takion-api
This is the official repository for the TakionAPI Python library. TakionAPI is a non-browser-based automation solution focused antibot and captchas systems.

Table of Contents
Revolutionizing Antibot Interactions
TakionAPI stands at the forefront of antibot solutions, offering a robust and efficient way to bypass advanced bot protection systems like Datadome. Renowned for its non-browser-based approach, it ensures high-speed, accurate automation across various browser OS/versions. TakionAPI is committed to providing 24/7 uninterrupted service, adapting swiftly to changes in antibot technologies.
Key Features:
- Non-Browser Automation: For faster, error-free interactions.
- Universal Browser Support: Compatible with all browser OS/versions.
- Continuous Service: Round-the-clock availability and updates.
- Free Trials & Comprehensive Plans: Accessible, cost-effective solutions for every need.
- Easy Integration: Complete with documentation, libraries, and examples.
- Dedicated Server Options: Tailored solutions for specific requirements.
- Community & Support: Active Discord community and responsive support.
Explore More
Get Your Free Trial API Key
Start with a free trial by visiting TakionAPI.tech. Join the Discord community to acquire a trial key or subscription.
Installation
Install the library using pip:
pip install takion-api
Future Extensions
The current implementation of the takion-api module focuses on making the interactions with Datadome websites easier using out APIs.
However, we already support several bot protections solved with our APIs, are planning to extend this module to handle all the supported antibots.
For now you can interact with them using our API directly.
Antibots
Datadome
Datadome is a bot management system that protects websites from automated threats, including scraping, credential stuffing, and layer 7 (application layer) DDoS attacks.
It's known for its inefficiency in detecting and blocking bots, resulting in false positives and IP bans for legitimate users.
Datadome is particularly sensitive to TLS fingerprinting and headers order, making it crucial to emulate a genuine browser's TLS signatures and headers sequence for successful bypass.
Therefore, it's advisable to have a robust proxy list to rotate IPs and avoid IP bans.
Learn More
Datadome challenges
In order to access a Datadome website under protection you may need on first join or after some requests to solve a challenge that will generate you a datadome
cookie that will garant you the access to the website for a certain amount of time.
Geetest - Slide captcha
This is a slide captcha that requires the user to slide a puzzle piece to a target location.

Interstitial - Device check
This is the newest challenge, that similar to the Cloudflare 5s page, is going to make some checks on the browser.

Usage
from tls_client import Session
from takion_api import TakionAPIDatadome
def load_page(session: Session, url: str):
headers = {
"authority": url.split("/")[2],
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"accept-language": "en-GB,en;q=0.9",
"cache-control": "max-age=0",
"sec-ch-ua": '"Google Chrome";v="110", "Chromium";v="110", "Not?A_Brand";v="99"',
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"macOS\"",
"sec-fetch-dest": "document",
"sec-fetch-mode": "navigate",
"sec-fetch-site": "none",
"sec-fetch-user": "?1",
"upgrade-insecure-requests": "1",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36"
}
return session.get(url, headers=headers)
if __name__ == "__main__":
takion_api = TakionAPIDatadome(
api_key="TAKION_API_XXXXXX",
)
session = Session(
"chrome_110",
header_order=[
'Host', 'Connection', 'Content-Length',
'sec-ch-ua', 'sec-ch-ua-platform',
'sec-ch-ua-mobile', 'User-Agent',
'Content-Type', 'Accept', 'Origin',
'Sec-Fetch-Site', 'Sec-Fetch-Mode',
'Sec-Fetch-Dest', 'Referer', 'Accept-Encoding',
'Accept-Language'
]
)
url = "https://www.footlocker.pt/en/product/~/314206535404.html"
response = load_page(session, url)
if not takion_api.is_challenge(response):
print("Page loaded successfully")
exit(0)
print(f"Got a response with status code {response.status_code} without the cookie")
challenge_url = takion_api.get_challenge_url(
url,
response,
session.cookies.get_dict().get("datadome")
)
print(f"Solving {takion_api.challenge_type} challenge...")
headers = {
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"Accept-Language": "en-GB,en;q=0.9",
"Accept-Encoding": "none",
"Connection": "keep-alive",
"Referer": "https://www.footlocker.pt/",
"Sec-Fetch-Dest": "iframe",
"Sec-Fetch-Mode": "navigate",
"Sec-Fetch-Site": "cross-site",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"sec-ch-ua": '"Google Chrome";v="110", "Chromium";v="110", "Not?A_Brand";v="24"',
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"macOS\""
}
response = session.get(challenge_url, headers=headers)
data = takion_api.solve_challenge(
response
)
res = session.post(
data["url"],
data=data["payload"],
headers=data["headers"]
)
cookie = TakionAPIDatadome.extract_cookie(res)
session.cookies.set("datadome", cookie)
print(f"Got cookie: {cookie[:15]}...{cookie[-15:]}")
print("Loading page with cookie...")
response = load_page(session, url)
print(f"Got a response with status code {response.status_code} with the cookie")
Incapsula
Incapsula is a cloud-based application delivery platform that protects websites from DDoS, SQL injection, XSS, and other cyber attacks.
Like datadome it is important to use a good proxy list to avoid IP bans, as well as a good TLS fingerprinting and headers order.
They uses 2 types of protections:
Read more here Takion API Incapsula
___utmvc
An ___utmvc
cookie is generated when a user visits a website protected by Incapsula. It's used to identify the user and validate the request.
Usage
from requests import Session
from takion_api import TakionAPIUtmvc
session = Session()
takion_api = TakionAPIUtmvc(
api_key="TAKION_API_XXXXXXXX"
)
url = "https://tickets.rolandgarros.com/fr/"
headers = {
'Host': 'tickets.rolandgarros.com',
'cache-control': 'max-age=0',
'sec-ch-ua': '"Google Chrome";v="112", "Chromium";v="112", "Not?A_Brand";v="24"',
'sec-ch-ua-mobile': '?0',
'sec-ch-ua-platform': '"macOS"',
'upgrade-insecure-requests': '1',
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36',
'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7',
'sec-fetch-site': 'none',
'sec-fetch-mode': 'navigate',
'sec-fetch-user': '?1',
'sec-fetch-dest': 'document',
'accept-language': 'en-GB,en;q=0.9',
}
response = session.get(url, headers=headers)
if not takion_api.is_challenge(response):
print("Page loaded successfully")
else:
print("Found challenge, solving...")
utmvc = takion_api.solve_challenge(
response,
cookies=session.cookies
)
session.cookies.set("___utmvc", utmvc)
print(f"Got cookie: {utmvc[:15]}...{utmvc[-15:]}")
response = session.get(url, headers=headers)
print(f"Challenge {'' if takion_api.is_challenge(response) else 'not '}found using cookie")
reese84
A reese84
cookie is generated when a user visits a website protected by Incapsula. A payload will be needed in order to generate the cookie via a post.
Websites like ticketmaster and eticketing uses this type of protection.
Usage
from requests import Session
from takion_api import TakionAPIReese84
takion_api = TakionAPIReese84(
api_key="TAKION_API_XXXXXXXX"
)
protected_url = "https://www.ticketmaster.com/event/1C005E959B003CA9"
headers = {
"Host": "www.ticketmaster.com",
"sec-ch-ua-platform": "\"Windows\"",
"sec-ch-ua-mobile": "?0",
"upgrade-insecure-requests": "1",
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"sec-fetch-mode": "navigate",
"sec-fetch-dest": "document",
"sec-ch-ua": '"Chromium";v="110", "Not A(Brand";v="24", "Google Chrome";v="110"',
"sec-fetch-site": "same-site",
"sec-fetch-user": "?1",
"accept-language": "en-US,en;q=0.9"
}
def send_request_with_solving() -> None:
'''
Send request to protected url after solving the challenge
'''
session = Session()
print("Loading page with solved reese84...")
data = takion_api.solve_challenge("www.ticketmaster.com", headers["user-agent"])
res = session.post(
data["url"],
data=data["payload"],
headers=data["headers"]
).json()
session.cookies.set("reese84", res['token'])
print(f"Got cookie: {res['token'][:15]}...{res['token'][-15:]}")
res = session.get(protected_url, headers=headers)
print(f"Response {'not ' if not TakionAPIReese84.is_challenge(res) else ''}blocked (Status code {res.status_code})")
def send_request_without_solving() -> None:
'''
Send request to protected url without solving the challenge
'''
session = Session()
print("Loading page without solving the challenge...")
res = session.get(protected_url, headers=headers)
print(f"Response {'not ' if not TakionAPIReese84.is_challenge(res) else ''}blocked (Status code {res.status_code})")
if __name__ == "__main__":
send_request_without_solving()
print("-----------------------------------")
send_request_with_solving()
Exceptions
TakionAPIException
: Generic exception
BadResponseException
: Raised when the response is not a valid response, error solving or wrong parameters provided
IpBanException
: Raised when the IP is banned
Support and Links
For any question or issue, please contact us on Discord.
TakionAPI is a product of Takion Labs, a leading provider of automation solutions for businesses and individuals.