cookie monster

share on xlinkedin

bot-detection script intel. per provider: the cookies and tokens its loader plants, the signals it reads, the telemetry endpoint, and the return-trip contract the server expects back, with the observed grid of which browser, on which proxy, actually earned clearance. read the polarity before you read the score.

datadome

confirmed contract · datadome.

full loader intel ↗transport ↗browsers ↗

documented contract

cookies set

datadome: the single first-party clearance cookie; opaque value bound to the device + exit IP.

gate token: none
telemetry: api-js.datadome.co/js/

return expectation

the datadome cookie is replayed on every request and re-validated server-side against the IP + UA + TLS the session opened with; a mismatch re-challenges.

gate behavior

403 with a dd{} JSON body that redirects to geo.captcha-delivery.com for the interstitial; pass mints / refreshes the datadome cookie at 200.

observed live (from the loader refresh)

not captured yet. the daily bot_detector cron records the live Set-Cookie names + gate status its loader fetch sees; once it has run for datadome, the cookies it planted and the status it returned appear here.

what the loader reads + ships (live analysis)

9 tells3 sinks0 leaked apis

signals it reads (by category)

eventshigh · 4

*.isTrusted *.pointerType *.pressure *.repeat

anti-debugmedium · 1

console.log

documentmedium · 1

document.currentScript

mathmedium · 1

Math.acos

telemetry sinks

POST (dynamic url)
POST (dynamic url)
HEAD chrome-extension://oojibhnkahnabembdeoicblilpbfmnhg/icon.0024de64.png

observed across the matrix

not collected. the harness has not yet run this detector across the browser by proxy matrix, so there is no observed clearance grid to show. the documented contract above is what the provider is expected to do; this grid lights up once the cookies dataset is published.

cookies dataset not published. observed grids show the documented contract only.