TSPD

A cookie based method for bypassing TSPD captcha.

Task Types

• TspdTask — we use the proxy you provide

IMPORTANT: For TSPD tasks, you must use a proxy with a static session. The same outbound IP address must be maintained across all stages, from getting cookies to solving the task and using those cookies afterward. Changing the IP or session between stages can cause errors.

How It Works

1. First request. The script sends an HTTP request to the target page through your proxy, using browser like headers.

2. Getting cookies. The script extracts protection cookies from the server response. If the response contains the TSPD_101_DID cookie (meaning the protection was passed) or the cookie format is unexpected, the process stops.

3. Creating the task. The script sends the data to our service to solve the TSPD challenge.

4. Getting the solution. The script waits for the task to complete via the API and receives updated cookies.

5. Final request. The script makes another request to the page using the new cookies, and the server returns the regular HTML page.

How to Find the Required Parameters

When you send a GET request to a page with a TSPD challenge, you will get HTML that needs to be Base64 encoded and passed in the htmlPageBase64 parameter. Also, on the first request, the server will send special cookies (for example, TS386a...400d029). You must pass these in tspdCookie because they are required for the TSPD solution to work and for the API to respond correctly.

important: The htmlPageBase64 and TspdCookie parameters are dynamic. Extract them right before sending the task, otherwise the solution might fail.

Please note:

If the server returns cookies in one of these formats (3 to 4 lines):

TS386a400d029=082670...40a8ea3;
TS386a400d078=082670...b4cbe2c;
TSd2153684027=082670...4415a6

or

TS386a400d029=08777...83ff9,
TS386a400d029=08777...fb459e,
TSd2153684027=08777...f0ad368

or

TS014d0691=01fef...1244b,
TS01fe94e8=01fef...9ed38,
TSafd868f7027=082670...a7ea7c

and there is no TSPD_101_DID cookie, this means the request was intercepted by the protection system and a block page (TSPD challenge) was returned instead of the normal content.

In this case, you need to:

1. Send the received cookies to our service,
2. Wait for the task to finish solving.
3. Use the updated cookies for all following requests.

Specification for TspdTask

Request Examples

Method: createTask
API Endpoint: https://api.2captcha.com/createTask

TspdTask Request Example

{
    "clientKey": "YOUR_API_KEY",
    "task": {
      "type": "TspdTask",
      "websiteUrl": "https://example.com/login",
      "TspdCookie": "TS386a400d029=082670...010245; TS386a400d078=082670...dbb3b0c",
      "htmlPageBase64": "PCFET0NUWVBFIGh0bWw+...",
      "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36",
      "proxyType": "http",
      "proxyAddress": "1.2.3.4",
      "proxyPort": 8080,
      "proxyLogin": "login",
      "proxyPassword": "password"
    }
  }

Example Response

Method: getTaskResult
API Endpoint: https://api.2captcha.com/getTaskResult

{{
  "errorId": 0,
  "status": "ready",
  "solution": {
    "Domains": {
      "example.com": {
        "Cookies": {
          "TS386a400d029": "082670...01a06e",
          "TS386a400d078": "082670...dbb3b0c",
          "Tspd_101_DID": "082670...1d53f"
        }
      }
    }
  }
}