iframe-spoof

Patches the main realm but not nested iframes; the iframe realm reports different values — a realm divergence.

botverdict
1.00score
21/185checks fired

Convicting tells 12

br.cdp_runtime_enabledCDP Runtime.enable detected (prototype-chain Proxy ownKeys trap)
br.ch_he_headlessUA-Client-Hints high-entropy brand list reveals HeadlessChrome
br.ch_he_version_vs_uaUA-CH high-entropy Chrome version contradicts the UA-string version
br.iframe_divergencenavigator differs between the main document and an iframe
br.navplatform_vs_uanavigator.platform implies an OS that contradicts the UA platform
br.no_chrome_objectChrome User-Agent but window.chrome is absent
br.permissions_anomalyNotification.permission contradicts the Permissions API state
br.ua_platform_vs_ch_platformnavigator/UA platform contradicts Sec-CH-UA-Platform
br.webdriver_getter_tamperedNavigator.prototype.webdriver getter is non-native (prototype patch)
br.webgl_os_vs_uaWebGL renderer implies an OS that contradicts the UA platform
br.worker_divergencenavigator differs between the main thread and a Web Worker
net.ch_platform_header_vs_uaHTTP Sec-CH-UA-Platform contradicts the JS UA platform

← all evaders  ·  the detection matrix