@arunisaac It serves a static CAPTCHA in an iframe, which returns a token when submitted (if correct). You manually copy and paste that token into a textarea below the iframe, and submit that.

At least that's how it used to work---it's hard to tell now what CAPTCHAs I'm being served. I'm usually dealing with CloudFlare now, which uses some sort of Google CAPTCHA, and does the same thing. This is usually a grid of images and you check whichever ones it asks for.

[Aside: I used someone else's computer recently and saw what happens when JavaScript is enabled (I had never seen it before). It asked me to click to verify that I'm not a robot or w/e, but then asked me to select from a grid of images. But it was _harder_ to solve than the non-JS, static version: you'd select images and they'd disappear and new ones would show. So rather than 3 or 4 images, I was selecting what must have been closed to 10. I guess sometimes it just works without asking the user to select images.]