f524d0e232aee8ee78c4272f0d201389b8e504ed84c699e1ac
940af324405292a88daa7b5d57d9a1e8de90304563e7f000ae458a4bd3321a3d
a08c021fe9b04f9b61603c9a1e590c5e63b2d80c56f6c3e0c062cbe597091304
ae99aaede2f373187a4fe442a2cb0ab9c2945efbab01cf33e01be517c0c4f813
af3912f101b1a9a911cdfb9ec44b64a399470c6b79094d750fabe0054eae2deb
b0dc7511f9f3b8369a23f2a94f49b27b025a3719b0fba66b2c20701d6ab82820
cc166195321ca62685cca792bb5f9065ef460b0921fd974ffc5a6b9ce66513fb
f1ca5949ef43d0a6130a1176794b4b38b393f2638c6cc5c2b8449adb6ed3f144
f8372e4920304819a1afe1cb4a33def279a032e5d0154b53df47d05abdfc8077