Comment by schroeding

1 year ago

> Does cURL have an easy-to-spot fingerprint outside of its headers?

If it's a https URL: Yes, the TLS handshake. There are curl builds[1] which try (and succeed) to imitate the TLS handshake (and settings for HTTP/2) of a normal browser, though.

[1] https://github.com/lwthiker/curl-impersonate

2 comments

schroeding

Reply

bennyg 1 year ago

To echo further, they may be leaning on something like the [ja4 fingerprint](https://www.google.com/url?sa=t&source=web&rct=j&opi=8997844...) (which you'd need to rebuild curl to emulate that chromium version to try and trick).

ghxst 1 year ago

Curl-impersonate does this https://github.com/lwthiker/curl-impersonate