绕过 NuData, 生成 nds-pmd。
无需浏览器即可绕过 NuData。Takion 生成 NuData 所需的 nds-pmd 行为 payload,让你的登录和结账请求通过它的欺诈检测顺利放行。
最后更新 · 覆盖能力已针对一个实时的 NuData 目标测试。
被 NuData 拦住了?
NuData 不会显示验证码。它会对请求背后的行为打分,并在登录、支付等敏感操作时要求一个匹配的 payload(通常以 nds-pmd 发送)。Takion 在服务端生成该 payload,你这边无需浏览器,返回后可直接以站点所需的字段名附加。把它放入你的请求,欺诈检测即告通过。
NuData 的工作原理
NuData Security(现已并入 Mastercard)不会弹出验证码,而是监测行为。它的传感器脚本会持续采集设备、时序和交互信号,并将其打包成一个 payload(通常以 nds-pmd 的形式发送),由站点在登录、支付等敏感操作时一并提交。payload 缺失或过于机械,请求就会被标记为欺诈,操作随即被拒。
Takion 会读取你目标站点的 NuData 传感器脚本,在服务端生成有效的 nds-pmd payload,并返回可直接附加的结果。一次调用,无需浏览器,也无需伪造任何行为。你把 payload 以站点所需的字段名(input_name)放入登录或结账请求,它就能通过欺诈检测。
- Takion 覆盖的挑战
- 行为生物识别评分(设备、时序、交互)
- 登录和支付环节的 nds-pmd payload
- 各站点令牌字段名(input_name)的差异
- 传感器脚本的轮换
一次调用返回什么
向 NuData 端点发送一次调用,即可返回站点所需的确切行为 payload,可直接附加到你的登录或结账请求。
nds-pmd登录或结账请求所需的行为 payload
input_name提交该 payload 时使用的确切字段名,因站点而异
curl -G https://nudata.takionapi.tech/generate \
--data-urlencode "api_key=$TAKION_KEY" \
--data-urlencode "url=https://nudata.ticketmaster.com/2.2/w/w-481390/sync/js/"
# → { "result": "<nds-pmd payload>", "input_name": "nds-pmd" }阅读 NuData 文档同一个密钥,通吃每一堵墙。同一种 JSON 结构,适配每一个厂商。
How the NuData bypass works, end to end
No captcha, no browser. NuData watches behavior, so Takion builds the behavioral payload for you. Five moves from flagged to cleared.
- 1
Grab the sensor script URL
Find the NuData script the page loads, like https://nudata.ticketmaster.com/2.2/w/w-481390/sync/js/. That URL tells us which site settings and field name to build against.
- 2
Open a session
Send the url as a query param to /generate. The first login call opens a session and hands back a session_id. Reuse that session_id on follow-up calls to stay in the same session.
- 3
Describe the actions
Put the user actions to simulate in the JSON body, an input and a sign-in button by default. For a payment flow set checkout: true and we build a checkout payload instead.
- 4
We generate it server-side
Takion loads the site's NuData settings, computes the device, timing, and interaction signals, and packs them into a valid payload. No browser runs on your side.
- 5
Attach and send
The response carries result, the payload, and input_name, usually nds-pmd. Drop result into your own login or checkout request under input_name and it clears the fraud check.
The NuData request, decoded
One endpoint, a few knobs. url and session_id ride as query params, the rest goes in the JSON body:
url (query)- the NuData sensor script URL. Lets us load the site's settings and detect the exact field name it wants
session_id (query)- returned by the first login call. Send it back to continue the same session instead of starting cold
actions (body)- the user actions to simulate, like an input and a sign-in button. Defaults to a password input plus sign-in
checkout (body)- set true to build a checkout payload instead of a login one, using your click_targets. Costs two requests
cookies + proxy (body)- your client cookies and proxy for the init flow, so the session lines up with the request you actually send
result + input_name (response)- the payload value and the field name to send it under, usually nds-pmd, plus the session_id to reuse
Why request-based beats a browser for behavioral signals
The browser way to pass NuData is to actually behave. You boot a real Chrome, move a mouse along a human-looking path, type at human speed, and hope the sensor script scores it as real. It works until NuData tunes its model, and it costs you a browser farm plus seconds of faked typing per login.
Takion reads the sensor script and builds the behavioral payload directly. We know what signals NuData collects and what a clean session looks like, so we generate one without rendering a page or faking a single mouse move. A solve is an HTTP call, not a browser session. You send a URL, you get the payload back.
What flags a NuData session
NuData scores the whole session, not one field. These are what tip it from clean to fraud:
- No payload. Send the login or checkout without nds-pmd and NuData reads it as automation instantly. The field has to be there.
- The wrong field name. input_name varies per site. Send the payload under nds-pmd when the site expects something else and it never gets scored. Use the input_name we return.
- Robotic or empty signals. A payload with no real device, timing, or interaction data scores as a bot. Generating it server-side is the point, ours carries the signals NuData expects.
- A stale or reused payload. Payloads are tied to a session and an action. Replay one across many logins and NuData's rescoring catches the reuse. Generate a fresh one per flow.
- A broken session. On a login flow the session_id ties your calls together. Drop it, or mix cookies and proxy between the init and the real request, and the session stops lining up.
The one rule for a clean login session
On a login flow, open the session once, reuse the session_id it returns, and keep the same cookies and proxy across the init and the real request. NuData scores the session as a whole. Keep every call pointing at one consistent session and the payload lands clean.
部分使用 NuData 的网站
NuData 守护着这些网站。Takion 在每一个上都能通过,所以绕过 ticketmaster 和绕过任何其他防护墙一样,都是同一次 POST。
所有子域名,结账与登录
NuData 绕过常见问题
- 这里没有验证码可解。NuData 基于行为,所以 Takion 会生成站点所需的 nds-pmd 行为 payload,并返回可直接附加到你登录或支付请求中的结果。
- 放进站点用来提交它的那个字段,通常是 nds-pmd。字段名可能因站点而异,因此 Takion 还会返回应使用的确切 input_name。
- 有效。把 Takion 指向对应流程(登录或结账)的 NuData 传感器脚本,它就会为该操作返回有效的 nds-pmd payload,适用于 Ticketmaster 的各个子域名。
- 就是页面加载的那个传感器脚本,例如 https://nudata.ticketmaster.com/2.2/w/w-481390/sync/js/。你把这个 URL 传给 Takion,它就会基于该脚本生成 payload。
所有其他防护墙
今天就上线你的 NuData 绕过方案。
免费试用,之后一个密钥通吃每一堵墙。一小时内完成首次调用。