-
Notifications
You must be signed in to change notification settings - Fork 179
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
429:API Access Denied #213
Comments
Have you tried changing your network? It is likely the network you are on is too hot and has a higher token cost per request. Most networks are auto-granted 500 tokens hourly, and each request costs 1 token, but you can spend more tokens by switching networks. We currently do not have a special access setup, but could consider bumping this to 1000 tokens. |
Cookies are not considered. If the origin header is blank, that could be the cause. In the console, there should be an analysis response near the end. If it is marked abuse, there should be an abuse name. I can debug it based on the name. If there is no abuse name, it's probably a missing origin header. |
creep.js:14
DOMException: Failed to register a ServiceWorker for scope ('https://abrahamjuliot.github.io/creepjs/') with script ('https://abrahamjuliot.github.io/creepjs/creep.js'):
The user denied permission to use Service Worker.
(anonym) @ creep.js:14
Promise.catch (asynchron)
(anonym) @ creep.js:14
Py @ creep.js:14
YZ @ creep.js:14
await in YZ (asynchron)
Py @ creep.js:293
(anonym) @ creep.js:293
await in (anonym) (asynchron)
(anonym) @ creep.js:537
(anonym) @ creep.js:537
creep.js:293
DOMException: Failed to read the 'sessionStorage' property from 'Window':
Access is denied for this document.
at w3 (https://abrahamjuliot.github.io/creepjs/creep.js:293:38856)
at https://abrahamjuliot.github.io/creepjs/creep.js:508:1075
w3 @ creep.js:293
(anonym) @ creep.js:508
Promise.then (asynchron)
(anonym) @ creep.js:503
await in (anonym) (asynchron)
t @ creep.js:1
(anonym) @ creep.js:293
await in (anonym) (asynchron)
(anonym) @ creep.js:537
(anonym) @ creep.js:537
creep.js:520
Error! Failed to read the 'sessionStorage' property from 'Window':
Access is denied for this document.
(anonym) @ creep.js:520
Promise.catch (asynchron)
(anonym) @ creep.js:520
await in (anonym) (asynchron)
t @ creep.js:1
(anonym) @ creep.js:293
await in (anonym) (asynchron)
(anonym) @ creep.js:537
(anonym) @ creep.js:537
Note: This issue persists ONLY when the cookies are blocked |
I see. This is not a network error. That is just the prediction API blocked from execution due to no session storage. The code uses session storage to hold samples. I may change that at some point, but it's there for development. You can unpack in the console via... JSON.parse(sessionStorage.samples) |
If you're sending too many requests, try changing your IP address. This is how we solved this problem. |
Good tips. I should note, there are some hidden rate limits, but these are only manually applied if the site is under attack, and are based on server-side analysis rather than networks. Currently, the only data used to distinguish attack from testing is breaks vs. no breaks in a 24-hour timeframe. 8 hrs with no breaks is fine. If a fingerprint is tagged |
For a few days it was able to be used with the proxy without any problems. But now it cannot be used with proxy. So, do I need to change the computer? |
Did you try using different browsers? Edge, Chrome, Firefox.. ? |
Yep, different browser should work. |
It's likely your hidden browser fingerprint is too hot and unique, and generating too much traffic. The key to getting around this is to blend in with normal traffic or look as real and organic as possible. A high number of proxies and random/fake fingerprints work against this technique. Ideally, you want to be on the latest stable Chrome, Firefox, or WebKit. Custom chromium builds (such as anti-detection software) typically fail to blend in. |
@abrahamjuliot I just wanna note here, that you provide pretty accurate instructions for a potential attacker |
LOL, that is true. But new attacks are welcome to give it a try. It's how we improve and learn. |
Hello,
For some fingerprint testing, I'm using https://abrahamjuliot.github.io/creepjs/. But if I send more than 100 requests, I get 429:API Access Denied. How can I get around this or give a special permission?
Thanks!
The text was updated successfully, but these errors were encountered: