I deal with this fairly commonly, presumably because I use linux, and we all know only botnets use linux. Occasionally with cloudflare I'll just get summary rejection and supposed blocking of my IP, but either it's summary rejection or a pass without challenge.
Recently I had to deal with this for alibaba just to look at something, which I usually just use torbrowser with, and finally gave up as I couldn't pass the challenge. I suppose I shouldn't be surprised at that though, they trust me as much as I trust them.
The worst is usually adobe and cookielaw with all their related tracking crap, where I can't even get the captcha to render as it's so many layers buried in scripting I can't enable enough sites between ublock, noscript, privacy badger, and firefox strict modes. I treat adobe like malware, but unfortunately things like albertsons.com for groceries and other mega companies love to use it, and their sites literally do not work without allowing their heavy scripting/tracking.
There are other usually smaller captcha players that I haven't been human enough to pass with, I forget the names of the stupid to shame, but a few when I see them I recognize to just close the window and forget about whatever it was I was looking for there (like twitter/x).
I visited albertsons.com out of curiosity, but I was instantly banned. Even using an unmodified Chromium browser, I couldn't access the site. It's ridiculous what's happening on the internet today.
The error:
```
Access denied
Error 16
www.albertsons.com
2025-01-03 09:30:00 UTC
What happened?
This request was blocked by our security service
Your IP: xxx
Proxy IP: xxx (ID xxx)
Incident ID: XXX
Powered by Imperva
```
Their Imperva WAF usually challenges me repeatedly during use trying to buy groceries from my pc, and most of the time I get tired of having to disable every security extension I use with Firefox to use Albertsons because of their shitty website. Never outright block though.
Might be worth checking some enterprise threat lists for whatever IP's your popping up on (ie Imperva and Cloudflare), or something uniquely fingerprints you from your browser. I use multiple extensions to block whatever they each can, and even I'm not treated that badly as you for wherever you are coming online from.
Here's Fortinet's you can check your IP against, they all tend to roughly use the same lists eventually: https://www.fortiguard.com/iprep
Immediate bans might be related to the country you're in. This is a US retailer, and there is zero reason for someone outside of the US to visit that site. Blocking foreign visitors allows them to ignore GDPR, for example.
In this case, they may display a message like: 'This page is intended for USA visitors only. Our services do not operate outside the USA.', but no, they say you are banned because just...
Stock. Browser (Chrome/Firefox) doesn't have hw acceleration for video decode. But other than that it's fine. Fast and silent. VS Code and Jetbrains tools work fine.
Recently I had to deal with this for alibaba just to look at something, which I usually just use torbrowser with, and finally gave up as I couldn't pass the challenge. I suppose I shouldn't be surprised at that though, they trust me as much as I trust them.
The worst is usually adobe and cookielaw with all their related tracking crap, where I can't even get the captcha to render as it's so many layers buried in scripting I can't enable enough sites between ublock, noscript, privacy badger, and firefox strict modes. I treat adobe like malware, but unfortunately things like albertsons.com for groceries and other mega companies love to use it, and their sites literally do not work without allowing their heavy scripting/tracking.
There are other usually smaller captcha players that I haven't been human enough to pass with, I forget the names of the stupid to shame, but a few when I see them I recognize to just close the window and forget about whatever it was I was looking for there (like twitter/x).
Hooray commerce!