urlscan.io logo urlscan.io
SecurityTrails logo

wehatecaptchas.com Open in urlscan Pro
2606:4700:3036::ac43:8d5a  Public Scan

Go To Rescan Add Verdict Report
URL: https://wehatecaptchas.com/
Submission Tags: phishingrod
Submission: On February 14 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3036::ac43:8d5a, located in United States and belongs to CLOUDFLARENET, US. The main domain is wehatecaptchas.com.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.
This is the only time wehatecaptchas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 140.82.121.3 36459 (GITHUB)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.199.110.154 54113 (FASTLY)
10 6
4    2606:4700:3036::ac43:8d5a (United States)

ASN13335 (CLOUDFLARENET, US)
wehatecaptchas.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    140.82.121.3 (Frankfurt am Main, Germany)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-3-fra.github.com
gist.github.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    185.199.110.154 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-154.github.com
github.githubassets.com
Apex Domain
Subdomains		 Transfer
4 wehatecaptchas.com
wehatecaptchas.com
5 KB
2 github.com
gist.github.com — Cisco Umbrella Rank: 49679
12 KB
1 githubassets.com
github.githubassets.com — Cisco Umbrella Rank: 9543
11 KB
1 gstatic.com
fonts.gstatic.com
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
800 B
10 5
Domain Requested by
4 wehatecaptchas.com wehatecaptchas.com
2 gist.github.com wehatecaptchas.com
1 github.githubassets.com gist.github.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com wehatecaptchas.com
10 5

This site contains links to these domains. Also see Links.

Domain
gist.github.com
github.com
cohan.dev
Subject Issuer Validity Valid
wehatecaptchas.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.github.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-16 -
2024-03-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.githubassets.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-28 -
2024-09-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wehatecaptchas.com/
Frame ID: 57EF7125367CF0EE2FDA33212E093E2C
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

wehatecaptchas

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

90 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

38 kB
Transfer

93 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wehatecaptchas.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wehatecaptchas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ec12c6481323baf24ef50cf4d279f6d04586a4e3fe49df9171df23cfe52d398
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85591c366e2122bc-CDG
content-encoding
br
content-type
text/html
date
Wed, 14 Feb 2024 23:32:24 GMT
last-modified
Sun, 11 Feb 2024 06:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOgcS4%2FMw6OASRNQP0BtNwZYJJjXKx9AgUwbIKnlIrkYZOfHgZqi8MorV63jdQ779MVXRmstv45zEzy9bq%2FxVM6KuIY2CbR6MAmaB09qjYF9N7lJOqyprdiqJFja0%2Bx4fWQ79ZdVsA4%2Fnax6lDWPc9Q%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubdomains
vary
Accept-Encoding
css
fonts.googleapis.com/ 		770 B
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Gayathri&display=swap
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
059ca98f9b4199184d8b017385fc98409d16887f9a3fcc51fa870bd54ffa43d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wehatecaptchas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Feb 2024 23:32:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 23:32:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Feb 2024 23:32:24 GMT
style.css
wehatecaptchas.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wehatecaptchas.com/style.css
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f106bd1579363abd6e050bab037e152531e325eaaeca5f6f8b75b6ed93ae384d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wehatecaptchas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 23:32:24 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 11 Feb 2024 06:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bfa-61114e4ecb480"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sOxOAM6P681ujV%2B99drDX2Pqs8UZ3aiK8BxHYxxRkbQ4viNErcZDMn5r0wliYb%2BiAUtcclji%2F31xPCiJT7paKqNMtpJuamkHy718PofkTYG7GerRQKECDrw1wMuX4kZICBwyGmiVpO5hP6STaRSUyY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
85591c36be4e22bc-CDG
alt-svc
h3=":443"; ma=86400
baf91e94c3a82cdb66f7044520ab2789.js
gist.github.com/cohan/ 		10 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/cohan/baf91e94c3a82cdb66f7044520ab2789.js
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.82.121.3 Frankfurt am Main, Germany, ASN36459 (GITHUB, US),
Reverse DNS
lb-140-82-121-3-fra.github.com
Software
GitHub.com /
Resource Hash
87ba47511e4328472647ea6be75f8a6e9fb55a1df36ce91439ebbafcff47e38d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wehatecaptchas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 23:32:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-encoding
gzip
content-length
1836
x-xss-protection
0
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
GitHub.com
x-github-request-id
CB5E:543AA:70B20F9:7238BD6:65CD4D88
etag
W/"87ba47511e4328472647ea6be75f8a6e"
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options
deny
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
ed5345ec260d1c3a684857c5cf387ccf.js
gist.github.com/cohan/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gist.github.com/cohan/ed5345ec260d1c3a684857c5cf387ccf.js
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
140.82.121.3 Frankfurt am Main, Germany, ASN36459 (GITHUB, US),
Reverse DNS
lb-140-82-121-3-fra.github.com
Software
GitHub.com /
Resource Hash
08adf91e3323171f16b1191ccccb44da9426c2805c8a021754fa494ac358cb63
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wehatecaptchas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 23:32:24 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-encoding
gzip
content-length
2202
x-xss-protection
0
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
GitHub.com
x-github-request-id
CB5E:543AA:70B20FB:7238BD7:65CD4D88
etag
W/"08adf91e3323171f16b1191ccccb44da"
vary
X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
x-frame-options
deny
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
captcha.js
wehatecaptchas.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wehatecaptchas.com/captcha.js
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:8d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47864757595f19c765c76053e448b40087d440c106c1d6a7717fd53b8616dde1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wehatecaptchas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 23:32:24 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 11 Feb 2024 06:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"dab-61114e4ecb480"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hznMit6NiOs%2F7aqpN0rXh1%2BXxssdWpAais5JSzJTQP4TJmGmYjSbwzgoLbzoY6bxr5so%2B%2B5gsgDeVPHcrSWfnsRY3eLcyE6aOtxmpk1jF9d0MbnDGsnovZ2XoYkZwfP8gnKMr8oc1Zzml9Er%2F7fBJy8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
85591c36be4f22bc-CDG
alt-svc
h3=":443"; ma=86400
MCoQzAb429DbBilWLLA_-p4.woff2
fonts.gstatic.com/s/gayathri/v17/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gayathri/v17/MCoQzAb429DbBilWLLA_-p4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gayathri&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f45a2169b3499a45e525425e0a75bf2fc73cda3d7eefe1123689d3d12940768e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wehatecaptchas.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:08:43 GMT
x-content-type-options
nosniff
age
62621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9288
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:32:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Feb 2025 06:08:43 GMT
gist-embed-c77408be8058.css
github.githubassets.com/assets/ 		51 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/gist-embed-c77408be8058.css
Requested by
Host: gist.github.com
URL: https://gist.github.com/cohan/baf91e94c3a82cdb66f7044520ab2789.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-154.github.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f247233b8af20c8ab3451a0257cd8eeff056b5776c674537e2b50306e6c8cda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wehatecaptchas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-fastly-request-id
7f00ae7218a8929bbf46c1661b94acb922467435
date
Wed, 14 Feb 2024 23:32:25 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000
age
1420191
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
10521
x-served-by
cache-iad-kjyo7100173-IAD, cache-fra-eddf8230060-FRA
last-modified
Tue, 05 Dec 2023 18:47:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DBF5C2AF9B4FBE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
9660, 466
api.php
wehatecaptchas.com/ 		135 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wehatecaptchas.com/api.php
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/captcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8d5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5871890306bd6f63cbdacc3e587a6bc046b4fe62dd005746c0709e78519784c1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubdomains

Request headers

Referer
https://wehatecaptchas.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDButhuou2mnMJnrR

Response headers

date
Wed, 14 Feb 2024 23:32:25 GMT
strict-transport-security
max-age=15724800; includeSubdomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPeoUc%2BN0p3y8KKuMO6J49HQgTpD0imBsCTIDtKOeW3KFdJGo1g9ye%2Fg06estTYPUo8xtEsIjA8aJr21zOyhiyGWtkHX%2FA0i5%2BnsByjl%2BunJoYd%2F0EHfNv%2ByIVNk60MgxAJkC42ukJNW5WvYyE4df1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
85591c386d4d3680-FRA
alt-svc
h3=":443"; ma=86400
6cde521d-c1b1-4108-9655-c59789f7cb02
https://wehatecaptchas.com/ 		62 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wehatecaptchas.com/6cde521d-c1b1-4108-9655-c59789f7cb02
Requested by
Host: wehatecaptchas.com
URL: https://wehatecaptchas.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d638c03eed17ddc2a0d5bc8762ee98db02fc5f54fbb78257000339d949b0bafe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
62
Content-Type
application/javascript

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| start string| originalText string| key

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubdomains