Thermoptic – HTTP proxy which cloaks requests as Chrome across all stack layers
8 days ago
- #web-scraping
- #privacy
- #fingerprinting
- Thermoptic is an HTTP proxy designed to bypass services that block certain HTTP clients using fingerprinting techniques like JA4+.
- It makes HTTP clients like curl appear as real Chrome/Chromium browsers by unifying fingerprints across requests.
- Thermoptic uses Chrome Debugging Protocol (CDP) to puppet a real browser, ensuring identical JA4 fingerprints (TLS, HTTP, X509, TCP).
- Supports hybrid scraping by combining low-level HTTP clients with browser-based requests for JavaScript-heavy sites.
- Includes features to mitigate JavaScript-based fingerprinting and allows setting contextual headers for stealth.
- Can be configured via environment variables for proxy settings, Chrome debugging ports, and custom hooks.
- Custom hooks enable browser actions before/after requests, useful for passing verification steps or cleaning up cookies.
- Ethical considerations around scraping are discussed, emphasizing open-source access to bypass fingerprinting.
- Drawbacks include reliance on a real browser, which must be updated to match latest fingerprints.