Has the fingerprint changed for Chrome since 136?

[TonyDev314]

Just curious if the 136 fingerprint works for any of the later Chrome versions? I know they don't always update it.

I have tried to check it myself, but even between requests, the numbers seem to change a lot, so not sure what I'm looking for.

[itsFriday2]

I have noticed over the past 2 weeks I am getting blocked a lot more, when normally I am not blocked. There is a ecommerce website that blocks more often than other websites so I decided to test curl_cffi against this website. This is what I found:

Firefox windows - I was never blocked. 100% of the time I was successful, I was never blocked by the website inpersonating Firefox with Windows headers.
Firefox mac - I was 100% of the time blocked, getting a 403 forbidden. I made the request from my Windows box using custom headers that I copied from my Mac, so I know the headers are correct. And yet somehow the website was able to know I was using a Windows box even though the headers were from my Mac

Chrome windows - I was successful for Chrome win 132,133,135,138,139. I was blocked for Chrome win 134,137,140,141.
Chrome mac - This never worked for me. For chrome versions 129 to 141 using Mac headers I was blocked 100% of the time. The website seemed to know I was using a Windows box, even though I used headers copied from my Mac. I've checked the headers several times over the past few months.

Safari Mac - I was 100% blocked. I copied headers from my Mac but the website seemed to know I was using a Windows box

So I would say, based on my testing and personal experience, that websites are blocking requests made from curl_cffi if the request is made from a Windows box but the headers say a Mac, and websites are blocking curl_cffi for some inpersonations from Chrome that are newer. I think this needs to be more thoroughly investigated. I don't understand how curl_cffi works, so unfortunately I am not able to find the root cause.

[TonyDev314]

While I get a number of requests blocked, it's pretty uniform. I use MAC, Win and Linux headers from a Linux box.

NB You can't know you are being blocked because it thinks you're using a Windows Box.

Suggest posting up the details of the 100% blocked requests so they can be reproduced.

[itsFriday2]

Like I said, I tested using an API that is more sensitive and blocks a lot more so the issue reproduces easier. If I wanted to I can use another API that isn't as sensitive and it might work fine for awhile but will eventually block me.

In my code I am putting impersonate=. I am using a session. I am updating the headers in the session to have the correct user-agent. I copied the headers from my Mac, so I know they are correct.

I disagree with you that websites can't tell what OS you are on. curl_cffi is doing something that websites are detecting. The only thing I change in my code is the impersonate= and the headers and I get blocked.

Since curl_cffi went to a paid version it seems the free version has been abandoned. There havent been major updates to the free version for a long time. If things dont change I'm gong to have to find something else. The free version doesn't seem to be maintained, and I have noticed problems in the past few weeks that I didn't have a few months ago. I don't feel there is anything wrong with my code, I think websites have gotten better detecting curl_cffi. I don't want to post my code or the API.

[TonyDev314]

OK, well you seem to know everything, so good luck with that.

[lexiforest]

it seems the free version has been abandoned

This is simply NOT true, there is no update on the paid version, neither. I'm just too busy with other stuff I'm working on and there is actually no TLS update in recent chrome versions.