# captcha.usmql.net — SUSPICIOUS

> captcha.usmql.net is under investigation for phishing. Avoid interacting with this domain and verify sources to protect your personal data.

## Summary
PhishDestroy identifies captcha.usmql.net as an active phishing domain posing potential risk to users. While no antivirus vendors currently detect this threat, the domain's recent registration and suspicious usage patterns warrant caution.

The domain resolves to IP 104.21.64.72 and was registered on February 12, 2026, through Cloudflare, Inc., a common registrar exploited by threat actors for anonymity. Despite zero detections on VirusTotal, its infrastructure characteristics align with phishing campaigns.

Status remains under investigation. Users are advised to avoid clicking links or submitting information on captcha.usmql.net. Organizations should monitor related traffic and update filters accordingly to mitigate exposure.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: alive (HTTP 403)

## Domain Intelligence
- Registered: 2026-02-12 19:24:37
- Registrar: Cloudflare, Inc.
- Country: US
- IP: 104.21.64.72
- Nameservers: bradley.ns.cloudflare.com dolly.ns.cloudflare.com

## Detection Status
- VirusTotal: 1 vendors flagged
  Vendors: []
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Screenshot: https://i.ibb.co/9k1dfhvN/c2ac565d52fe.png
- Cloudflare Radar: https://radar.cloudflare.com/scan/dba893a0-b8a7-453d-99a9-04c21de343a1
- PhishDestroy: https://phishdestroy.io/domain/captcha.usmql.net/
- LLM endpoint: https://phishdestroy.io/domain/captcha.usmql.net/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/captcha.usmql.net/
Last updated: 2026-03-19