spoof-ua

Claims one browser in its User-Agent while the engine, TLS and HTTP/2 stack describe another.

botverdict
1.00score
17/185checks fired

Convicting tells 11

br.ch_he_headlessUA-Client-Hints high-entropy brand list reveals HeadlessChrome
br.engine_stack_vs_uaJS-engine stack API (Error.stackTraceLimit = V8) contradicts the UA engine
br.error_engine_vs_uaJS-engine error-message format contradicts the UA engine
br.firefox_ua_nongeckoA UA claiming Firefox lacks navigator.buildID — a Gecko-only surface, so it is not Gecko
br.permissions_anomalyNotification.permission contradicts the Permissions API state
br.productsub_vs_uanavigator.productSub render engine contradicts the UA
br.vendor_vs_uanavigator.vendor implies an engine that contradicts the UA
br.webdriver_spoofednavigator.webdriver is an own property (patched via defineProperty)
net.ch_ua_vs_ua_browserHTTP Sec-CH-UA brand contradicts the JS UA browser
net.h2_vs_ua_browserHTTP/2 (Akamai) fingerprint contradicts User-Agent browser
net.tls_vs_ua_browserJA4 browser family contradicts User-Agent browser

← all evaders  ·  the detection matrix