# 验证码(CAPTCHA) CAPTCHA 页意味着目标站点觉得请求**哪里不对劲**——不一定是"机器人",只是哪里对不上。helodata 提供 IP,**其余靠你的客户端配合**。 ## 常见检测信号(按重要性) 1. **IP 信誉** — 该 IP 是否最近狂刷过目标? 2. **请求头一致性** — UA、Accept-Language、Sec-CH-UA-\* 必须自洽且与 IP 国家吻合 3. **TLS 指纹** — JA3 / JA4 命中已知 bot 库 4. **行为** — 请求节奏、时序、JS 页上的鼠标/滚动 ## 快速见效(按性价比排序) ### 1. 多步流程用粘性会话,不要轮换 反爬数每 IP 多少次请求。粘性会话像是同一个人完成整个流程;纯轮换像是百万人各看一页——这本身就是经典 bot 信号。 ``` helo_s1a2b3c4d5e-type-res-region-us-session-job1-sesstime-30 ``` ### 2. 请求头与 IP 地理对齐 出口 IP 在德国,请求头就该像个德国人: ``` Accept-Language: de-DE,de;q=0.9,en;q=0.8 User-Agent: Mozilla/5.0 (... 主流 OS 的现代浏览器 UA ...) ``` `Accept-Language` 不匹配(例如美国 IP 配 `zh-CN`)是强信号。 ### 3. 送完整的浏览器请求头 裸 `requests.get()` 发的头比任何真浏览器都少,补齐: ```python HEADERS = { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ...", "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,*/*;q=0.8", "Accept-Language": "en-US,en;q=0.9", "Accept-Encoding": "gzip, deflate, br", "DNT": "1", "Connection": "keep-alive", "Upgrade-Insecure-Requests": "1", "Sec-Fetch-Dest": "document", "Sec-Fetch-Mode": "navigate", "Sec-Fetch-Site": "none", "Sec-Fetch-User": "?1", } ``` ### 4. JS 密集站点用 JS 引擎 带行为指纹的站点(`navigator.webdriver`、鼠标轨迹、canvas)需要真浏览器——用 [Playwright](/helodata-zh/ji-cheng-zhi-nan/pa-chong-gong-ju/playwright.md) 或 [Puppeteer](/helodata-zh/ji-cheng-zhi-nan/pa-chong-gong-ju/puppeteer.md) 配 stealth 插件。 ### 5. 切到移动 目标若信任移动设备更多(常见模式),把 `type-res` 换成 `type-mob`,并搭配运营商 ASN: ``` helo_s1a2b3c4d5e-type-mob-region-us-asn-6167-session-x-sesstime-60 ``` ## CAPTCHA 求解器呢? helodata 不解 CAPTCHA。常见组合: * **2Captcha / Anti-Captcha / CapSolver** — 按次计费返回 token * **`puppeteer-extra-plugin-recaptcha`** — Puppeteer 插件把 token 注入 * **浏览器指纹友好的反检测浏览器** — [AdsPower](/helodata-zh/ji-cheng-zhi-nan/fan-jian-ce-liu-lan-qi/adspower.md)、[Multilogin](/helodata-zh/ji-cheng-zhi-nan/fan-jian-ce-liu-lan-qi/multilogin.md)——它们解决指纹,留给你只拿 token 对 Cloudflare 的隐式挑战(`1020`、JS 挑战),**真 Chromium + stealth** 几乎总比 CAPTCHA 求解器更稳。 ## 当目标就是**对那个 IP** 反感 如果请求头、指纹、行为都对齐还是 CAPTCHA——那个出口 IP 对该目标已烧。**轮换**: * 网关:去掉 session 换新 IP * ISP:从批次中换另一个;同批次多 IP 都被打就申请 [替换 IP](https://docs.helodata.com/helodata-zh/gu-zhang-pai-cha/pages/cFgkUq9quVGUMTS4XWgf#替换失效-ip) ## 即将上线 helodata 的 [Web Unblocker](/helodata-zh/chan-pin/overview-4.md) 会透明处理上面所有这些——JS 渲染、请求头轮换、CAPTCHA、重试。若这是你反复解决的痛点,请加入候选名单。 --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.helodata.com/helodata-zh/gu-zhang-pai-cha/captchas.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.