Sign in
← Dashboard / Signature Detail
DE

Firefox 149 Windows

· Firefox 149.0 / Windows Human
Scraper
Policy: Silent Throttle
Probability
0 %
Confidence
93 %
Risk Profile
VeryLow
Threat
None
Hit Count
14
Last Seen
36s ago
Network Locale Headers Tool Transport Session Quality
Drifted
Generic Adblocker Firefox Desktop
Drift vs
48.8%

Fingerprint Profile

TLS Version
TLSv1.3
HTTP Protocol
HTTP/1.1
Protocol Client
TLS_AES_256_GCM_SHA384
TCP OS Hint
Unavailable
Fingerprint Integrity
Suspect
UA Consistency
Consistent
Headless Indicator
Low
Datacenter IP
Clean

Browser modes same browser, different modes. One row per persisted mode

Mode Observations Maturity Shift from baseline Last seen
bot-raw 348 348 0.31 (dnt, accept encoding ordered, accept) 09:53:10
signalr-negotiate 23 23 0.42 (upgrade insecure requests, priority, ip subnet) 08:41:47
sub-resource 52 52 0.48 (priority, ip subnet, sec gpc) 08:41:46
navigation 655 655 0.18 (dnt, accept, upgrade insecure requests) 08:41:41
4 modes across 1078 observations. See composite browser-mode fingerprints.
Endpoints Visited (12) Click to expand · stats unavailable
# Path
1 /dist/assets/index.js
2 /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js
3 /docs/add-to-aspnet-core
4 /enterprise
5 /dashboard/entity/618f40cc546f4317
6 /docs/add-to-docker-compose
7 /account/login
8 /dashboard/entity/776f4ed9d98f46fc
9 /store
10 /backend/.env
11 /env
12 /
Raw Requests (14) Click to expand
Time Method Path Status Prob Conf Risk Profile Action Time
07:15:09 GET /dist/assets/index.js 200 90 % 68 % VeryHigh Silent Throttle 12.2ms
07:15:07 GET /dist/assets/index.js 200 90 % 68 % VeryHigh Silent Throttle 12.4ms
07:15:05 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js 200 90 % 68 % VeryHigh Silent Throttle 12.6ms
07:15:01 GET /docs/add-to-aspnet-core 200 90 % 68 % VeryHigh Silent Throttle 44.4ms
07:15:01 GET /enterprise 200 90 % 68 % VeryHigh Silent Throttle 11.0ms
07:15:01 GET /dashboard/entity/618f40cc546f4317 200 90 % 68 % VeryHigh Silent Throttle 12.0ms
07:15:00 GET /docs/add-to-docker-compose 200 90 % 68 % VeryHigh Silent Throttle 11.8ms
07:14:56 GET /account/login 200 90 % 68 % VeryHigh Silent Throttle 12.5ms
07:14:56 GET /dashboard/entity/776f4ed9d98f46fc 200 90 % 68 % VeryHigh Silent Throttle 11.6ms
07:14:55 GET /store 200 90 % 68 % VeryHigh Silent Throttle 11.9ms
07:14:53 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js 200 90 % 68 % VeryHigh Silent Throttle 11.9ms
07:14:52 GET /backend/.env 200 100 % 100 % VeryHigh Silent Throttle 11.4ms
07:14:52 GET /env 200 90 % 68 % VeryHigh Silent Throttle 12.4ms
07:14:40 HEAD / 200 90 % 68 % VeryHigh Silent Throttle 11.7ms

Bot Probability & Confidence History

StyloBot Detection Overhead (ms)

User Agent

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0

Analysis

Firefox 149 Windows on /dist/assets/inde... - caught by UA rotation: 6 different User-Agents with identical heade..., Visiting many random URLs in no logical order (random sca..., Request patterns appear normal

Detection Signals

  • UA rotation: 6 different User-Agents with identical header profile from same IP
  • Visiting many random URLs in no logical order (random scanning pattern)
  • Request patterns appear normal
  • IP appears normal: 91.192.10.xxx
  • TLS connection appears normal

Detector Contributions (19 detectors)

Detector Confidence Delta Timing (ms)
HeuristicLate
Heuristic model (late): 98 % bot likelihood (309 features)
+0.957 0.3
HeaderCorrelation
UA rotation: 6 different User-Agents with identical header profile from same IP
+0.800 0.2
Heuristic
Heuristic model (early): 77 % bot likelihood (21 features)
+0.544 0.1
Behavioral
Request patterns appear normal; Visiting many random URLs in no logical order (random scanning pattern)
+0.200 0.3
Ip
IP appears normal: 91.192.10.xxx
-0.150 0.0
TlsFingerprint
TLS connection appears normal
-0.150 0.0
UserAgent
No bot marker in User-Agent (weak human lean; UA is easily spoofed)
-0.050 0.5
AI
AI analysis: borderline case, monitoring
+0.000 10.4
Header
Browser UA without Accept-Language; deployment norm is low language rate (39 % over 310 samples)
+0.000 0.1
AiScraper
No AI scraper signals detected
+0.000 0.0
VerifiedBot
No known bot UA pattern
+0.000 0.0
SecurityTool
No security tools detected in User-Agent
+0.000 0.0
PiiQueryString
Query string contains PII parameters: token
+0.000 0.0
RequestHydrator
Request signals hydrated to sink
+0.000 0.0
Http2Fingerprint
Using HTTP/1.1; environment norm is HTTP/1.1 (0 % HTTP/2 over 32 samples)
+0.000 0.0
Http3Fingerprint
Connection uses HTTP/1.1 (not HTTP/3)
+0.000 0.0
TcpIpFingerprint
Network fingerprint analysis complete (no anomalies detected)
+0.000 0.0
TransportProtocol
Transport protocol analysis complete
+0.000 0.0
FastPathReputation
No known patterns in reputation cache
+0.000 0.0

Signal Intelligence

request

protocol HTTP/1.1
accept_encoding gzip, br, deflate

risk

justification Classified Scraper (probability 0.90, confidence 0.68)
friendly_pin_trace not-applicable:botType=Scraper,yamlType=null,botName=null

tls

cipher TLS_AES_256_GCM_SHA384
Version TLSv1.3
version TLSv1.3

Policy applied

Hit history

No sessions recorded yet.

Sessions are created when a visitor's activity gap exceeds 30 minutes.

Effective policy
Loading effective policy…
ASP.NET Pack — Auth events
JWKS health
OK

reachable

Auth pipeline
JWKS reachable
License
Licensed

ASP.NET pack enabled

OTel Mesh — Traces

Fingerprint timeline

66e991759d5e475399b3a116b154139b 0 observations

Span + log activity for this fingerprint, ordered by timestamp.

No timeline observations

OTel Mesh receiver online, but no observations seen for this fingerprint id (check W3C baggage propagation)

Signature: Nm4_Qv1CUKT1Pad-dJQruQ | Processing: 12ms | Country: DE | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0 | First seen: 2026-07-16 07:14:40 UTC