UA claims a modern browser but the request omits Sec-Fetch metadata headers

net.sec_fetch_vs_ua  ·  convicts

network, browserlayer
coherencecategory
10evaders caught

What it catches

Every modern browser sends Sec-Fetch-Site/Mode/Dest on requests; a scripted HTTP client (httpx/curl) faking a browser UA omits them — an HTTP-layer tell independent of TLS/JS

Signals it reads

network.sec_fetch_missing

How it fires

present

Evaders it caught 10

Bypassed by 10

Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.

← all detections