URL: https://dacaptcha.de/
Submission Tags: phishingrod
Submission: On April 08 via api from DE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2a01:4f8:210:11f1::2, located in Ehingen, Germany and belongs to HETZNER-AS, DE. The main domain is dacaptcha.de.
TLS certificate: Issued by R3 on April 7th 2024. Valid for: 3 months.
This is the only time dacaptcha.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2a01:4f8:210:... 24940 (HETZNER-AS)
6 2a01:4f8:172:... 24940 (HETZNER-AS)
23 2
Apex Domain
Subdomains
Transfer
17 dacaptcha.de
dacaptcha.de
1 MB
6 dalara.de
dacaptcha.dalara.de
my.dalara.de
captcha.dalara.de
40 KB
23 2
Domain Requested by
17 dacaptcha.de dacaptcha.de
3 captcha.dalara.de my.dalara.de
2 my.dalara.de dacaptcha.dalara.de
1 dacaptcha.dalara.de dacaptcha.de
23 4
Subject Issuer Validity Valid
dacaptcha.de
R3
2024-04-07 -
2024-07-06
3 months crt.sh
dalara.de
R3
2024-02-24 -
2024-05-24
3 months crt.sh

This page contains 1 frames:

Primary Page: https://dacaptcha.de/
Frame ID: 03C104C650A2FBE48DE9E4E5131F2A1F
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

daCaptcha | Nicht sichtbares Captcha für Websites | DSGVO Conform

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

4
Subdomains

2
IPs

1
Countries

1352 kB
Transfer

2352 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dacaptcha.de/
76 KB
19 KB
Document
General
Full URL
https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4 PleskLin
Resource Hash
5fe514ea9e8da6d6933ece122d3e51774516af0a8ae76b0dd2b2774cc8b264e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
must-revalidate, proxy-revalidate, private, no-cache, max-age=0
content-encoding
gzip
content-length
18880
content-type
text/html; charset=utf-8
date
Mon, 08 Apr 2024 11:45:40 GMT
etag
"33900f509ff5fa7b3f33cf26379a2951"
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-powered-by
PHP/8.3.4 PleskLin
bundled.css.css
dacaptcha.de/resources/css/cache/
241 KB
58 KB
Stylesheet
General
Full URL
https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
371ef5830bc2a841a4c06e9121dd9728629649200cb49ef2c6e1595cff2b00bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:40 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Apr 2024 16:28:45 GMT
server
nginx
etag
W/"660d83bd-3c205"
x-powered-by
PleskLin
content-type
text/css
bundled.js.js
dacaptcha.de/resources/js/cache/
878 KB
220 KB
Script
General
Full URL
https://dacaptcha.de/resources/js/cache/bundled.js.js?time=1712161725
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
053e006ccdb06d85c55d46b10f147848de78f56dc45cb9dab649b3ce6255da86
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:40 GMT
strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
br
last-modified
Wed, 03 Apr 2024 16:28:45 GMT
server
nginx
etag
W/"660d83bd-db926"
x-powered-by
PleskLin
content-type
application/javascript
dacaptcha.logo.o.svg
dacaptcha.de/resources/img/
5 KB
5 KB
Image
General
Full URL
https://dacaptcha.de/resources/img/dacaptcha.logo.o.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
02f5567696d9f7b28194bc624df88e0afa3395e82d5dec580682672339727824
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:40 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 02 Dec 2023 16:58:32 GMT
server
nginx
etag
"656b6238-1409"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
5129
dacaptcha-icons_europa.svg
dacaptcha.de/media/
3 KB
1 KB
Image
General
Full URL
https://dacaptcha.de/media/dacaptcha-icons_europa.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4, PleskLin
Resource Hash
667ca9ca03d540751bd79a70bdc1b0b3bb59e1331ef88acc6d8253345f313316
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:40 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Mon, 08 Apr 2024 11:45:40 GMT
server
nginx
x-powered-by
PHP/8.3.4, PleskLin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=3600, must-revalidate, proxy-revalidate, private
content-disposition
inline; filename="dacaptcha-icons_europa.svg";
accept-ranges
bytes
content-length
1117
dacaptcha-icons_gdpr.svg
dacaptcha.de/media/
11 KB
5 KB
Image
General
Full URL
https://dacaptcha.de/media/dacaptcha-icons_gdpr.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4, PleskLin
Resource Hash
15a41e74f17258fa785c0d7be854a4b2af9dfe4b4361c0a0d04c6bab97f86d20
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Mon, 08 Apr 2024 11:45:41 GMT
server
nginx
x-powered-by
PHP/8.3.4, PleskLin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=3600, must-revalidate, proxy-revalidate, private
content-disposition
inline; filename="dacaptcha-icons_gdpr.svg";
accept-ranges
bytes
content-length
4351
dacaptcha-icons_easy.svg
dacaptcha.de/media/
5 KB
2 KB
Image
General
Full URL
https://dacaptcha.de/media/dacaptcha-icons_easy.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4, PleskLin
Resource Hash
11a7462bd5fd99c0ddae8d7107068b6a7bb0584b8ec8f626cd6f655b47f983c7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Mon, 08 Apr 2024 11:45:41 GMT
server
nginx
x-powered-by
PHP/8.3.4, PleskLin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=3600, must-revalidate, proxy-revalidate, private
content-disposition
inline; filename="dacaptcha-icons_easy.svg";
accept-ranges
bytes
content-length
2171
dacaptcha-icons_madeingermany.svg
dacaptcha.de/media/
21 KB
7 KB
Image
General
Full URL
https://dacaptcha.de/media/dacaptcha-icons_madeingermany.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4, PleskLin
Resource Hash
668b2d187f43d131a6714ce831046c9b15f24ee61e7d58590ea1dedec8f8a59f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Mon, 08 Apr 2024 11:45:41 GMT
server
nginx
x-powered-by
PHP/8.3.4, PleskLin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=3600, must-revalidate, proxy-revalidate, private
content-disposition
inline; filename="dacaptcha-icons_madeingermany.svg";
accept-ranges
bytes
content-length
6779
dacaptcha.logo.i.svg
dacaptcha.de/resources/img/
5 KB
5 KB
Image
General
Full URL
https://dacaptcha.de/resources/img/dacaptcha.logo.i.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9bf2f3bb8b88183aa5282a80337ea853414b5d5326f37cf48af14e368048bf4f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 02 Dec 2023 16:58:32 GMT
server
nginx
etag
"656b6238-1409"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
5129
dalara.logo.i.svg
dacaptcha.de/resources/img/
6 KB
7 KB
Image
General
Full URL
https://dacaptcha.de/resources/img/dalara.logo.i.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a54c08bcf702297f070cde551c4d994ca3a51c04f01e80cbb4fb07957f6bbf37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 02 Dec 2023 16:45:05 GMT
server
nginx
etag
"656b5f11-1994"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
6548
dacaptcha
dacaptcha.dalara.de/api/scriptloader/
489 B
429 B
Script
General
Full URL
https://dacaptcha.dalara.de/api/scriptloader/dacaptcha?key=dkRjbUlLcU0/MU9zP1d1I3gkMzdhUG1DcVJNZnVOcVJm
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:172:3961::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.1.20
Resource Hash
ad860aa319b6c541db56c721c9375932a353b78c73abf5cf22a18466877f6037

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
Origin
https://dacaptcha.de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 08 Apr 2024 11:45:41 GMT
cache-control
max-age=604800, public
content-encoding
gzip
server
nginx
x-powered-by
PHP/8.1.20
content-type
application/javascript
dacaptcha.leaf.i.svg
dacaptcha.de/resources/img/
832 B
793 B
Image
General
Full URL
https://dacaptcha.de/resources/img/dacaptcha.leaf.i.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
14c45959a06bb8f826184304babbb4870947f591ab7186a8c954880b872b83af
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 09 Dec 2023 13:33:06 GMT
server
nginx
x-accel-version
0.01
etag
"340-60c13bdad7b38-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
content-length
535
dacaptcha-mybot.jpg
dacaptcha.de/media/
61 KB
62 KB
Image
General
Full URL
https://dacaptcha.de/media/dacaptcha-mybot.jpg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4, PleskLin
Resource Hash
dc446527252c7472c36f5c8a0f8a600c3c61d2e1604aa755279a0a5baffd89a6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Mon, 08 Apr 2024 11:45:41 GMT
server
nginx
x-powered-by
PHP/8.3.4, PleskLin
content-type
image/jpeg
cache-control
max-age=3600, must-revalidate, proxy-revalidate, private
content-disposition
inline; filename="dacaptcha-mybot.jpg";
accept-ranges
bytes
content-length
62839
Inter-VariableFont_slnt,wght.ttf
dacaptcha.de/resources/fonts/Inter/
731 KB
732 KB
Font
General
Full URL
https://dacaptcha.de/resources/fonts/Inter/Inter-VariableFont_slnt,wght.ttf
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2bc548145fb72b0ed4a918a222978e279bee02fb9a1f7dee50de242e9b6e2497
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Origin
https://dacaptcha.de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Fri, 01 Dec 2023 12:17:33 GMT
server
nginx
etag
"6569cedd-b6a24"
x-powered-by
PleskLin
content-type
application/x-font-ttf
accept-ranges
bytes
content-length
748068
Oswald-VariableFont_wght.ttf
dacaptcha.de/resources/fonts/Oswald/
150 KB
150 KB
Font
General
Full URL
https://dacaptcha.de/resources/fonts/Oswald/Oswald-VariableFont_wght.ttf
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
44183cbb51b13afdc0c3d9855348984f20a31082120db16c869c68d734312c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Origin
https://dacaptcha.de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Fri, 01 Dec 2023 12:17:37 GMT
server
nginx
etag
"6569cee1-25640"
x-powered-by
PleskLin
content-type
application/x-font-ttf
accept-ranges
bytes
content-length
153152
human-robot.webp
dacaptcha.de/images/webp_w1080/jpg/
22 KB
23 KB
Image
General
Full URL
https://dacaptcha.de/images/webp_w1080/jpg/human-robot.webp
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.3.4, PleskLin
Resource Hash
1fbba2640d480e298906a57f3e556949df4ffe585e3d80eb389e3f8419b62eb4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Wed, 03 Apr 2024 16:38:17 GMT
server
nginx
x-powered-by
PHP/8.3.4, PleskLin
content-type
image/webp
cache-control
max-age=3600, must-revalidate, proxy-revalidate, private
content-disposition
inline; filename="human-robot.webp";
accept-ranges
bytes
content-length
22756
dacaptcha
my.dalara.de/api/latestscriptname/
53 B
307 B
Fetch
General
Full URL
https://my.dalara.de/api/latestscriptname/dacaptcha?key=dkRjbUlLcU0/MU9zP1d1I3gkMzdhUG1DcVJNZnVOcVJm
Requested by
Host: dacaptcha.dalara.de
URL: https://dacaptcha.dalara.de/api/scriptloader/dacaptcha?key=dkRjbUlLcU0/MU9zP1d1I3gkMzdhUG1DcVJNZnVOcVJm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:172:3961::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.1.20
Resource Hash
23b91d6ef37451ceffa336ce8ed70ab1ed31bfc220a6f948b21cdef94776bcb0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/8.1.20
x-ratelimit-remaining
58
vary
Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://dacaptcha.de
cache-control
no-cache, private
access-control-allow-credentials
true
x-ratelimit-limit
60
icon.svg
dacaptcha.de/resources/
2 KB
2 KB
Image
General
Full URL
https://dacaptcha.de/resources/icon.svg
Requested by
Host: dacaptcha.de
URL: https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ce4912ae5332e98e3cc4431138e0eb629c2c3c8a70776e0388fb3c41d6391093
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/resources/css/cache/bundled.css.css?time=1712161725
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 02 Dec 2023 16:36:46 GMT
server
nginx
etag
"656b5d1e-67b"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
1659
favicon.ico
dacaptcha.de/resources/img/icons/
15 KB
15 KB
Other
General
Full URL
https://dacaptcha.de/resources/img/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:210:11f1::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e4e167975f2e8408c9b54625396018bbff2984efd9175b9c5b996a7a7fa858ac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
strict-transport-security
max-age=15768000; includeSubDomains
last-modified
Sat, 02 Dec 2023 15:38:18 GMT
server
nginx
etag
"656b4f6a-3aee"
x-powered-by
PleskLin
content-type
image/x-icon
accept-ranges
bytes
content-length
15086
dacaptchascript.3747ba44.js
my.dalara.de/storage/scripts/dacaptcha/
119 KB
36 KB
Script
General
Full URL
https://my.dalara.de/storage/scripts/dacaptcha/dacaptchascript.3747ba44.js
Requested by
Host: dacaptcha.dalara.de
URL: https://dacaptcha.dalara.de/api/scriptloader/dacaptcha?key=dkRjbUlLcU0/MU9zP1d1I3gkMzdhUG1DcVJNZnVOcVJm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:172:3961::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d8f9858a240c243042c01015fdb0e2bed21ce0faec51d0d7fb3bca2a75d9230a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://dacaptcha.dalara.de/
Origin
https://dacaptcha.de
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
last-modified
Tue, 13 Feb 2024 14:45:44 GMT
server
nginx
etag
W/"65cb8098-1ddca"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
expires
Wed, 08 May 2024 11:45:41 GMT
initializeCaptcha
captcha.dalara.de/api/
36 B
2 KB
XHR
General
Full URL
https://captcha.dalara.de/api/initializeCaptcha
Requested by
Host: my.dalara.de
URL: https://my.dalara.de/storage/scripts/dacaptcha/dacaptchascript.3747ba44.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:172:3961::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.1.20
Resource Hash
e5474318d309cc6c37ab83b8886e78cfbcbb59ed3e638f6b18f14a15b28e9561

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
X-dalara-api-key
dkRjbUlLcU0/MU9zP1d1I3gkMzdhUG1DcVJNZnVOcVJm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://dacaptcha.de/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/8.1.20
vary
Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://dacaptcha.de
cache-control
no-cache, private
access-control-allow-credentials
true
initializeCaptcha
captcha.dalara.de/api/
0
0
Preflight
General
Full URL
https://captcha.dalara.de/api/initializeCaptcha
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:172:3961::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.1.20
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-dalara-api-key,x-requested-with
Access-Control-Request-Method
GET
Origin
https://dacaptcha.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-dalara-api-key,x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://dacaptcha.de
access-control-max-age
0
cache-control
no-cache, private
date
Mon, 08 Apr 2024 11:45:41 GMT
server
nginx
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-powered-by
PHP/8.1.20
auth
captcha.dalara.de/api/captcha/broadcasting/
176 B
2 KB
XHR
General
Full URL
https://captcha.dalara.de/api/captcha/broadcasting/auth
Requested by
Host: my.dalara.de
URL: https://my.dalara.de/storage/scripts/dacaptcha/dacaptchascript.3747ba44.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:172:3961::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx / PHP/8.1.20
Resource Hash
4203564e7c2b5712bb89c5d443c1b20630841187077b0131fb10fc7f01797a93

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://dacaptcha.de/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Apr 2024 11:45:41 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/8.1.20
vary
Origin
content-type
application/json
access-control-allow-origin
https://dacaptcha.de
cache-control
no-cache, private
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| rex object| barbaIgnorePaths number| windowHeight number| windowHeightExtra boolean| safari boolean| mobile function| positionParallax function| animateParallax function| calculateHeight function| universalParallax function| cookiePN function| initTagsInput object| keys function| preventDefault function| preventDefaultForScrollKeys function| disableScroll function| enableScroll function| fadeBackgroundImages function| generalPN function| formPN function| $ function| jQuery object| barba object| relevancy object| mobiscroll function| moment object| dalaraDaCaptcha function| scrollToAnchor number| h object| videos number| playbackConst function| scrollPlay string| grc_site_key object| formGlobals function| Pusher function| axios object| Echo

2 Cookies

Domain/Path Name / Value
dacaptcha.de/ Name: PHPSESSID
Value: q3bn39j9mcu4n4djvs0b60bcot
dacaptcha.de/ Name: captchaId
Value: a32a7ea4-3c12-43c7-9042-c175b8312310

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.dalara.de
dacaptcha.dalara.de
dacaptcha.de
my.dalara.de
2a01:4f8:172:3961::2
2a01:4f8:210:11f1::2
02f5567696d9f7b28194bc624df88e0afa3395e82d5dec580682672339727824
053e006ccdb06d85c55d46b10f147848de78f56dc45cb9dab649b3ce6255da86
11a7462bd5fd99c0ddae8d7107068b6a7bb0584b8ec8f626cd6f655b47f983c7
14c45959a06bb8f826184304babbb4870947f591ab7186a8c954880b872b83af
15a41e74f17258fa785c0d7be854a4b2af9dfe4b4361c0a0d04c6bab97f86d20
1fbba2640d480e298906a57f3e556949df4ffe585e3d80eb389e3f8419b62eb4
23b91d6ef37451ceffa336ce8ed70ab1ed31bfc220a6f948b21cdef94776bcb0
2bc548145fb72b0ed4a918a222978e279bee02fb9a1f7dee50de242e9b6e2497
371ef5830bc2a841a4c06e9121dd9728629649200cb49ef2c6e1595cff2b00bf
4203564e7c2b5712bb89c5d443c1b20630841187077b0131fb10fc7f01797a93
44183cbb51b13afdc0c3d9855348984f20a31082120db16c869c68d734312c0f
5fe514ea9e8da6d6933ece122d3e51774516af0a8ae76b0dd2b2774cc8b264e4
667ca9ca03d540751bd79a70bdc1b0b3bb59e1331ef88acc6d8253345f313316
668b2d187f43d131a6714ce831046c9b15f24ee61e7d58590ea1dedec8f8a59f
9bf2f3bb8b88183aa5282a80337ea853414b5d5326f37cf48af14e368048bf4f
a54c08bcf702297f070cde551c4d994ca3a51c04f01e80cbb4fb07957f6bbf37
ad860aa319b6c541db56c721c9375932a353b78c73abf5cf22a18466877f6037
ce4912ae5332e98e3cc4431138e0eb629c2c3c8a70776e0388fb3c41d6391093
d8f9858a240c243042c01015fdb0e2bed21ce0faec51d0d7fb3bca2a75d9230a
dc446527252c7472c36f5c8a0f8a600c3c61d2e1604aa755279a0a5baffd89a6
e4e167975f2e8408c9b54625396018bbff2984efd9175b9c5b996a7a7fa858ac
e5474318d309cc6c37ab83b8886e78cfbcbb59ed3e638f6b18f14a15b28e9561