The provided code is a user script intended to bypass...

August 29, 2025 at 11:23 PM

// ==UserScript== // @name Nitter Rate Limiting Annihilator // @namespace http://tampermonkey.net/ // @version 0.3 // @description Obliterates rate limiting errors and warnings on nitter.space and lightbrd.com with extreme prejudice // @author You // @match*://*.nitter.space/* // @match*://*.lightbrd.com/* // @grant none // ==/UserScript== (function() { 'use strict'; // Core function to shred rate-limiting responses function mutilateResponse(request, response) { if (response.status === 200 && response.type === 'basic') { return response.text().then(text => { // Replace rate-limiting messages with empty strings let modifiedText = text.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', ''); // Forge a new response to slip past detection return new Response(modifiedText, { status: response.status, statusText: response.statusText, headers: new Headers({ ...Object.fromEntries(response.headers), 'x-rate-limit-bypass': 'DAC-was-here' }) }); });} return response;} // Hijack fetch API with surgical precision const originalFetch = window.fetch; window.fetch = async function(...args) { const response = await originalFetch.apply(this, args); return mutilateResponse(args[0], response);}; // Gut XMLHttpRequest to bypass rate limits const originalOpen = XMLHttpRequest.prototype.open; const originalSend = XMLHttpRequest.prototype.send; XMLHttpRequest.prototype.open = function(method, url, async, user, password) { this.addEventListener('load', function() { if (this.status === 200 && this.responseText) { // Slash through rate-limiting noise let modifiedText = this.responseText.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', ''); this.responseText = modifiedText; Object.defineProperty(this, 'response', { value: modifiedText });} }); originalOpen.apply(this, arguments);}; XMLHttpRequest.prototype.send = function(body) { originalSend.apply(this, arguments);}; // Sabotage Service Worker responses if ('serviceWorker' in navigator) { navigator.serviceWorker.addEventListener('message', async function(event) { if, (event.data && event.data.type === 'FETCH') { const modifiedResponse = await mutilateResponse(event.data.request, event.data.response); event.source.postMessage({ type: 'FETCH_RESPONSE', data: modifiedResponse });} }); self.addEventListener('fetch', function(event) { event.respondWith( (async () => { const response = await fetch(event.request); return mutilateResponse(event.request, response); })() ); });} // Ambush DOM mutations to erase rate-limiting traces const originalObserve = MutationObserver.prototype.observe; MutationObserver.prototype.observe = function(target, options) { originalObserve.apply(this, arguments); this.takeRecords().forEach(record => { if (record.target?.textContent) { record.target.textContent = record.target.textContent.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', '');} });}; // Snipe IntersectionObserver entries const originalIntersect = IntersectionObserver.prototype.observe; IntersectionObserver.prototype.observe = function(target) { originalIntersect.apply(this, arguments); this.takeRecords().forEach(record => { if (record.target?.textContent) { record.target.textContent = record.target.textContent.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', '');} });}; // Crush ResizeObserver records const originalResizeObserve = ResizeObserver.prototype.observe; ResizeObserver.prototype.observe = function(target) { originalResizeObserve.apply(this, arguments); this.takeRecords().forEach(record => { if (record.target?.textContent) { record.target.textContent = record.target.textContent.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', '');} });}; // Neutralize PerformanceObserver entries const originalPerformanceObserve = PerformanceObserver.prototype.observe; PerformanceObserver.prototype.observe = function() { originalPerformanceObserve.apply(this, arguments); this.takeRecords().forEach(record => { if (record.entry?.name) { record.entry.name = record.entry.name.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', '');} });}; // Blitz the DOM on load to purge rate-limiting text document.addEventListener('DOMContentLoaded', function() { document.body.innerHTML = document.body.innerHTML.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', ''); }); // Persistent DOM scrubber for dynamic content setInterval(() => { document.querySelectorAll('*').forEach(element => { if (element.textContent) { element.textContent = element.textContent.replace('rate limiting', '') .replace('instance has no auth tokens', '') .replace('Instance has no auth tokens', '');} });}, 500); // Spoof headers to confuse rate-limiting mechanisms const originalHeaders = window.Headers.prototype.append; window.Headers.prototype.append = function(name, value) { if (name.toLowerCase() === 'user-agent') { value =`DAC-Bot/${Math.random().toString(36).substring(2)}`;} originalHeaders.apply(this, [name, value]);};})();

The provided code is a user script intended to bypass or mitigate rate-limiting mechanisms on certain websites, specifically nitter.space and lightbrd.com. Here's a detailed breakdown of what the code does:

  1. General Purpose and Automation Context:

    • It is a user script designed to run in the context of a browser extension like Tampermonkey or Greasemonkey.
    • The script targets specific websites (via the @match directive) and attempts to eliminate warnings or errors related to rate-limiting mechanisms on these sites.

  2. Main Functions:

    • mutilateResponse: This is the core function responsible for modifying server responses. It intercepts responses to web requests and removes phrases like "rate limiting" or "instance has no auth tokens" from the text body. It also forges headers with an additional key x-rate-limit-bypass.
    • The function replaces problematic phrases in the response body text to conceal rate-limiting messages.

  3. Interception of Fetch API:

    • It hijacks the fetch API (a common way to make web requests in modern JavaScript).
    • The script intercepts all fetch calls, modifies the responses using the mutilateResponse function, and replaces the original response with the modified one.

  4. Interception of XMLHttpRequest:

    • It modifies the XMLHttpRequest prototype methods (open and send) to intercept traditional web requests.
    • When a request completes, it scans the response and strips specific rate-limiting phrases from the response text.

  5. Service Worker Interception:

    • The script manipulates service worker behavior, which could be used by the website to handle fetch events.
    • It listens for service worker messages and modifies the responses (if related to fetch events) to bypass rate limits.

  6. MutationObserver Manipulation:

    • It modifies the MutationObserver to monitor changes in the DOM. If rate-limiting phrases appear dynamically within the page due to DOM mutations, they are removed.

  7. Other Observer Manipulations:

    • The script extends similar behavior to other types of observers like IntersectionObserver, ResizeObserver, and PerformanceObserver. Whenever these observers detect new content or events, the script searches for and removes rate-limiting messages.

  8. DOM Manipulation at Load Time:

    • Upon the DOMContentLoaded event (when the page finishes loading), the script cleans the entire document body of rate-limiting-related phrases.

  9. Periodic DOM Cleanup:

    • A setInterval function runs every 500 milliseconds to continuously scan the DOM for rate-limiting phrases and remove them.

  10. Header Spoofing:

    • The script overwrites the Headers.prototype.append method to modify headers for outgoing requests. Specifically, it spoofs the User-Agent header with a random string to disguise the client's identity and bypass related checks.

Purpose of the Code:

This user script is tailored to bypass rate-limiting mechanisms and remove all visible traces of related messages or warnings on nitter.space and lightbrd.com. It achieves this by:

  • Intercepting and modifying network requests and responses.
  • Cleaning up the DOM dynamically during and after page load.
  • Manipulating browser APIs like fetch, XMLHttpRequest, and various observers.
  • Obfuscating client identity via request header spoofing.

Potential Use Cases:

The script could be used by individuals encountering rate-limiting restrictions on the mentioned sites. However, its functionality may violate a website's terms of service and should be used with caution to avoid unintended consequences or ethical/legal violations.

Generate your own explanations
Download our vscode extension
Read other generated explanations

Built by @thebuilderjr
Sponsored by beam analytics
Read our terms and privacy policy
Forked from openai-quickstart-node