ch-ua-hardcoded

An HTTP client with a hardcoded Client-Hints brand list that lacks the GREASE brand a real Chrome always emits.

botverdict
1.00score
6/185checks fired

Convicting tells 6

net.accept_encoding_vs_uaUA claims a modern browser but Accept-Encoding omits Brotli (scripted client)
net.ch_ua_no_grease_brandChromium Sec-CH-UA brand list omits the GREASE brand (hardcoded header)
net.no_js_executionPage request with a TLS fingerprint but no browser layer (no JS ran — scripted client)
net.sec_fetch_vs_uaUA claims a modern browser but the request omits Sec-Fetch metadata headers
net.tcp_os_vs_uaTCP/IP-stack OS kernel contradicts the OS the User-Agent claims
net.tls_grease_vs_uaUA claims a GREASEing-engine browser (Chromium/Safari) but the TLS ClientHello has no GREASE

← all evaders  ·  the detection matrix