初识指纹遇到一个网站,忽然发现无论如何如何更换UA和代理请求都是403,curl_cffi 可模拟真实浏览器的 TLS | JA3 指纹。
查看 tls 指纹的网站:
https://tls.browserleaks.com/json
不同网站的生成的指纹可能有差异,但是多次访问同一个网站生成的指纹是稳定的,而且能区分开
Python requests库请求一个带JA3指纹网站的结果:
import requests
headers = {
'authority': 'tls.browserleaks.com',
'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
'accept-language': 'zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7,da;q=0.6',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'sec-ch-ua': '"Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
'sec-fetch-dest': 'document',
'sec-fetch-mode': 'navigate',
'sec-fetch-site': 'cross-site',
'sec-fetch-user': '?1',
'upgrade-insecure-requests': '1',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36',
}
response = requests.get('https://tls.browserleaks.com/json', headers=headers)
print(response.json())
可以看到,akamai_hash和akamai_text都是空的。
使用Python的curl_cffi库,主打的就是模拟各种指纹
pip install curl_cffi支持的模拟版本,由curl-impersonate支持
edge99 = "edge99"
edge101 = "edge101"
chrome99 = "chrome99"
chrome100 = "chrome100"
chrome101 = "chrome101"
chrome104 = "chrome104"
chrome107 = "chrome107"
chrome110 = "chrome110"
chrome116 = "chrome116"
chrome99_android = "chrome99_android"
safari15_3 = "safari15_3"
safari15_5 = "safari15_5"
edge101 = "edge101"
ff102 = "ff102"impersonate
from curl_cffi import requests
headers = {
'authority': 'tls.browserleaks.com',
'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
'accept-language': 'zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7,da;q=0.6',
'cache-control': 'no-cache',
'pragma': 'no-cache',
'sec-ch-ua': '"Not/A)Brand";v="99", "Google Chrome";v="115", "Chromium";v="115"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"Windows"',
'sec-fetch-dest': 'document',
'sec-fetch-mode': 'navigate',
'sec-fetch-site': 'cross-site',
'sec-fetch-user': '?1',
'upgrade-insecure-requests': '1',
'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36',
}
response = requests.get('https://tls.browserleaks.com/json', headers=headers, impersonate="chrome110")
print(response.text)这里需要通过from curl_cffi import requests引入requests,并在get方法里加入impersonate="chrome110"。
可以看到,akamai_hash和akamai_text都有值了。
参考
https://tls.browserleaks.com/json
https://github.com/salesforce/ja3
https://github.com/yifeikong/curl_cffi
https://github.com/lwthiker/curl-impersonate来源: https://www.xxspvip.cn/xianqing/detail/3
