Possibly found the reason why networks are getting blocked.

[Snowlav]

I've been researching the blog of snapchat for a bit and I noticed that recently they have updated some guidelines.

Here's one of them:
Device Information: We collect information about your device, including the hardware model, operating system and version, unique device identifiers (including MAC address and IMEI), browser type and language, mobile device phone number, and mobile network information. We also collect certain device information that will help us diagnose problems in the (hopefully rare) event you experience any crash or other problem while using our Services. So, for example, if we detect a crash or other problematic event, we may collect the list of apps on your device and other information about your device’s performance at the time of the event for troubleshooting purposes.

Now lets take a look at why and with what message snapchat blocks a network.
"Suspicious activity"

Meaning it's something inside the code that triggers something repeatedly.
Triggering once? fine
Twice? fine
An established amount by snapchat times? Fucked.

Now lets look at this line of text in the article:
unique device identifiers (including MAC address and IMEI)

What I think is that snapchat registers not only a lot of people logging in from the same network (which should in theory be fine, think about public wifi etc)
But they also detect EVERYONE logging in from the same device!

-Either due to the above stated IMEI and MAC (do these even exist with a web server?, if not a lack of them might flag it)
-The exact same user agent that everyone from your network logs in with.
(see this line in the article: including the hardware model, operating system and version,)

Is anyone here able to test this theory out with me?
I think this will have a big chance to solve the network blocking.

[DanMossa]

I'd be more than happy to help test this out but I'm not super skilled in the technical department.
Would you like me to test this out by changing around
CURLOPT_USERAGENT => 'Snapchat/8.0.1.3 (Nexus 5; Android 21; gzip)',
?

EDIT: I changed it to CURLOPT_USERAGENT => 'Snapchat/6.0.0 (iPhone; iOS 7.0.2; gzip)', and I still got the same error =/

EDIT2: I set the UserAgent back to the Android one and ran it off localhost on wamp and it worked perfectly fine. So for me, it's my website's IP that has been banned.

[anchorit3]

Previously I runed the API on VPS server - Worked one month and the IP address has been blocked,
and then runed the API on localhost, worked a few days and again the IP has been blocked.
I updated the CURL data

CURLOPT_HTTPHEADER => array(
    'Accept-Language: en-GB;q=1, en;q=0.9',
    'Accept-Locale: en'
),

and

CURLOPT_USERAGENT => 'Snapchat/8.1.1 (Nexus 5; Android 21; gzip)',

and again blocked.
Now I do not know what to do to fix it.
Maybe this problem is because I don't use authToken to again login but with this is next problem because AuthToken does not work or I do not know how to use it.

I've never seen somebody checking MAC and IMEI.
Every Network Device have a MAC and IMEI
but I don't know is it possible to check this in PHP.

[Snowlav]

If the network was already blocked, then ofcourse changing the headers and useragent would not help, you have to wait until the block is lifted and keep randomizing it in the hope it won't get blocked again.

It's not something we check, it's something server side checks.

[JorgenPhi]

Wouldn't randomizing the device each request be more suspicious than
keeping the same device between requests? We need to make it so the library
as a whole doesn't utilize the same device headers.

If the network was already blocked, then ofcourse changing the headers and
useragent would not help, you have to wait until the block is lifted and
keep randomizing it in the hope it won't get blocked again.

It's not something we check, it's something server side checks.

—
Reply to this email directly or view it on GitHub
#82 (comment).

[Snowlav]

I should have explained myself better, I am looking from a standpoint where multiple people are using the app/code from the same network / ip.

You are right, when it's only you using it, try a different header than the one in the libary.
But keep them the same in between requests.

Focusing on apps that multiple people use, I think the server side of snapchat detects a X amount of users logging in from one device.
I remember a while back when I ran some tests, before snapchat became this strict, that I would have problems performing functions from multiple accounts at the same time.
Every single account in a row was fine, but at the same time usually got the account locked and/or the network blocked.

[DanMossa]

@Snowlav I understand what you're saying. But is there a way to use a proxy with this so that I can bypass the block? Because it's been 4 days now.

[JorgenPhi]

Yeah find a proxy and pass it along with the cURL requests.
On Jan 12, 2015 10:06 PM, "Dgameman1" [email protected] wrote:

@Snowlav https://github.com/Snowlav I understand what you're saying.
But is there a way to use a proxy with this so that I can bypass the block?
Because it's been 4 days now.

—
Reply to this email directly or view it on GitHub
#82 (comment)
.

[DanMossa]

public static $CURL_OPTIONS = array(
CURLOPT_CONNECTTIMEOUT => 5,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_TIMEOUT => 10,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_USERAGENT => 'Snapchat/8.1.1 Beta (Nexus 4; Android 17; gzip)',
);

So I would add
CURLOPT_PROXY => PROXY:PORT,right?

And that's the only thing I need to do to use a proxy @JorgenPhi ?

[anchorit3]

@Snowlav We can try add to library list User Agents from Android devices (10 or more) and iOS and when somebody trying sign in we can randomizing useragent for this username and save for example in sqlite.

But this problem isn't my because I only use 2 accounts for accepting invite to friends, receive snaps and send Snap with authentication code to manage content on website. In my position i think problem is with receive many Snaps in one moment but I'm not sure.

@Dgameman1 for proxy port u mast use

CURLOPT_PROXY => PROXYIP,
CURLOPT_PROXYPORT => PORT

//edit
More info about CURL Proxy:
http://curl.haxx.se/libcurl/c/CURLOPT_PROXY.html

[Snowlav]

@anchorit3 good thinking about the user agent, but what about they IMEI and MAC address they gather?

[anchorit3]

@Snowlav I think Snapchat does not have access to IMEI and MAC device from received data but it's possible that I'm wrong.

//edit
I observed when network is blocked and I change in snapchat_agent.php endpoint from https://feelinsonice-hrd.appspot.com/bq to https://feelinsonice-hrd.appspot.com/ph get from API good data.

[liamjack]

Snapchat doesn't send the device MAC or IMEI at any point, from what I have seen from looking through all the requests.

[Snowlav]

Hmm I guess I got thrown off by their statement saying they did.

It made sense given the fact I always face this problem once more than 3 accounts are active on the platform / doing the same thing.

[DanMossa]

@anchorit3 Thank you. But now the issue is I get an error saying...

array(3) {
  ["error"]=>
  int(1)
  ["message"]=>
  string(22) "API Connection failed."
  ["result"]=>
  string(44) "Connection timed out after 5005 milliseconds"
}

and I even went ahead and changed the timeout CURLOPT_TIMEOUT => 200,

[anchorit3]

@Dgameman1 I add CURLOPT_PROXYTYPE and checked this on my localhost and this worked

$proxyip = '127.0.0.1'; // proxy IP
$proxyport = 8080; // proxy PORT
(...)
CURLOPT_PROXYPORT => $proxyport,
CURLOPT_PROXY, $proxyip,
CURLOPT_PROXYTYPE => 'HTTP'

I use one proxy server from this list:
http://proxylist.hidemyass.com/

[LinoSuarez]

"If you believe you received the notification in error, it may be because you are using an old version of Snapchat. Please make sure you have the most recent version of the app downloaded.

If you have stopped using third-party applications, changed your password already, and updated to the most recent version of Snapchat, there is no need to contact us. However, if you are still having trouble with your account, please let us know below." from https://support.snapchat.com/co/third-party-cf