navigator.languages differs between the main thread and a Web Worker

br.languages_worker_vs_main  ·  convicts

browserlayer
coherencecategory
5evaders caught

What it catches

The language half of the geo-spoof realm pair (with timezone_worker_vs_main). A residential-proxy bot patches navigator.languages in the main realm to match the proxy's country, but a JS patch cannot reach Web Worker scope, so a Worker reports the real host languages. Grounded headless: a normal real browser reports identical languages in both realms (no fire). EXPERIMENTAL — unlike timezone, a legitimate CDP locale override (context.locale) does NOT propagate to the Worker (grounded: main es-ES, worker en-US → diverges), so this fires on legit locale emulation and on the rare real user running a language-spoofing privacy extension; kept corroborating until the legit-browser divergence rate is validated against Tier-3 real traffic. Catches both JS- and CDP-level main-realm language spoofs.

Signals it reads

browser.languages_worker_divergence

How it fires

present

Evaders it caught 5

Bypassed by 10

Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.

← all detections