Looking for an overview? See the DataDome product page

Resolving DataDome 403 Errors

DataDome uses behavioral analysis and device fingerprinting to detect automated traffic. When requests fail verification, servers return 403 errors or serve deceptive block pages. MeshPrivacy generates valid datadome cookies by completing the behavioral verification process.

Error Codes

Code	Meaning	Resolution
403	Access denied, challenge required	Generate valid datadome cookie via API
200	Deceptive block page (challenge HTML)	Detect and solve embedded challenge

Note: DataDome may return 200 status with challenge HTML instead of 403. Check response content for dd= parameters.

Cookies & Detection

Primary Cookie

datadome - Main verification token

Cookie TTL: approximately 10 minutes

Detection Indicators

dd= parameter in HTML

Challenge JavaScript loading

WebSocket connections for validation

GPU rendering pattern analysis

Service Variants

datadome-invisible Primary

Background behavioral verification without user interaction. Analyzes browser fingerprint and behavior patterns silently.

datadome-device-check

Device fingerprint validation challenge. Collects and verifies hardware and software characteristics without visual interaction.

datadome-slider

Interactive slider captcha challenge. Requires drag interaction to verify human behavior patterns.

Integration Example

// Submit DataDome task to MeshPrivacy
// Service variants: datadome-invisible, datadome-device-check, datadome-slider
const response = await fetch('https://api.meshprivacy.com/v1/tasks/submit', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'X-API-Key': API_KEY
  },
  body: JSON.stringify({
    service: 'datadome-invisible', // or datadome-device-check, datadome-slider
    url: 'https://target-site.com/',
    proxy_config: 'http://user:pass@ip:port', // Your proxy
    initial_cid: '', // Optional - existing datadome cookie if available
    user_agent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36...'
  })
});

const { task_id } = await response.json();

// Poll for result
const result = await fetch(`https://api.meshprivacy.com/v1/tasks/result/${task_id}`, {
  headers: { 'X-API-Key': API_KEY }
});

const { cookies } = await result.json();
// Use cookies.datadome in your requests

FAQ

How do I detect a deceptive 200 block?

Check the response HTML for DataDome challenge indicators: dd= parameters, DataDome JavaScript includes, or challenge-specific HTML structure. A valid response will have your expected content.

How long does the datadome cookie last?

DataDome cookies typically remain valid for approximately 10 minutes. For high-traffic applications, implement token refresh before expiration.

Does DataDome track IP addresses?

Yes, DataDome correlates cookies with IP addresses and behavioral patterns. MeshPrivacy tokens are designed to work with your IP, but rapid IP changes may trigger additional verification.

Related Services

Akamai|Kasada|PerimeterX|Incapsula