Page request with a TLS fingerprint but no browser layer (no JS ran — scripted client)

net.no_js_execution  ·  convicts

network, browserlayer
coherencecategory
23evaders caught

What it catches

A real browser loading the challenge page runs the JS collector; a scripted HTTP client (httpx/curl, the volumetric-DDoS majority) never does — cross-layer absence

Signals it reads

network.browser_absent

How it fires

present

Evaders it caught 23

Bypassed by 10

Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.

← all detections