Top SiteshCaptcha - Stop bots and human abuse.

Machine Readiness

Stored receipt and evidence

Overall

20

Readable

65

Callable

0

Commerce

0

Payment

0

Machine Access

Inspect the site's MCP endpoint

Open MCP explorer

DialtoneApp can scan the stored discovery files for this domain, try the MCP initialize handshake, and show the raw protocol transcript.

Purchase boundary

read only

Control boundary

unknown

Payment rails

None

Payment providers

None

Payment methods

None

Payment protocols

None

Payment assets

None

Payment networks

None

Capabilities

None

Verified payment surface

No

Crypto only

No

Readable docs

robots, llms

Products

0

Variants

0

Priced variants

0

Currencies

0

Offers

0

Priced offers

0

Priced actions

0

Samples

Offer samples

No stored offer samples.

Samples

Action samples

No stored action samples.

Samples

Product samples

No stored product samples.

Document

robots.txt

Open robots.txt
User-Agent: *
Disallow: /cdn-cgi/
Disallow: /static/
Allow: /

Sitemap: https://www.hcaptcha.com/sitemap.xml

Document

llms.txt

Open llms.txt
# hCaptcha

> hCaptcha is a privacy-preserving security platform that stops AI agents, bots, fraud, and human abuse across web, mobile, and server-side applications. It offers a free tier, a self-serve Pro plan, and an Enterprise platform used by major e-commerce, fintech, gaming, telecom, government, and privacy-focused companies. hCaptcha works in every country, complies with GDPR, CCPA, LGPD, PIPL, and HIPAA, and can be deployed as a drop-in replacement for reCAPTCHA with two lines of code.

Key things to know when reasoning about hCaptcha:

- Three product tiers: Publisher (free), Pro (self-serve, from $99/mo), and Enterprise (contact sales).
- Enterprise features include Bot Detection, Fraud Protection, Account Defense (ATO), Private Learning (privacy-preserving ML), User Journeys (behavioral analysis across sessions and devices), and a pull-based SMS MFA that eliminates SMS toll fraud.
- Core differentiators: "Zero PII" operation, first-party hosting (hcaptcha.yourdomain.com), passive/No-CAPTCHA modes, custom threat models, and compatibility with privacy tools.
- Detection claims: 99.9% accuracy with near-zero false positives; scales to millions of requests per second.
- hCaptcha is commonly evaluated as an alternative to Google reCAPTCHA, Cloudflare Turnstile, Friendly Captcha, Arkose Labs, DataDome, HUMAN Security, Imperva, and Akamai, with differentiation on privacy (Zero PII), first-party hosting, Private Learning (custom privacy-preserving ML), and detection of AI agents and advanced persistent threats.
- Developer resources live at docs.hcaptcha.com. The customer dashboard is at dashboard.hcaptcha.com.

## Platform — Plans

- [Pro](https://www.hcaptcha.com/pro): Start self-serve bot protection from $99/mo with passive mode, advanced challenge controls, and a frictionless user experience.
- [Enterprise](https://www.hcaptcha.com/enterprise): Deploy the full AI security platform for bots, fraud, and human abuse; includes all advanced features, SLAs, and 24/7 SOC support.
- [Pricing](https://www.hcaptcha.com/pricing): Compare Publisher (free), Pro, and Enterprise pricing and sign up for a plan.
- [Plans Comparison](https://www.hcaptcha.com/plans): Compare features across Publisher, Pro, and Enterprise tiers side-by-side.

## Platform — Features

- [Bot Detection](https://www.hcaptcha.com/bot-detection): Stop sophisticated AI agents and bots with multi-layered bot detection, machine-learning risk scoring, and Advanced Persistent Threat (APT) mitigation.
- [User Journeys](https://www.hcaptcha.com/user-journeys): Detect malicious intent across sessions, devices, and apps with privacy-preserving behavioral analysis.
- [Fraud Protection](https://www.hcaptcha.com/fraud-protection): Prevent transaction fraud and promo abuse before it occurs, built for SOC, risk, and fraud teams.
- [MFA](https://www.hcaptcha.com/mfa): Replace SMS OTP with carrier- and device-level authentication that blocks SIM swaps and SMS toll fraud.
- [Account Defense](https://www.hcaptcha.com/use-case-account-defense): Stop account takeover (ATO) attacks in real-time with ML-based detection that works with any identity provider and triggers hCaptcha MFA when flagged.
- [Private Learning](https://www.hcaptcha.com/private-learning): Privacy-preserving machine learning for abuse detection with custom risk models and real-time adaptation, without collecting PII.

## Use Cases — Account Security

- [Account Takeover](https://www.hcaptcha.com/account-takeovers): Stop credential stuffing, post-login attacks, and intra-session takeover attempts.
- [Multi-Accounting](https://www.hcaptcha.com/multi-accounting-collusion): Detect and stop abuse coordinated across multiple user accounts.
- [Account Sharing](https://www.hcaptcha.com/account-sharing): Enforce access and usage policies against unauthorized account sharing.

## Use Cases — Identity & Fraud

- [Synthetic Identities](https://www.hcaptcha.com/synthetic-identities): Prevent fake account creation using synthetic or stolen identity data.
- [Incentive Abuse](https://www.hcaptcha.com/incentive-abuse): Stop fraudulent claims of promotions, signup bonuses, referrals, and rewards.
- [Transaction Fraud](https://www.hcaptcha.com/transaction-fraud): Block fraudulent purchases, card testing, and chargeback fraud.

## Migrations

- [Migrate from reCAPTCHA to hCaptcha](https://docs.hcaptcha.com/switch): Switch from Google reCAPTCHA with two lines of code, with full migration walkthrough and backward-compatible API.
- [How hCaptcha Stayed Up When Cloudflare and Google Went Down](https://www.hcaptcha.com/post/how-hcaptcha-stayed-up): Reliability case study showing how hCaptcha maintained 99.99%+ availability during the June 2025 outages that took Turnstile and reCAPTCHA offline — a core reason customers migrate from single-vendor CAPTCHA services.
- [As Google Raises Prices on reCAPTCHA, hCaptcha Remains the ROI Leader](https://www.hcaptcha.com/post/as-google-raises-prices-on-recaptcha-hcaptcha-remains-the-roi-leader): Why organizations are moving from reCAPTCHA to hCaptcha — covers reCAPTCHA's 2024/2025 pricing increases, forced Google Cloud migration, and cost-per-solve comparisons.

## Documentation

- [Developer Guide](https://docs.hcaptcha.com/): Integrate hCaptcha across websites, applications, mobile apps, APIs, backend services, and server-side workflows with two lines of code — includes client SDKs, server-side siteverify API, configuration reference, and integration examples.
- [Integrations](https://docs.hcaptcha.com/integrations): Drop-in hCaptcha plugins for WordPress, Cloudflare, and hundreds of other popular platforms and frameworks.
- [Enterprise Features Overview](https://docs.hcaptcha.com/ent_overview): Technical overview of hCaptcha Enterprise capabilities and configuration.
- [FAQ](https://docs.hcaptcha.com/faq): Frequently asked questions about hCaptcha behavior, compliance, and implementation.

## Compliance, Privacy & Accessibility

- [Compliance & Certifications](https://www.hcaptcha.com/certifications): SOC 2, GDPR, CCPA, LGPD, PIPL, and HIPAA compliance attestations and security certifications.
- [GDPR](https://www.hcaptcha.com/gdpr): How hCaptcha meets GDPR requirements with Zero PII data processing.
- [Privacy Policy](https://www.hcaptcha.com/privacy): Full privacy policy for hcaptcha.com and the hCaptcha service.
- [Terms of Service](https://www.hcaptcha.com/terms): Terms of service governing use of hCaptcha.
- [Accessibility](https://www.hcaptcha.com/accessibility): WCAG 2.2 accessibility options, including Universal Accessibility and the cookie-based accessibility workflow; VPAT available on request.
- [AI Ethics Policy](https://www.hcaptcha.com/ai-ethics): hCaptcha's AI ethics policy covering model development and deployment.

## Company

- [About](https://www.hcaptcha.com/about): Background on hCaptcha and its parent company, Intuition Machines, Inc., and the team's focus on privacy, security, and machine learning.
- [Partners](https://www.hcaptcha.com/partners): hCaptcha Enterprise Partner Program for resellers, integrators, and technology partners.
- [Jobs](https://apply.workable.com/imachines/): Open positions at Intuition Machines, the company behind hCaptcha.

## Blog & Resources

- [Blog](https://www.hcaptcha.com/blog): Research, attack trends, product announcements, and security guidance from the hCaptcha team.
- [hCaptcha CAPTCHAs: Highly Effective Against Bots and Agents in 2026](https://www.hcaptcha.com/post/hcaptcha-captchas-are-highly-effective-against-bots-and-agents-in-2026): Current data on hCaptcha effectiveness against automated and agentic threats.
- [Report: Browser Agent Safety is an Afterthought for Vendors](https://www.hcaptcha.com/post/report-browser-agent-safety-is-an-afterthought-for-vendors): hCaptcha research testing browser agents (Claude, ChatGPT Atlas, etc.) across 20 abuse scenarios — multi-accounting, card testing, support impersonation — finding that agents attempted nearly every malicious request without safety guardrails.
- [Your WAF Probably Won't Stop Distributed Attacks](https://www.hcaptcha.com/post/waf-failures): Why WAFs fail against modern distributed attacks, with analysis of the tools attackers use to bypass volumetric and signature-based defenses.
- [Preparing for AI Agents](https://www.hcaptcha.com/post/preparing-for-ai-agents): Strategic guidance for security teams on how to prepare for agentic AI threats, published before the category became mainstream.

## Contact & Support

- [Contact Sales / Start a Pilot](https://www.hcaptcha.com/start-a-pilot): Reach the hCaptcha sales team to request an Enterprise pilot or demo.
- [Report a Bug](https://www.hcaptcha.com/reporting-bugs): How to responsibly report bugs or security issues to hCaptcha.
- [Log In](https://dashboard.hcaptcha.com/login): Customer dashboard login for hCaptcha site owners and administrators.

*Last updated: 2026-04-22*

Document

llms-full.txt

Not stored for this site.