Interactive detection of automated browser behavior
This page demonstrates various techniques used to detect automated browser behavior. Modern bot detection combines multiple signals including behavioral analysis, browser fingerprinting, and environment checks.
Monitors mouse movements, click patterns, and typing behavior. Bots often exhibit unnaturally perfect or erratic movement patterns.
Collects unique browser characteristics including canvas rendering, WebGL info, audio context, and installed fonts to create a device identifier.
Checks for automation tools like Selenium, Puppeteer, or PhantomJS by examining navigator properties and DOM artifacts.
Analyzes the timing between user actions. Human interactions have natural variations while bots tend to be too fast or too consistent.
Analyzes mouse path deviation from straight lines. Bots tend to move in perfectly straight paths (>95% straightness), while humans naturally curve.
Detects presence of hand tremor. Humans have 15-30% micro-movements (<3px), bots have near 0% (too smooth) or 100% (fake jitter).
Measures timing consistency between actions. Humans have high variance (CV>0.3), bots often have suspiciously low variance (CV<0.15).
Flags large pastes (>20 chars) into non-password fields. While legitimate, excessive pasting may indicate automation.
Measures delay before first action. Humans need at least 300ms to process and react; instant interaction is suspicious.
Tracks form field corrections. Humans typically revisit 1-3 fields to fix mistakes; zero revisits across multiple fields is suspicious.
Analyzes mouse path curvature quality. Human paths fit natural Bezier curves well (R²>0.85); bots produce too-linear or inconsistent curves.
Checks if navigator.connection.rtt equals 0. Headless browsers report zero network round-trip time, while real browsers always have RTT > 0.
Compares User-Agent platform/version with Client Hints API data. Bots often spoof UA but forget to match the Client Hints values.
Examines navigator.webdriver property descriptor for tampering. Detects puppeteer-extra-stealth and similar evasion tools.
Renders the same canvas image multiple times. If results differ, anti-fingerprint noise injection is being used by anti-detect browsers.
Creates AudioContext and checks for silence. Headless servers often have no audio hardware, producing all-silent frequency data.
Checks for non-standard resolutions and impossible combinations like high resolution with devicePixelRatio=1.
Detects if OS-specific fonts match the claimed UA. Missing Segoe UI on Windows or Helvetica Neue on macOS indicates spoofing.