Performance Inspector
Analyze browser performance metrics that distinguish real browsers from automation tools and headless browsers
Performance Overview
Performance metrics can reveal automated tools. Headless browsers often show unnaturally perfect timing, missing frame metrics, or HTTP/3 protocol downgrades when using proxies.
Frame Timing Stability
Jitter: Lower values indicate more consistent frame timing
Green line: Target 16.67ms interval for 60 FPS
Frame Timing Metrics
| Metric | Value |
|---|---|
| Collecting data... | |
Protocol Usage
| Protocol | Count |
|---|---|
| Loading... | |
HTTP/3 uses UDP and cannot be proxied by traditional HTTP/SOCKS proxies. Resources downgrading from HTTP/3 to HTTP/2 may indicate proxy usage. Major CDNs (Cloudflare, Fastly, etc.) typically support HTTP/3.
DNS Resolution Times
| Hostname | Avg DNS Time | Status | Requests |
|---|---|---|---|
| Loading... | |||
Connection Times per Host
| Hostname | Protocol | Requests | New/Reused | Avg TCP | Avg TLS | Avg RTT | Total |
|---|---|---|---|---|---|---|---|
| Loading... | |||||||
Resource Load Times
| Resource Type | Count | Median | Average | Min | Max |
|---|---|---|---|---|---|
| Loading... | |||||
Performance metrics reveal several characteristics that distinguish real browsers from automation tools:
- Frame Timing Patterns: Real browsers show natural frame timing variations due to system load, while headless browsers may show unnaturally perfect timing or completely missing metrics.
- Protocol Downgrades: HTTP/3 uses UDP and cannot be proxied by traditional proxies. Automation tools using proxies will downgrade to HTTP/2, which is detectable.
- Connection Reuse: Real browsers maintain persistent connections and show predictable reuse patterns. Automation tools may create excessive new connections.
- TCP/TLS Handshake Times: Native browsers show consistent OS-level handshake patterns. Automation may bypass or show abnormal timing.
These metrics combined create a unique performance fingerprint that's difficult for bots to replicate perfectly.
While perfect evasion is difficult, here are some mitigation strategies:
- Use real (non-headless) browsers: Chrome/Firefox with automation drivers show more realistic performance patterns.
- Avoid proxies when possible: Direct connections preserve HTTP/3 support and natural protocol patterns.
- Residential proxies: If proxies are needed, residential proxies are harder to detect than datacenter IPs.
- Add timing randomization: Inject natural variability into interactions (random delays, mouse movements).
- Monitor frame timing: Ensure your automation maintains realistic frame rates and timing jitter.
Note: Some anti-bot systems are very sophisticated. The best approach is often to use real browsers with minimal automation modifications.
Frame Stability Score: Percentage of frames that are within 1ms of the target 60fps interval (16.67ms). Higher scores indicate more stable rendering.
Jitter (Standard Deviation): Variability in frame timing. Real browsers typically show 0.5-3ms jitter due to system load. Headless browsers may show near-zero jitter.
TCP Time: Time to establish TCP connection (SYN/ACK handshake). Typically 20-100ms depending on geographic distance.
TLS Time: Time for TLS/SSL handshake after TCP connection. Usually 20-50ms for TLS 1.3, longer for older versions.
RTT (Round-Trip Time): Time from request sent to first byte received. Indicates network latency.
HTTP/3: The latest HTTP version using QUIC over UDP. Not proxy-compatible, which makes it useful for bot detection.
This tool analyzes real-time performance metrics from your browser using the Resource Timing API and requestAnimationFrame. All data is processed locally and not sent to any server.