It's hard to see what's sent over the wire (it's obfuscated), but the source gives you a good idea of what they're collecting. The biggie is the GA cookie which is running on over 10 million sites. Like any CAPTCHA, this is still breakable -- just load your actual cookies into Selenium or PhantomJS and replay your mouse movements. Of course, once you do that more than a couple times, you'll likely have to write a crawlers to generate fresh cookies. At that point, you may as well just break the visual CAPTCHA which is trivial anyway. Ie. You should still never use a CAPTCHA (http://www.onlineaspect.com/2010/07/02/why-you-should-never-...).
It's hard to see what's sent over the wire (it's obfuscated), but the source gives you a good idea of what they're collecting. The biggie is the GA cookie which is running on over 10 million sites. Like any CAPTCHA, this is still breakable -- just load your actual cookies into Selenium or PhantomJS and replay your mouse movements. Of course, once you do that more than a couple times, you'll likely have to write a crawlers to generate fresh cookies. At that point, you may as well just break the visual CAPTCHA which is trivial anyway. Ie. You should still never use a CAPTCHA (http://www.onlineaspect.com/2010/07/02/why-you-should-never-...).