DataDome ACTIVE

tags.js telemetry + interstitial challenge solver.

Overview

DataDome protects sites using a combination of tags.js telemetry collection and interstitial challenge pages served from geo.captcha-delivery.com. VexSolver handles the full flow:

Extracts the DDJSKey from the target page
Runs tags.js in a Node.js VM to generate the telemetry payload
Posts it to DataDome's API
If the site triggers an interstitial or captcha page, solves it automatically (including Liverpool FC / Tidal-class strict targets via WebGL shader emulation + plv3 VM)
Returns the datadome cookie, ready to use

Cookies returned

› datadome — main session cookie (bound to proxy IP + UA)

Step 1 — Submit

curl -X POST https://api.vexsolver.com/api/solve \
  -H "X-API-Key: sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{"url":"https://www.leboncoin.fr/"}'

# → { "taskId": "..." }

Step 2 — Poll

curl -G "https://api.vexsolver.com/api/getTaskResult" \
  -H "X-API-Key: sk_live_..." \
  --data-urlencode "taskId=<taskId>"

# Retry every 1-2s until status != "pending".

With your own proxy (recommended for strict targets)

curl -X POST https://api.vexsolver.com/api/solve \
  -H "X-API-Key: sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://www.leboncoin.fr/",
    "proxy": "http://user:pass@your-proxy:8080"
  }'

Force fresh solve

curl -X POST https://api.vexsolver.com/api/solve \
  -H "X-API-Key: sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://www.leboncoin.fr/",
    "proxy": "http://user:pass@your-proxy:8080",
    "fresh": true
  }'

Poll result shape

{
  "success": true,
  "vendor": "datadome",
  "source": "dd_bypass",
  "target": "https://www.leboncoin.fr/",
  "attempts": 1,
  "cached": false,
  "elapsed_ms": 850,
  "solve_ms": 850,
  "solved_at": 1776997540,
  "expires_at": 1776998140,
  "ttl_sec": 600,
  "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36",
  "proxy_fp": "c1ff80d4d6d8",
  "proxy_used": "user:pass@your-proxy:8080",
  "cookies": "datadome=3y1u8zQxY2NpAbcD~DQUF...",
  "cookie_map": {
    "datadome": "3y1u8zQxY2NpAbcD~DQUF..."
  }
}

proxy_used tells you the exact session that minted the cookie. On strict DataDome tiers (e.g. UEFA tickets), our internal pool may rotate to find a trusted IP — always replay through the session listed in proxy_used, not the one you originally submitted.

Replay rules for DataDome cookies

DataDome binds the datadome cookie to the egress IP AND User-Agent used during the solve:

Replay through the proxy listed in proxy_used
Use the returned user_agent on your follow-up requests
DataDome cookies live ~10-20 min on clean proxies, much shorter on flagged IPs

Node.js Example

const API = "https://api.vexsolver.com";
const KEY = "sk_live_...";

// 1. Submit
const submit = await fetch(`${API}/api/solve`, {
  method: "POST",
  headers: { "X-API-Key": KEY, "Content-Type": "application/json" },
  body: JSON.stringify({
    url:   "https://www.leboncoin.fr/",
    proxy: "http://user:pass@your-proxy:8080",
  }),
});
const { taskId } = await submit.json();

// 2. Poll
let data;
for (let i = 0; i < 60; i++) {
  await new Promise(r => setTimeout(r, 2000));
  const r = await fetch(`${API}/api/getTaskResult?taskId=${taskId}`, {
    headers: { "X-API-Key": KEY },
  });
  data = await r.json();
  if (data.status !== "pending") break;
}
if (!data.success) throw new Error("solve failed");

// 3. Replay through the SAME proxy that minted the cookie
const page = await fetch("https://www.leboncoin.fr/", {
  headers: {
    Cookie: data.cookies,
    "User-Agent": data.user_agent,
  },
  // ...use the proxy listed in data.proxy_used
});
console.log(page.status);

Tested on

leboncoin, hermes, vinted, allegro, liverpoolfc, tidal, higgsfield, UEFA tickets (Champions League / Conference League) and every other DataDome-protected target. Strict sites pass via WebGL shader emulation + captcha plv3 support.

Strict-tier sites: bring your own proxy

DataDome scores every IP for trust. On strict-tier sites (e.g. hellyhansen, ubaldi, viator, vinted, allegro, superprof, viajesfalabella) DD's edge serves an unsolvable hardblockwhen the proxy IP is reputation-flagged — the captcha page comes back as ~21KB of "access denied" HTML with no challenge JS to solve. Our internal residential pool is flagged for these targets.

Pass your own clean residential proxy via the proxy field and the solver works fine. We bail in ~45 seconds with a proxy_pool_flagged error when our pool is burned, so you know immediately to retry with your own IPs.

Typical performance

› Cache hit: 1-30 ms (cached: true)
› Direct (no interstitial): 500 ms - 2 s
› Interstitial challenge: 3-6 seconds
› Strict captcha (tidal-class): 10-30 seconds