It seems he's doing something with header detection. I used Puppeteer to play around with the site and various configurations I use when scraping.

In headless Chrome, the "Accept-Language" header is not sent. In Puppeteer, one can force the header to be sent by doing:

  page.setExtraHTTPHeaders({ 'Accept-Language': 'en-US,en;q=0.9' })

  accept-language: en-US,en;q=0.9

This is a completely server-side check, which is why he can say the fpcollect client-side javascript library isn't involved.

Here are some curl commands that demonstrate:

Detected: not headless

  curl 'https://arh.antoinevastel.com/bots/areyouheadless' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3803.0 Safari/537.36' \
  -H 'Accept-Language: en-US,en;q=0.9'

  curl 'https://arh.antoinevastel.com/bots/areyouheadless' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3803.0 Safari/537.36'

  curl 'https://arh.antoinevastel.com/bots/areyouheadless' \
  -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3803.0 Safari/537.36' \
  -H 'accept-language: en-US,en;q=0.9'

I run the division at my company that builds crawlers for websites with public records. We scrape this information on-demand when a case is requested, and we handle an enormous volume of different sites (or sources as we call them). We recently passed 700 total custom scrapers.

Recently, we have seen a spike in sites that detect, and block our crawlers with some sort of Javascript we cannot identify. We use headless Chrome and selenium to build out most of our integrations, I'm starting to wonder if the science of blocking scraping is getting more popular...

I don't think what I'm doing is subversive at all, we're running background checks on people, and we can reduce business costs by eliminating error-prone researchers with smart scrapers that run all day.

I don't want to seem like the bad guy here, but what if I wanted to do the opposite of this research? Where do I start? Study the chromium source? Can anyone recommend a few papers?

There are additional tests included in https://arh.antoinevastel.com/javascripts/fpCollect.min.js that do not exist in the GitHub repository over at https://github.com/antoinevastel/fp-collect.

  redPill: function() {
      for (var e = performance.now(), n = 0, t = 0, r = [], o = performance.now(); o - e < 50; o = performance.now()) r.push(Math.floor(1e6 * Math.random())), r.pop(), n++;
      e = performance.now();
      for (var a = performance.now(); a - e < 50; a = performance.now()) localStorage.setItem("0", "constant string"), localStorage.removeItem("0"), t++;
      return 1e3 * Math.round(t / n)
    },
    redPill2: function() {
      function e(n, t) {
        return n < 1e-8 ? t : n < t ? e(t - Math.floor(t / n) * n, n) : n == t ? n : e(t, n)
      }
      for (var n = performance.now() / 1e3, t = performance.now() / 1e3 - n, r = 0; r < 10; r++) t = e(t, performance.now() / 1e3 - n);
      return Math.round(1 / t)
    },
    redPill3: function() {
      var e = void 0;
      try {
        for (var n = "", t = [Math.abs, Math.acos, Math.asin, Math.atanh, Math.cbrt, Math.exp, Math.random, Math.round, Math.sqrt, isFinite, isNaN, parseFloat, parseInt, JSON.parse], r = 0; r < t.length; r++) {
          var o = [],
            a = 0,
            i = performance.now(),
            c = 0,
            u = 0;
          if (void 0 !== t[r]) {
            for (c = 0; c < 1e3 && a < .6; c++) {
              for (var d = performance.now(), s = 0; s < 4e3; s++) t[r](3.14);
              var m = performance.now();
              o.push(Math.round(1e3 * (m - d))), a = m - i
            }
            var l = o.sort();
            u = l[Math.floor(l.length / 2)] / 5
          }
          n = n + u + ","
        }
        e = n
      } catch (t) {
        e = "error"
      }
      return e
    }
  };

https://arh.antoinevastel.com/javascripts/fpCollect.min.js contains some functions called redPill that aren't in the normal fpCollect library. redPill3 measures the time of some JS functions and sends that data to the backend. Here's a chart of redPill3's timing data on my computer: https://i.imgur.com/c8iuV6I.png

Those are averages of multiple runs on a Core i7-8550U running Chromium 75.0.3770.90 on Ubuntu 19.04.

isNan and isFinite are much slower in headless mode, but other functions like parseFloat and parseInt aren't. My guess is that the backend is comparing the relative times that certain functions take. If isNan and isFinite take the same time as parseFloat, then you're not in headless mode. If those functions take 6x longer than parseFloat, you're in headless mode.

I don't know if this holds true for non x86 architectures or other platforms.

This would be more interesting if the author explained this technique.

People that are knowledgeable enough will deep dive into the webpage, but for everyone else, expect disappointment.

Out of all the zero-sum tech arms races (increasingly complex DRM, SPAM senders/blockers, software crackers vs. copy protection, code obfuscation) this one seems to me to be the stupidest. Here we have people putting data out in public for free, for anyone to access, and then agonizing over how someone accesses it. If some data is your company's secret sauce, your competitive advantage, don't put it out on the Internet. If your data is not your competitive advantage, then why bother wasting all this development effort stopping browsers from browsing it? So much waste on both sides.

I'm the other half of the cat and mouse game that Antoine is referring to, and I just wrote another rebuttal that people here might find interesting [1]. It goes into a little more detail about what his test site is actually doing, and also walks through the process of writing a Puppeteer script to bypass the tests.

- [1] -https://www.tenantbase.com/tech/blog/cat-and-mouse/

All this can be avoided (from a scraper's perspective) by using the Selenium IDE++ project. It adds a command line to Chrome and Firefox to run scripts. See https://ui.vision/docs#cmd and https://ui.vision/docs/selenium-ide/web-scraping

=> Using Chrome directly is slower, but undetectable.

I work in telecom and we interface with large carriers like AT&T, Verizon, etc. We use headless browsers to automate processes using their 15-year-old admin portals, since the carriers simply refuse to provide an API, or one that works acceptably.

Thankfully they're also so technologically slow that they never change the websites or do any kind of headless detection. Its works, and allows us to offer automated [process] to our customers, but it seems so fragile. Just give us a damn API.

Well the user agent of chrome headless contains 'HeadlessChrome' according to this site [1]. Sure enough when I spoof my user agent to the first in the list it magically determines I'm using headless Chrome.

He basically says he's inspecting user agents:

> Under the hood, I only verify if browsers pretending to be Chromium-based are who they pretend to be. Thus, if your Chrome headless pretends to be Safari, I won’t catch it with my technique.

Maybe I should apply for a PhD too.

[1] https://user-agents.net/browsers/headless-chrome

The author seems to be making use of: fpscanner[1] and fp-collect[2] libraries for achieving his task though he doesn't seem to explain how exactly the detection is done.

[1]: https://github.com/antoinevastel/fpscanner

[2]: https://github.com/antoinevastel/fp-collect

I think there might be a market for "human crawlers". Just like people use Mechanical Turk to get humans to beat CAPTCHAs, you could use it to get humans to visit a web page for you, and return its HTML source. There are of course residential proxy services (ie HolaVPN), but they're still technically can be detected.

This straight up crashes my scraper's browser, using puppeteer, extra-stealth ect.

Wouldn't these render the Brave browser unusable on some sites?

I have always maintained a high credit score over the years up till a messy job divorce and property split which affected me psychologically and financially. I accumulated many negative collections (repossession, charge offs, late payments) and my credit score suffered for it and did stop me from getting loans. I got to hear of REDEMPTIONHACKERSCREW from an old college mate and also saw success stories of people he had helped increase their credit scores. I contacted him via his email REDEMPTIONHACKERSCREW, we got the ball rolling and in 5 days his magic hand was all over my report when I pulled it. 790–800 on all bureaus. To be honest it Still feels like a dream getting the loans. If you wish to be saved like me and others reach out to REDEMPTIONHACKERSCREW contact email: REDEMPTIONHACKERSCREW at GMAIL dot COM or text REDEMPTION with your request to +1 909 375 5075 (WHATAPP ONLY)

You think your credit card is bad, mine was terrible. i was at the edge of loosing my family, when i got saved by an old friend of mine who introduced me to a hacker by the name PAUL MIKE. I didn’t at first believe it but i had no choice, i was about to loose everything. So i contacted him via his email ([email protected]) and i must say, hackers are the best. He raised my credit score to a golden score of 790 and removed the eviction from my credit among other negative listings. Now my life is way better than i ever imagined it would. I can now get approved for loans, mortgage, surgery e.t.c. I’ll advise you contact him to help fix your credit now.You can also reach him on his number: +17206630651‬

Many people have tried to be in touch with hackers but in most cases, they end up disappointed either with their service or with the charges. You can hire a professional and ethical hacker PAUL MIKE to keep yourself safe online or to keep a watch on your family members just for legal reasons. These hacker "PAULMIKE" will provide you complete security from cyber-crimes and mischievous people who are trying to steal your personal data.He can also help you upgrade your credit score to a golden score of 830 and removed the eviction from your credit among other negative listings.You can reach him on his number: +17206630651‬,([email protected])

I am an Entrepreneur, I work as a FLAT AND SALES MANAGER but I have been in a sorrowful mood and pressure since my 40’s days ,I have not been able to acquire all my desires despite earning a lot of money doing businesses, my score deprived me of many things in life. But all thanks to God and Albert Gonzalez of CyberSpyGuru (At) Gmail DOT (com) he help me fix my credit report and removed all my evictions within 48hours ,now as I speak I have finally gotten a new home for Family. I didn’t believe at first and It’s just like a miracle but I can’t doubt what’s happening physically in my life.

Do you know that an excellent credit score of 830 is better than $100,000 cash in hand? Don't fall into the wrong hands Contact THE REAL HACKER Paul Mike for your credit score upgrade and He will remove all evictions from your card among other negative issues. He did a surprising job on my credit score and since then my life have been different. That's why I have to tell everyone with a bad score to act now and fast. Contact him on his mail; [email protected]. Phone number; +17206630651.

I HAVE A GOOD NEWS!!!! I just met the greatest hacker on the planet ([email protected]) I was at first scared he might scam me but he turned out to be the best so far. HE delivered my work just few hours after I texted him. His works are historically unbeaten plus he's trustworthy and reliable. whatsapp, facebook,instagram, bitcoin, email and so on. You really need to try him today on ([email protected]) or text him on whatsapp: +971-547-461170 Thank me later.

Albert of CyberSpyGuru is the best in the business of fixing credit, second to none…He got rid of all my negative listings and eviction on my credit at a reasonable price. Thanks to him I am gladly living with an excellent score of 810, now as i speak he has also helped over Three of my friends clear their Mortgage and boost their Fico scores , I cant imagine what my life would have been like without him. And for those interested in his services. CYBERSPYGURU AT Gmail {Dot} com

Good day friends, I strongly recommend [email protected] for your Credit score BOOST, Credit card debt clearing, bank account debt clearing, negative record clearing, Criminal record clearing, Loan application, Credit card application and any related hacking job. You can also reach him on his number: +17206630651‬, He really changed my life for good. A GOOD hacker is HARD to find.

The best hacker that I know can boost your credit score from a poor score of 250 to an excellent score of 750, is Hacker Paul Mike is a life saver. contact him hackerpaulmikeATgmailDOTcom CELL 702-663-0651. YOU Will be glad you did.

I’ve participated in a number of Stanford research studies, and what the author is doing here is similar to part of it.

The studies in which I’ve participated always start with a statement of what they are generally looking for in a participant. You then take a survey that confirms if you are qualified. You then given a release to sign (and keep a copy of), which states what you’ll be doing, and providing an IRB contact. You then go through the study.

At the end of your participation, you are asked “What do you think the study is about?”, and then you were told the real purpose of the study. Eventually the paper(s) is/are published, with hypothesis, methodology, and results.

This seems similar: You decide if you want to participate, and are participating; the only thing that’s missing is the final paper.