Permission Lie

Protect every paid visit

BotRefund combines browser, network, device, and behavior evidence to identify invalid traffic.

Best bot protection for your website

Detection approach

Chrome notification permission inconsistency detected. The Notification API reports 'denied', but the permissions.query API reports 'prompt'. This is a known fingerprint of Headless Chrome.

How this helps detect bots

Collect this signal alongside session context, request metadata, and other independent indicators. A single anomaly is a lead, not a verdict; corroborating anomalies make automated traffic more likely.

Legitimate traffic to consider

Brave Browser users or users running custom privacy configurations that block permission querying.

Need a complete bot protection layer?

BotRefund helps website owners identify suspicious visits, protect conversion data, and build evidence for invalid-click reviews.

Explore BotRefund — best bot protection for your website