takion-api

takion-api

This is the official repository for the TakionAPI Python library. TakionAPI is a non-browser-based automation solution focused antibot and captchas systems.

Table of Contents

• takion-api
  • Table of Contents
  • Revolutionizing Antibot Interactions
  • Get Your Free Trial API Key
  • Installation
  • Future Extensions
  • Antibots
    • Datadome
      • Datadome challenges
        • Geetest - Slide captcha
        • Interstitial - Device check
      • Usage
    • Incapsula
      • ___utmvc
        • Usage
      • reese84
        • Usage
    • Exceptions
  • Support and Links

Revolutionizing Antibot Interactions

TakionAPI stands at the forefront of antibot solutions, offering a robust and efficient way to bypass advanced bot protection systems like Datadome. Renowned for its non-browser-based approach, it ensures high-speed, accurate automation across various browser OS/versions. TakionAPI is committed to providing 24/7 uninterrupted service, adapting swiftly to changes in antibot technologies.

Key Features:

• Non-Browser Automation: For faster, error-free interactions.
• Universal Browser Support: Compatible with all browser OS/versions.
• Continuous Service: Round-the-clock availability and updates.
• Free Trials & Comprehensive Plans: Accessible, cost-effective solutions for every need.
• Easy Integration: Complete with documentation, libraries, and examples.
• Dedicated Server Options: Tailored solutions for specific requirements.
• Community & Support: Active Discord community and responsive support.

Explore More

Get Your Free Trial API Key

Start with a free trial by visiting TakionAPI.tech. Join the Discord community to acquire a trial key or subscription.

Installation

Install the library using pip:

pip install takion-api

Future Extensions

The current implementation of the takion-api module focuses on making the interactions with Datadome websites easier using out APIs.

However, we already support several bot protections solved with our APIs, are planning to extend this module to handle all the supported antibots.

For now you can interact with them using our API directly.

Antibots

Datadome

Datadome is a bot management system that protects websites from automated threats, including scraping, credential stuffing, and layer 7 (application layer) DDoS attacks.

It's known for its inefficiency in detecting and blocking bots, resulting in false positives and IP bans for legitimate users.

Datadome is particularly sensitive to TLS fingerprinting and headers order, making it crucial to emulate a genuine browser's TLS signatures and headers sequence for successful bypass.

Therefore, it's advisable to have a robust proxy list to rotate IPs and avoid IP bans.

Learn More

Datadome challenges

In order to access a Datadome website under protection you may need on first join or after some requests to solve a challenge that will generate you a datadome cookie that will garant you the access to the website for a certain amount of time.

Geetest - Slide captcha

This is a slide captcha that requires the user to slide a puzzle piece to a target location.

Interstitial - Device check

This is the newest challenge, that similar to the Cloudflare 5s page, is going to make some checks on the browser.

Usage

from tls_client import Session
from takion_api import TakionAPIDatadome


def load_page(session: Session, url: str):
    headers = {
        "authority": url.split("/")[2],
        "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "accept-language": "en-GB,en;q=0.9",
        "cache-control": "max-age=0",
        "sec-ch-ua": '"Google Chrome";v="110", "Chromium";v="110", "Not?A_Brand";v="99"',
        "sec-ch-ua-mobile": "?0",
        "sec-ch-ua-platform": "\"macOS\"",
        "sec-fetch-dest": "document",
        "sec-fetch-mode": "navigate",
        "sec-fetch-site": "none",
        "sec-fetch-user": "?1",
        "upgrade-insecure-requests": "1",
        "user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36"
    }
    return session.get(url, headers=headers)


if __name__ == "__main__":
    takion_api = TakionAPIDatadome(
        api_key="TAKION_API_XXXXXX", # Your TakionAPI key
    )
    session = Session(
        "chrome_110", 
        header_order=[ # The order of the headers is important
            'Host', 'Connection', 'Content-Length', 
            'sec-ch-ua', 'sec-ch-ua-platform', 
            'sec-ch-ua-mobile', 'User-Agent', 
            'Content-Type', 'Accept', 'Origin', 
            'Sec-Fetch-Site', 'Sec-Fetch-Mode', 
            'Sec-Fetch-Dest', 'Referer', 'Accept-Encoding', 
            'Accept-Language'
        ]
    )

    # An example Datadome protected page
    url = "https://www.footlocker.pt/en/product/~/314206535404.html"
    
    response = load_page(session, url)
    if not takion_api.is_challenge(response): # Check if we need to solve a challenge
        print("Page loaded successfully")
        exit(0)
    
    print(f"Got a response with status code {response.status_code} without the cookie")

    # This function will return the url of the challenge
    # no matter if it's a slide captcha or an interstital
    challenge_url = takion_api.get_challenge_url(
        url,
        response,
        session.cookies.get_dict().get("datadome")
    )
    print(f"Solving {takion_api.challenge_type} challenge...")

    headers = {
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
        "Accept-Language": "en-GB,en;q=0.9",
        "Accept-Encoding": "none",
        "Connection": "keep-alive",
        "Referer": "https://www.footlocker.pt/",
        "Sec-Fetch-Dest": "iframe",
        "Sec-Fetch-Mode": "navigate",
        "Sec-Fetch-Site": "cross-site",
        "Upgrade-Insecure-Requests": "1",
        "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
        "sec-ch-ua": '"Google Chrome";v="110", "Chromium";v="110", "Not?A_Brand";v="24"',
        "sec-ch-ua-mobile": "?0",
        "sec-ch-ua-platform": "\"macOS\""
    }
    
    # After that we are going to load the challenge page
    response = session.get(challenge_url, headers=headers)

    # And send to TakionAPI the content, in order to solve any present challenge
    data = takion_api.solve_challenge(
        response
    )

    # TakionAPI will return a dict with the url, payload and headers
    # for the POST request that we need to send to the challenge page
    # in order to generate the cookie
    res = session.post(
        data["url"], 
        data=data["payload"], 
        headers=data["headers"]
    )

    # We extract the cookie from the response
    cookie = TakionAPIDatadome.extract_cookie(res)

    # And set it in the session
    session.cookies.set("datadome", cookie)
    print(f"Got cookie: {cookie[:15]}...{cookie[-15:]}")

    # Now we can load the page with the cookie
    print("Loading page with cookie...")
    response = load_page(session, url)
    print(f"Got a response with status code {response.status_code} with the cookie")

Incapsula

Incapsula is a cloud-based application delivery platform that protects websites from DDoS, SQL injection, XSS, and other cyber attacks.

Like datadome it is important to use a good proxy list to avoid IP bans, as well as a good TLS fingerprinting and headers order.

They uses 2 types of protections:

Read more here Takion API Incapsula

___utmvc

An ___utmvc cookie is generated when a user visits a website protected by Incapsula. It's used to identify the user and validate the request.

Usage

from requests import Session
from takion_api import TakionAPIUtmvc

session = Session()
takion_api = TakionAPIUtmvc(
    api_key="TAKION_API_XXXXXXXX"
)
url = "https://tickets.rolandgarros.com/fr/"
headers = {
    'Host': 'tickets.rolandgarros.com',
    'cache-control': 'max-age=0',
    'sec-ch-ua': '"Google Chrome";v="112", "Chromium";v="112", "Not?A_Brand";v="24"',
    'sec-ch-ua-mobile': '?0',
    'sec-ch-ua-platform': '"macOS"',
    'upgrade-insecure-requests': '1',
    'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36',
    'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
    'sec-fetch-site': 'none',
    'sec-fetch-mode': 'navigate',
    'sec-fetch-user': '?1',
    'sec-fetch-dest': 'document',
    'accept-language': 'en-GB,en;q=0.9',
}
response = session.get(url, headers=headers)
if not takion_api.is_challenge(response):
    print("Page loaded successfully")
else:
    print("Found challenge, solving...")
    # Solve the challenge
    utmvc = takion_api.solve_challenge(
        response,
        cookies=session.cookies # Optional but recommended
    )
    # Set the utmvc cookie
    session.cookies.set("___utmvc", utmvc)
    print(f"Got cookie: {utmvc[:15]}...{utmvc[-15:]}")
    # Now we send the original request again
    response = session.get(url, headers=headers)
    print(f"Challenge {'' if takion_api.is_challenge(response) else 'not '}found using cookie")

reese84

A reese84 cookie is generated when a user visits a website protected by Incapsula. A payload will be needed in order to generate the cookie via a post. Websites like ticketmaster and eticketing uses this type of protection.

Usage

from requests import Session
from takion_api import TakionAPIReese84

takion_api = TakionAPIReese84(
    api_key="TAKION_API_XXXXXXXX"
)

protected_url = "https://www.ticketmaster.com/event/1C005E959B003CA9"
headers = {
    "Host": "www.ticketmaster.com",
    "sec-ch-ua-platform": "\"Windows\"",
    "sec-ch-ua-mobile": "?0",
    "upgrade-insecure-requests": "1",
    "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
    "sec-fetch-mode": "navigate",
    "sec-fetch-dest": "document",
    "sec-ch-ua": '"Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"',
    "sec-fetch-site": "same-site",
    "sec-fetch-user": "?1",
    "accept-language": "en-US,en;q=0.9"
}

def send_request_with_solving() -> None:
    '''
    Send request to protected url after solving the challenge
    '''
    # Create a new session
    session = Session()
    print("Loading page with solved reese84...")

    # Generate payload
    data = takion_api.solve_challenge("www.ticketmaster.com", headers["user-agent"])
    
    # Send challenge
    res = session.post(
        data["url"], 
        data=data["payload"], 
        headers=data["headers"]
    ).json()
    
    # Set cookie
    session.cookies.set("reese84", res['token'])
    print(f"Got cookie: {res['token'][:15]}...{res['token'][-15:]}")

    # Sending request to protected url 
    res = session.get(protected_url, headers=headers)
    print(f"Response {'not ' if not TakionAPIReese84.is_challenge(res) else ''}blocked (Status code {res.status_code})")

def send_request_without_solving() -> None:
    '''
    Send request to protected url without solving the challenge
    '''
    # Create a new session
    session = Session()
    print("Loading page without solving the challenge...")

    # Sending request to protected url
    res = session.get(protected_url, headers=headers)
    print(f"Response {'not ' if not TakionAPIReese84.is_challenge(res) else ''}blocked (Status code {res.status_code})")

if __name__ == "__main__":
    send_request_without_solving() # Will return 403 or 401
    print("-----------------------------------")
    send_request_with_solving() # Will return 404, old event

Exceptions

• TakionAPIException: Generic exception
• BadResponseException: Raised when the response is not a valid response, error solving or wrong parameters provided
• IpBanException: Raised when the IP is banned

Support and Links

• TakionAPI.tech
• Documentation
• Discord / Start a trial
• Buy a plan
• GitHub

For any question or issue, please contact us on Discord.

---

TakionAPI is a product of Takion Labs, a leading provider of automation solutions for businesses and individuals.