Bypass Solution

Our solution automates solving challenges like sliding captchas and interstitial device checks, allowing seamless access to Datadome-protected websites.

How the Solution Works

To bypass Datadome’s protection, follow these steps:

Load the Challenge Page
Generate the Challenge Payload (using our API)
Post the Payload to retrieve the Datadome cookie.

In order to access any of our endpoint you'll need a valid API Key, either join our discord for a trial or puchase a plan

Build the challenge URL

post

Some websites redirect you to the challenge page directly, while others provide a dd dictionary in the response. In such cases, you need to build the challenge URL manually. Our /build endpoint simplifies this by constructing the URL for you.

Authorizations

x-api-keystringRequired

Body

htmlstringOptional

The HTML response content

datadomestringOptional

Your session's datadome cookie value

referrerstringOptional

The requested URL

Responses

200

application/json

400

Bad Request

application/json

401

Unauthorized

application/json

500

Internal Server Error

application/json

post

/build

POST /build HTTP/1.1
Host: datadome.takionapi.tech
x-api-key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 1327

{
  "html": "<html><head><title>footlocker.pt</title><style>#cmsg{animation: A 1.5s;}@keyframes A{0%{opacity:0;}99%{opacity:0;}100%{opacity:1;}}</style></head><body style=\"margin:0\"><p id=\"cmsg\">Please enable JS and disable any ad blocker</p><script data-cfasync=\"false\">var dd={'rt':'i','cid':'AHrlqAAAAAMAK1HHpFSn9fUAs2mALA==','hsh':'A55FBF4311ED6F1BF9911EB71931D5','b':1239798,'s':17434,'host':'geo.captcha-delivery.com'}</script><script data-cfasync='false'>window.pageName=(dd.rt==='i'?'device check':(dd.t==='fe'?'captcha':'block'));</script><script data-cfasync='false' src='https://assets.adobedtm.com/b714f0d8126e/b1fc23a898e9/launch-ec6a8b19468e.min.js'></script><script data-cfasync='false'>(function(){if(window.dd){var ecid=_satellite.getVisitorId().getMarketingCloudVisitorID(),orgId=_satellite.getVisitorId().marketingCloudOrgID;if(ecid&&orgId){var paramValue='MCMID='+ecid+'|'+'MCORGID='+orgId+'|'+'TS='+Math.floor(Date.now()/1000);window.dd.cp={name:'adobe_mc',value:paramValue};}}})();</script><script data-cfasync=\"false\" src=\"https://ct.captcha-delivery.com/i.js\"></script></body></html>",
  "datadome": "VYIKn29U1bbDJriauSK2IElXfDL2AZQvQG_UFam7DGpctXpBi6i_t8B~U6bP6Q945NHlzXVfmaLWqvHW_mCgQBwCG7~1_NonrM2M8aeKH8RNlSiscP946D~IucnyO25i",
  "referrer": "https://www.footlocker.pt/en/product/~/314206535404.html"
}

{
  "url": "https://geo.captcha-delivery.com/interstitial/?initialCid=...",
  "challenge_type": "interstitial"
}

Solve the challenge

post

After loading the challenge page, our /solve endpoint generates the required payload to post and obtain the Datadome cookie.

After loading a challenge url, you'll just need to pass the response text to our api to get the challenge solved, no matter the type of it.

The API will return you the needed payload for the cookie generating request.

Authorizations

x-api-keystringRequired

Header parameters

User-AgentstringOptional

The user-agent string of your browser or client. We highly suggest to pass it.

Sec-Ch-UastringOptional

Optional client hints header used by browsers for content negotiation.

Accept-LanguagestringOptional

The Accept-Language header indicating the user's preferred languages. We highly suggest to pass it.

Body

htmlstringOptional

The HTML of the challenge page

Responses

200

application/json

400

Bad Request

application/json

401

Unauthorized

application/json

500

Internal Server Error

application/json

post

/solve

POST /solve HTTP/1.1
Host: datadome.takionapi.tech
x-api-key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 9673

{
  "html": "<!DOCTYPE html>\n<html lang=\"en\"  style=\"background-color:#ffffff\">\n    <head>\n        <title>You have been blocked</title>\n<!--[if !mso]>\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\"></meta>\n<![endif]-->\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=UTF-8\">\n<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0, minimum-scale=1.0, maximum-scale=5.0\">\n<meta name=\"robots\" content=\"noindex\">\n\n<link rel=\"preconnect\" href=\"https://js.datadome.co\">\n<link rel=\"preconnect\" href=\"//static.captcha-delivery.com\">\n<link rel=\"preconnect\" href=\"https://api-js.datadome.co\">\n            <link rel=\"preload\" href=\"https://dd.prod.captcha-delivery.com/image/2024-07-05/0bdc30a9146e4316cd7586b6438cbeb6.jpg\" as=\"image\" crossorigin=\"anonymous\">\n            <link rel=\"preload\" href=\"https://dd.prod.captcha-delivery.com/image/2024-07-05/0bdc30a9146e4316cd7586b6438cbeb6.frag.png\" as=\"image\" crossorigin=\"anonymous\">\n\n    <link rel=\"stylesheet\" href=\"//static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css\"/>\n        <button id=\"human-contact-form-submit\" type=\"submit\" class=\"captcha__contact__submit\" data-dd-captcha-contact-submit>\n            Send\n        </button>\n        <img\n            data-dd-captcha-humanLoader\n            id=\"human-contact-form-loader\"\n            class=\"captcha__human__loader\"\n            src=\"//static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/loading_spinner.gif\"\n            alt=\"Loading...\"\n            style=\"display: none\"\n            loading=\"lazy\"\n        >\n    </form>\n    <div data-dd-human-contact-form-submit-success id=\"human-contact-form-submit-success\" class=\"captcha__contact_support_success\" style=\"display: none\" role=\"status\"><p class=\"no-margin\">Your message has been sent.</p></div>\n    <div data-dd-human-contact-form-submit-failure id=\"human-contact-form-submit-failure\" class=\"captcha__contact_support_failure\" style=\"display: none\" role=\"alert\"><p class=\"no-margin\">An error has occurred...</p></div>\n</div>\n\n    </div>\n</div>\n\n                <div class=\"captcha__footer\" data-dd-captcha-footer>\n    <div class=\"captcha__footer__container\" data-dd-captcha-footer-container>\n    </div>\n</div>\n        </div>\n\n    <script>\n\n        !function r(t,e,n){function a(u,i){if(!e[u]){if(!t[u]){var h=\"function\"==typeof require&&require;if(!i&&h)return h(u,!0);if(o)return o(u,!0);var c=new Error(\"Cannot find module '\"+u+\"'\");throw c.code=\"MODULE_NOT_FOUND\",c}var s=e[u]={exports:{}};t[u][0].call(s.exports,(function(r){return a(t[u][1][r]||r)}),s,s.exports,r,t,e,n)}return e[u].exports}for(var o=\"function\"==typeof require&&require,u=0;u<n.length;u++)a(n[u]);return a}({1:[function(r,t,e){window.ddExecuteCaptchaChallenge=function(r,t){function e(r,t,e){this.seed=r,this.currentNumber=r%t,this.offsetParameter=t,this.multiplier=e,this.currentNumber<=0&&(this.currentNumber+=t)}e.prototype.getNext=function(){return this.currentNumber=this.multiplier*this.currentNumber%this.offsetParameter,this.currentNumber};for(var n=[function(r,t){var e=26157,n=0;if(s=\"VEc5dmEybHVaeUJtYjNJZ1lTQnFiMkkvSUVOdmJuUmhZM1FnZFhNZ1lYUWdZWEJ3YkhsQVpHRjBZV1J2YldVdVkyOGdkMmwwYUNCMGFHVWdabTlzYkc5M2FXNW5JR052WkdVNklERTJOMlJ6YUdSb01ITnVhSE0\",navigator.userAgent){for(var a=0;a<s.length;a+=1%Math.ceil(1+3.1425172/navigator.userAgent.length))n+=s.charCodeAt(a).toString(2)|e^t;return n}return s^t},function(r,t){for(var e=(navigator.userAgent.length<<Math.max(r,3)).toString(2),n=-42,a=0;a<e.length;a++)n+=e.charCodeAt(a)^t<<a%3;return n},function(r,t){for(var e=0,n=(navigator.language?navigator.language.substr(0,2):void 0!==navigator.languages?navigator.languages[0].substr(0,2):\"default\").toLocaleLowerCase()+t,a=0;a<n.length;a++)e=((e=((e+=n.charCodeAt(a)<<Math.min((a+t)%(1+r),2))<<3)-e+n.charCodeAt(a))&e)>>a;return e}],a=new e(function(r){for(var t=126^r.charCodeAt(0),e=1;e<r.length;e++)t+=(r.charCodeAt(e)*e^r.charCodeAt(e-1))>>e%2;return t}(r),1723,7532),o=a.seed,u=0;u<t;u++){o^=(0,n[a.getNext()%n.length])(u,a.seed)}window.ddCaptchaChallenge=o}},{}]},{},[1]);\nwindow.ddExecuteCaptchaChallenge( \"8~~e2uCZ6VEIA80CKauUcJd4858APR2_aPI0m7lVU5AeveMh7h98fFKRvUTswvUGdnWVY7pR7IFPW_s2eYtxdH7EaQKIorTeeEUFuFsL6La_wT1DijkeNpHU487mGrae\" , 10);\n        var startTime = Date.now();\n\nvar ddm = {\n    cid:  '8~~e2uCZ6VEIA80CKauUcJd4858APR2_aPI0m7lVU5AeveMh7h98fFKRvUTswvUGdnWVY7pR7IFPW_s2eYtxdH7EaQKIorTeeEUFuFsL6La_wT1DijkeNpHU487mGrae' ,\n    hash:  'EC3B9FB6F2A31D3AF16C270E6531D2' ,\n    ua:  'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36' ,\n    s:  '43337' \n};\n\nvar htmlDecode = function(input) {\n    if (!input) {\n        return '';\n    }\n    var res = new DOMParser().parseFromString(input, 'text/html');\n    return res ? res.documentElement.textContent : input;\n};\nddm.referer = htmlDecode( 'https://www.footlocker.pt/en/product/~/314206535404.html' );\n\nwindow.captchaCallback = function() {\n    var cid = ddm.cid;\n    var hash = ddm.hash;\n\n    if (window.ga && ga.create) {\n        ga('send', 'event', 'Challenge', 'Access to website', 'JSKey: ' + hash + ' - ClientId: ' + cid);\n    }\n\n\n    var re = new RegExp(\"datadome=([^;]+)\");\n    var value = re.exec(document.cookie);\n    var ccid = (value != null) ? unescape(value[1]) : null;\n\n    var parentFrameUrl = (window.location != window.parent.location) ? document.referrer : document.location.href;\n\n    var url = \"/captcha/check?\";\n    var getRequest = 'cid=' + encodeURIComponent(cid);\n    getRequest += '&icid=' + encodeURIComponent( 'AHrlqAAAAAMA87i-keBJuloAs2mALA==' );\n    getRequest += '&ccid=' + encodeURIComponent( 'VYIKn29U1bbDJriauSK2IElXfDL2AZQvQG_UFam7DGpctXpBi6i_t8B~U6bP6Q945NHlzXVfmaLWqvHW_mCgQBwCG7~1_NonrM2M8aeKH8RNlSiscP946D~IucnyO25i' );\n    getRequest += '&userEnv=' + encodeURIComponent( '1c189c99776f2c393d87a0edd5c892d28c7caafcaf1afd2f739a0abe682515a8' );\n    getRequest += '&dm=' + encodeURIComponent( 'cd' );\n\n\n        getRequest += '&ddCaptchaChallenge=' + encodeURIComponent( '0bdc30a9146e4316cd7586b6438cbeb6' );\n        if (window.captchaResponse) {\n            getRequest += '&ddCaptchaResponse=' + encodeURIComponent(window.captchaResponse);\n        } else if (window.captchaEncodedPayload) {\n            getRequest += '&ddCaptchaEncodedPayload=' + encodeURIComponent(window.captchaEncodedPayload);\n        }\n        getRequest += '&ddCaptchaEnv=' + encodeURIComponent( '166cbfd8e7da33822453c0728641a49a78c5bc4ba1b3f4e63b14e1dcdffa34936dde8f91d0386403772f288fa5ef79ccdfff87539919b85d6486389c0ddad0cc2926432beca65184dc1797fdf16a0fda' );\n        getRequest += '&ddCaptchaAudioChallenge=' + encodeURIComponent( '09911e5d7fc2d898ed8ad8d762ef6a8d' );\n\n    getRequest += '&hash=' + encodeURIComponent(hash);\n    getRequest += '&ua=' + encodeURIComponent(ddm.ua);\n    getRequest += '&referer=' + encodeURIComponent(ddm.referer);\n    getRequest += '&parent_url=' + encodeURIComponent(parentFrameUrl);\n    getRequest += '&x-forwarded-for=' + encodeURIComponent( '' );\n    if (window.ddCaptchaChallenge) {\n        getRequest += '&captchaChallenge=' + encodeURIComponent(window.ddCaptchaChallenge);\n    }\n    getRequest += '&s=' + encodeURIComponent(ddm.s);\n    getRequest += '&ir=' + encodeURIComponent( '' );\n\n    var request = new XMLHttpRequest();\n    request.open(\n        'GET',\n        url + getRequest,\n        true\n    );\n\n    request.setRequestHeader(\"Content-Type\", \"application/x-www-form-urlencoded; charset=UTF-8\");\n    var captcha = sliderCaptcha({\n    id: 'ddv1-captcha-container',\n    audioId: 'captcha__audio',\n    repeatIcon: 'fa fa-redo',\n    captchaChallengeSeed: '0bdc30a9146e4316cd7586b6438cbeb6',\n    captchaChallengePath: 'https://dd.prod.captcha-delivery.com/image/2024-07-05/0bdc30a9146e4316cd7586b6438cbeb6.jpg',\n    captchaAudioChallenge: '09911e5d7fc2d898ed8ad8d762ef6a8d',\n    captchaAudioChallengePath: 'https://dd.prod.captcha-delivery.com/audio/2024-07-05/en/09911e5d7fc2d898ed8ad8d762ef6a8d.wav',\n    width: 280,\n    height: 155,\n    sliderL: 42,\n    sliderR: 9,\n    offset: 5,\n    maxLoadCount: 3,\n    rt: 15,\n    imagePath: \"/images-encoded\",\n    labels: {\n        title: 'Complete the CAPTCHA.',\n        puzzleLoading: 'Loading...',\n        puzzleIntro: 'Slide right to complete the puzzle.',\n        puzzleFailure: 'The position of the slider is not correct.',\n        puzzleSuccess: 'Puzzle solved in ## seconds.',\n        puzzleRetry: 'Retry',\n        puzzleRetryHidden: 'Retry the verification',\n        audioIntro: 'Please type the numbers you hear.',\n        audioPlay: 'Listen to the numbers to write',\n        audioVerify: 'Verify',\n        audioFailure: 'Incorrect response.',\n        audioSuccess: 'Audio challenge solved.',\n        switchToPuzzle: 'Switch to the visual verification',\n        switchToAudio: 'Switch to the audio verification',\n        reload: 'Reload the verification',\n        offline: 'No Internet access'\n    }\n});\n\n\n    document.addEventListener(\"DOMContentLoaded\", function() {\n            var responseType = 'captcha';\n        if (window.parent && window.parent.postMessage){\n            window.parent.postMessage(JSON.stringify({eventType:'load', 'responseType': responseType, 'responseUrl': window.location.href}), '*');\n        }\n    });\n\n</script>\n\n\n    </body>\n</html>\n"
}

{
  "url": "https://geo.captcha-delivery.com/...",
  "payload": {},
  "method": "POST"
}

Important Notices

Payload generation is fast, typically 0.5 to 2.5 seconds.
Cookie retrieval: While our API generates the payload, you must handle the post request and interactions with the website.
HTTP/2 & Headers: Ensure you use HTTP/2 and a valid set of headers, matching a real browser for successful navigation and payload posting.

PreviousDatadome NextExample Implementations

Last updated 1 year ago

Was this helpful?