Kasada

Kasada is an anti-bot software that leverage a JavaScript challenge based detection of the VM’s browser. This enables deep obfuscations of their script, this challenge / fingerprinting script changing from a session to an another, attempting to counter common fingerprint-crafting techniques and request based scraping.

Recognize Kasada

To identify Kasada’s presence on a website, look for these characteristics:

Internal property: window.KPSDK property.
Fingerprinting script loading: After few events triggered on the page, Kasada will load a script named p.js from an URL containing multiple random uuids, like so:
```
https://website.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
```
Cookies: Kasada set the cookie: KP_UIDz-ssn

Headers: Kasada will add those headers containing session indentifier and challenge response to a protected endpoint:

x-kpsdk-cd: {"workTime":1104138156468,"id":"69116f79aad41a20dc03f01df206aafe","answers":[1,4],"duration":1,"d":153,"st":1705113096264,"rst":1705138496419}
x-kpsdk-ct: 0yRRve0TgxXQaUSrahg98P7WHX5pnvNlBJbrXHwxErUAaUvkdnxqba7gGdNmedFLmkyvlEBpDxqfVDyDU2EgsLwY2wlKIMJbISrfCWBdiiwFAoNYpxdooDpwjNIaKVYYxtO2pfOCl3ifbqqlfAokNqAGU7bLro3P
x-kpsdk-v: j-0.0.0

Kasada’s bot detection

Iframe

MatchMedia

Docs

Web Scraping

Title here

Kasada

Recognize Kasada

Kasada’s bot detection

Kasada

Recognize Kasada#

Kasada’s bot detection#

Recognize Kasada

Kasada’s bot detection