Product / Stealthium

Solve browser detection where signals generate.

Stealthium is a customer-hosted Chromium runtime with evasion engineered inside Chromium and V8. It is built for workflows where a browser has to remain coherent under engine, renderer, protocol, identity, and network inspection.

Request evaluation View architecture
stealthium://live-session ready

Effective launch state

mode cluster
safe mode true
isolated world true
policy attached
telemetry launch-scoped
enginerendererapicdproute

Browser

customer-hosted Chromium runtime

Control surface

Chromium and V8

Delivery

Docker container

Parity target

Chrome within ~48 hours
Operating model

Private browser clusters with explicit launch policy.

The product is not a hosted browser farm or a script bundle. Teams run a governed Chromium cluster, choose which controls are allowed at launch, and inspect the state that actually reached the browser.

launch.env

Controls accepted before the browser opens
01 UD_SERVER_MODE=cluster

Launch browsers on demand

Run the container as a browser cluster so external Playwright, Puppeteer, Selenium, or CDP clients can create independent sessions.

02 UD_SERVER_SAFE_MODE=true

Guard the cluster boundary

Prevent launch clients from overriding sensitive options such as persistence paths, unsafe arguments, and lifecycle controls.

03 UD_ISOLATE_EXECUTION=true

Move framework scripts out of the page world

Rewrite framework evaluations into isolated worlds so page scripts cannot inspect the automation utility layer.

04 UD_BROWSER_POLICY_JSON

Apply per-browser enterprise policy

Set Chrome Enterprise policy at launch for downloads, extensions, browser experiments, and other governed behavior.

05 UD_AUTO_CLOSE / UD_IDLE_BROWSER_TIMEOUT

Make browser lifecycle explicit

Close sessions when clients disconnect or when no CDP commands arrive within the configured idle window.

06 Undetect.getConfig

Inspect the effective launch state

Retrieve the runtime and server configuration actually used by the session when diagnosing a target-specific failure.

Signal origin

Detection does not stop at exposed JavaScript values.

Anti-bot systems correlate how the browser behaves, not just what one API returns. Stealthium treats the browser stack as the control plane, so deeper measurements do not contradict the visible identity.

01

Engine

V8 execution behavior

Execution semantics, edge cases, and timing traits are controlled below the JavaScript patch layer.

02

Renderer

Graphics and canvas output

Renderer-level surfaces stay consistent with the selected device and browser profile instead of being spoofed late.

03

Browser APIs

Feature exposure and state

Observable APIs, permissions, storage posture, and platform behavior are aligned from session start.

04

Control path

Protocol artifacts

Automation control is treated as part of the detection surface, not hidden with page-level scripts.

Patching limit

JavaScript patching fails for structural reasons.

01

It runs above the signals being measured.

Script injection can change exposed values, but it cannot fully control engine behavior, rendering output, or protocol side effects.

02

It creates contradictions under correlation.

A browser can claim one platform while deeper measurements reveal another through timing, graphics, API, and storage behavior.

03

It expands the maintenance surface.

Every new web platform API and browser release adds observable behavior that a patch-based stack has to chase after launch.

04

It leaves framework control paths visible.

CDP and automation framework behavior can introduce stable command patterns, state changes, and scheduling artifacts.

Control path

Framework commands pass through a governed boundary.

Playwright, Puppeteer, Selenium, and direct CDP clients can launch browsers, but commands that rewrite identity after launch are filtered unless a team deliberately enables them.

Filtered command Risk avoided
Network.setUserAgentOverride

User agent overrides

Filtered because framework-level overrides can desynchronize the UA from the browser engine and profile.

Emulation.setTimezoneOverride

Timezone overrides

Filtered so timezone remains derived from the resolved fingerprint and route context.

Emulation.setDeviceMetricsOverride

Device metrics overrides

Filtered to avoid window, screen, DPR, and platform contradictions created after launch.

Page.setFontFamilies

Font family overrides

Filtered so font surfaces remain consistent with the selected operating system and browser profile.

Undetect.getBrowserURLs

Debug the live browser

Returns VNC, DevTools, screenshot, status, and WebSocket URLs scoped to the exact browser instance.

Undetect.getFingerprint

Verify the effective identity

Returns the full fingerprint data used by the browser rather than the partial inputs supplied at launch.

Undetect.getLaunchId

Bind telemetry to one session

Returns the launch identifier used by cluster endpoints, reconnect flows, and support diagnostics.
Customer deployment

The browser runtime stays inside the customer perimeter.

Stealthium is deployed in customer infrastructure, where browser execution, user data, session state, and operational telemetry can be governed like other sensitive systems.

Customer networkStealthium containerCDP clientsSession state

Fewer unexplained blocks

Detection changes are investigated against runtime, identity, route, and telemetry data rather than treated as retry noise.

Authenticated session continuity

High-value actions can keep browser state, fingerprint posture, and execution behavior coherent across repeated runs.

Lower internal maintenance load

Customer teams spend less time staffing their own browser-evasion program and more time on the workflow itself.

Evaluate Stealthium against the workflow that breaks today.

Bring the target, infrastructure constraints, and failure traces. Evaluation focuses on whether the runtime changes outcomes under your real access conditions.

Request evaluation Review pricing