声明
本文章中所有内容仅供学习交流使用，不用于其他任何目的，抓包内容、敏感网址、数据接口等均已做脱敏处理，严禁用于商业用途和非法用途，否则由此产生的一切后果均与作者无关！
逆向过程

部分python代码

import requests
import urllib.parse

headers = {
    "accept": "*/*",
    "accept-language": "zh-CN,zh;q=0.9",
    "cache-control": "no-cache",
    "pragma": "no-cache",
    "priority": "u=1, i",
}
cookies = {
}
url = "recommend/item_list/"
params = {
    "WebIdLastTime": "",
    "aid": "1988",
    "app_language": "zh-Hans",
    "app_name": "tiktok_web",
    "browser_language": "zh-CN",
    "browser_name": "Mozilla",
    "browser_online": "true",
    "browser_platform": "Win32",
    "browser_version": "",
    "channel": "tiktok_web",
    "clientABVersions": "70508271,73343441,73406214,73590516,73635175,73639822,73641234,73650548,73658737,73662753,73686099,73692431,73699598,73713736,73720541,73723490,73736861,73739073,73759867,73773905,73798192,73798270,73810364,70405643,71057832,71200802,73004916,73171280,73208420,73385640,73574728,73628214",
    "cookie_enabled": "true",
    "count": "9",
    "coverFormat": "2",
    "cpu_core_number": "8",
    "dark_mode": "false",
    "data_collection_enabled": "true",
    "day_of_week": "4",

    "device_platform": "web_pc",
    "device_type": "web_h264",
    "enable_cache": "false",
    "focus_state": "true",
    "from_page": "fyp",
    "history_len": "2",
    "isNonPersonalized": "false",
    "is_fullscreen": "false",
    "is_page_visible": "true",
    "itemID": "",
    "language": "zh-Hans",
    "priority_region": "",
    "pullType": "1",
    "region": "TW",
    "screen_height": "864",
    "screen_width": "1536",
    "showAboutThisAd": "true",
    "showAds": "false",
    "time_of_day": "14",
    "tz_name": "Asia/Shanghai",
    "vv_count": "7",
    "vv_count_fyp": "6",
    "webcast_language": "zh-Hans",
}
cp = execjs.compile(open('2025-5.js','r',encoding='utf-8').read())
Gnarly = cp.call('X-Gnarly',params)
''''''''''
params['X-Gnarly']=Gnarly 
.........
print(url)
response = requests.get(url, headers=headers, cookies=cookies,proxies=proxies,params=params)

print(response.text)
print(response)

结果

正确携带加密参数

不携带加密

 

总结

 1.出于安全考虑,本章未提供完整流程,调试环节省略较多,只提供大致思路,具体细节要你自己还原,相信你也能调试出来。