Open missvchen opened 11 months ago
@Jackiebibili FYI
That's right, I see the same "403 forbidden" on each request, regardless IP, proxy, country.
We will try to get it fixed within the next one or two months.
cc: @Jackiebibili
Hi @FrankQixiangGao @Jackiebibili any update for this?
Is there any temporary solution to get the reese84 token?
@Jackiebibili @FrankQixiangGao I'm almost sure the only change was in reese84 generation algo. I have a token from my old tests, it should be at least couple of months old, but it's still working if I manually feed that token. The same way it's working if I grab a fresh token from the browser and feed it manually to the script.
I don't know what's wrong, Sometimes It works, and sometimes It does't work.
Hello! Has this issue been resolved?
No yet, unfortunately.
No yet, unfortunately.
I was sick last week. I tried to investigate into the new logic Ticketmaster has implemented, and currently there is no luck from me. Some interesting findings worth mentioning: the p value in the interrogation object is now actively dynamic; The p value's length varies significantly from 27k to 120k in characters. The Ticketmaster backend for token generation gives a token but cannot be used in api calls (403 forbidden).
No yet, unfortunately.
I was sick last week. I tried to investigate into the new logic Ticketmaster has implemented, and currently there is no luck from me. Some interesting findings worth mentioning: the p value in the interrogation object is now actively dynamic; The p value's length varies significantly from 27k to 120k in characters. The Ticketmaster backend for token generation gives a token but cannot be used in api calls (403 forbidden).
My findings are: There are some paid services out there that require only Javascript file URL for reese84. In Ticketmaster's case it's https://epsf.ticketmaster.com/eps-d?d=www.ticketmaster.com and these services return a valid payload. The one I've tested is https://clearcaptcha.gitbook.io/clearcaptcha-api/incapsula/incapsula-reese84-data-subscription-version This means there's a way of generating a valid payload just having and using the Javascript file. But unfortunately I couldn't make it work myself.
any updates on this?
Any update on this @smokesmoke @Jackiebibili ? Cheers
@smokesmoke maybe this is a dumb question, but how can you have a reese token working from months ago? Don't they expire in like 10-20min? Can't you just abuse that working token for many requests? I guess it's IP-locked?
@washedimg, They aren't iplocked as such, but def dont last for months, that doesn't sound right...
Hi,
It seems that TM implemented a new anti-bot mechanism as of Aug 1. The reese84 tokens are being generated but they are invalid. HTTP calls with the generated tokens result in 403 forbidden.
Thanks