urlscan.io logo urlscan.io
SecurityTrails logo

captcha-zoo.botd.xyz Open in urlscan Pro
2606:4700:20::681a:782  Public Scan

Go To Rescan Add Verdict Report
URL: https://captcha-zoo.botd.xyz/
Submission Tags: phishingrod
Submission: On October 10 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:20::681a:782, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha-zoo.botd.xyz.
TLS certificate: Issued by E5 on October 10th 2024. Valid for: 3 months.
This is the only time captcha-zoo.botd.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 3
Apex Domain
Subdomains		 Transfer
6 botd.xyz
captcha-zoo.botd.xyz
17 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
994 B
1 gstatic.com
www.gstatic.com
215 KB
8 3
Domain Requested by
6 captcha-zoo.botd.xyz 1 redirects captcha-zoo.botd.xyz
2 www.google.com captcha-zoo.botd.xyz
www.gstatic.com
1 www.gstatic.com www.google.com
8 3

This site contains no links.

Subject Issuer Validity Valid
botd.xyz
E5		 2024-10-10 -
2025-01-08		 3 months crt.sh
*.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://captcha-zoo.botd.xyz/
Frame ID: AA1F25B0E6A41F8A5B0D6CF3DA64D4F9
Requests: 5 HTTP requests in this frame

Frame: https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 9351B9D2B136EA86F75C272719E917D4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf6q80iAAAAAC_Li3MzOABBMnCsYTX5bse-MjUL&co=aHR0cHM6Ly9jYXB0Y2hhLXpvby5ib3RkLnh5ejo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=p8r2xfnr7y70
Frame ID: 8B927C7E4BA196DDDDFFBD63FA7DB8AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CAPTCHA Zoo

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

232 kB
Transfer

586 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
captcha-zoo.botd.xyz/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captcha-zoo.botd.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d09551994b7e7cd4111ec7856ebee306041c492a2b5bd1251d9a700b91ae5093

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status
MISS
cf-ray
8d05d62819cf974f-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 10 Oct 2024 10:13:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgi89H4Fcm8yM8MVfmhMBF0L7qBwm0BcinN4AtgtmitqCEl32uh1bu%2BmzCh87%2F%2B3MSl1E2Z43wcSFlpB57OczYmtb6Rj9Zfcv03xLu6odcT4%2Fp%2FL0VlRpPCVXTlsoNftWcXqpAEYKEw4AsOlkPvYO1lE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
api.js
www.google.com/recaptcha/ 		1 KB
994 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lf6q80iAAAAAC_Li3MzOABBMnCsYTX5bse-MjUL
Requested by
Host: captcha-zoo.botd.xyz
URL: https://captcha-zoo.botd.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da1a5962942f2d06e12430c538bf5b8094ac1b76975429d07893b73059292cad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://captcha-zoo.botd.xyz/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Thu, 10 Oct 2024 10:13:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Thu, 10 Oct 2024 10:13:13 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
recaptcha__de.js
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 		541 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf6q80iAAAAAC_Li3MzOABBMnCsYTX5bse-MjUL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://captcha-zoo.botd.xyz
Referer
https://captcha-zoo.botd.xyz/

Response headers

content-encoding
gzip
age
255
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 10:08:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 10 Oct 2024 10:08:58 GMT
last-modified
Mon, 23 Sep 2024 04:00:50 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
219745
x-xss-protection
0
server
sffe
main.js
captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 9351
Redirect Chain
  • https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
Requested by
Host: captcha-zoo.botd.xyz
URL: https://captcha-zoo.botd.xyz/
Protocol
H2
Server
2606:4700:20::681a:782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a112629662caf50e1770a76c759cecc02578bc8839ee10c7a47345578365c4d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VR%2Fud4TovjnPc6NKonOgQW9w0uvM5hsbp7hRkNOOWRHqZDkxHM2L4Pftbdw2t1V4UwffrKkRPdaN0%2FBgP4WL8WgPkjeABmUuxuKO5c5VwZxbDzBZlw8z5%2FrIYdAyRM%2Fal39pDHdvmvjy6GaFnmiOsJnF"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d05d62a1ce0974f-FRA
date
Thu, 10 Oct 2024 10:13:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mJLsXAebpe2fxn6erxsoUF1cY0OKnZAqM55aOCsBZSR2kzI6%2FHEOFnvIuQtFRH3zosRZjfqHjBRMkRkuTKXYv8djcGsMdM0ENXo1kcDbhT40bOxvX1Oskcv0URgYQxdrw7UHRbj%2FH3OjJEN5NdEdbr%2B"}],"group":"cf-nel","max_age":604800}
cf-ray
8d05d629dc8f974f-FRA
access-control-allow-origin
*
content-length
0
date
Thu, 10 Oct 2024 10:13:13 GMT
vary
Accept-Encoding
server
cloudflare
8d05d62819cf974f
captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9351 		0
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/8d05d62819cf974f
Requested by
Host: captcha-zoo.botd.xyz
URL: https://captcha-zoo.botd.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8d05d62b8f15974f-FRA
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
0
date
Thu, 10 Oct 2024 10:13:14 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnyxoEdyvIkK8nE3UrJQg6aY%2BstHPT1OHPGxpt8VTuoCu4vsnrZj5Dxwb%2FPZHDsbJKSFTPYpMa3jd7cLP0szx0fnWqQ4R2a03VnjEmRgcr8CKMFnCDcWi9lZULe5gGA9LGTcDVpeJs8R7MP996H1w%2FSF"}],"group":"cf-nel","max_age":604800}
anchor
www.google.com/recaptcha/api2/ Frame 8B92 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf6q80iAAAAAC_Li3MzOABBMnCsYTX5bse-MjUL&co=aHR0cHM6Ly9jYXB0Y2hhLXpvby5ib3RkLnh5ejo0NDM.&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=p8r2xfnr7y70
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oBIOz_Ohb8qASMc8riztjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://captcha-zoo.botd.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oBIOz_Ohb8qASMc8riztjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 10 Oct 2024 10:13:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.ico
captcha-zoo.botd.xyz/ 		34 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://captcha-zoo.botd.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e7195239a827b8020cc877a273637100faaaa803c09ef081217584600ae365

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://captcha-zoo.botd.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"favicon.1b9744cbb0.ico"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GsiUe0fK67%2F6nEvzgc2V5N%2FAvMxvPHhWvH%2BNXZTUibQsKieDVMtIZc5d4CIhrS3QprlS2YXghrEsbm5guS0dXLOUG9W%2Fs3LYddEicygu00nDjBSLkF5blKOXQWPTRJ%2Fam0ECUzckL4vJx%2BHMOchUO2io"}],"group":"cf-nel","max_age":604800}
cf-ray
8d05d62fbcb3974f-FRA
date
Thu, 10 Oct 2024 10:13:14 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
server
cloudflare
verify
captcha-zoo.botd.xyz/ 		137 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://captcha-zoo.botd.xyz/verify
Requested by
Host: captcha-zoo.botd.xyz
URL: https://captcha-zoo.botd.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:782 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51c948d484d24fb6e66737f9efb1f4e97fbaac7c166476a866f3035f0ea5e02e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://captcha-zoo.botd.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 10 Oct 2024 10:13:15 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
cross-origin-resource-policy
same-site
cf-ray
8d05d6323827974f-FRA
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
x-xss-protection
0
server
cloudflare

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onLoad function| handleRecaptcha object| recaptcha object| closure_lm_508190

2 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AGteOyrZ8Awn2pLA9ZqOngilUtebQHKwKSYJcNC0UjSzkeZS3EXZ9mhb3E6AA1Z01vWoH1SETztRQH2ujd8qBP4
.botd.xyz/ Name: cf_clearance
Value: F31opTsRovXzTgVTimYms417zaOORWRNnhLx5lOfdz0-1728555194-1.2.1.1-ujZsA2u1JDLCEA_N5vWiw0SgOz4Q2oWioyCGlhcz0.mZ8X_9RoUEgFmJe3fvKav.eZpleiO1swxp2fwrQFEoFzunAz542x5UgQeErJPElf8jeLexw3Hscx99oGXK3EIZvA65faNkNKH7culcD2HetjtxkbtbrDHZliHSRTfpDLBvq_mvZF2kYENJomJLUXeRrtdwo_7JgW2Q6kYE.dB4zVxROBMiQ2IK0z3cD3627.3K1LrQtWsWq1pe9I_dxf3lR03ksEM76WrZmaotBfjbLD6prGnT4Gzl6KYfHTInoi7Mpfg13OAhmtgyfkvM7Bqx6N6rtRytemGteaLofr5Etu_4Fgft6p66_bGOCBrAw0Kts.QASo.yzenHkGv2ffGK