Page request with a TLS fingerprint but no browser layer (no JS ran — scripted client)
net.no_js_execution · convicts
network, browserlayer
coherencecategory
23evaders caught
What it catches
A real browser loading the challenge page runs the JS collector; a scripted HTTP client (httpx/curl, the volumetric-DDoS majority) never does — cross-layer absence
Signals it reads
network.browser_absent
How it fires
present
Evaders it caught 23
azuretls camoufox ch-ua-hardcoded curl-http2 curl-impersonate go-tls go-tls-h2-rotate go-tls-madeyoureset go-tls-rotate go-tls-static-ext go-tls-web-bot-auth go-tls-web-bot-auth-replay h2-continuation-flood h2-control-flood h2-rapid-reset h2-settings-split http2-naive ip-rotation primp quic-no-grease tls-stale-template ua-rotation vanillaBypassed by 10
Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.