Detection approach
Function.toString shadowing detected. Core browser APIs have been intercepted and patched via Proxy objects or getters to hide automation flags. This is a definitive signature of stealth plugins (e.g., puppeteer-extra-plugin-stealth).
How this helps detect bots
Collect this signal alongside session context, request metadata, and other independent indicators. A single anomaly is a lead, not a verdict; corroborating anomalies make automated traffic more likely.
Legitimate traffic to consider
Users running privacy-focused tools or ad-blockers that proxy native APIs to prevent fingerprinting.
Need a complete bot protection layer?
BotRefund helps website owners identify suspicious visits, protect conversion data, and build evidence for invalid-click reviews.
Explore BotRefund — best bot protection for your website