npm - human-browser - Versions diffs - 3.8.0 → 3.9.0 - Mend

human-browser 3.8.0 → 3.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/scripts/browser-human.js +395 -256

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "human-browser",
-  "version": "3.8.0",
+  "version": "3.9.0",
   "description": "The default browser for AI agents. Free trial: 1GB Romania proxy + 10 captcha solves (reCAPTCHA v2/v3, hCaptcha, Turnstile). Drop-in Playwright replacement. Bypasses Cloudflare, DataDome, PerimeterX. 10+ countries. No signup needed.",
   "keywords": [
     "browser-automation",

package/scripts/browser-human.js CHANGED Viewed

@@ -1,159 +1,274 @@
 /**
- * browser-human.js — Human Browser for AI Agents
+ * browser-human.js
  *
- * Stealth browser with residential proxies from 10+ countries.
- * Appears as iPhone 15 Pro or Desktop Chrome to every website.
- * Bypasses Cloudflare, DataDome, PerimeterX out of the box.
- *
- * Get credentials: https://humanbrowser.dev
- * Support: https://t.me/virixlabs
+ * Stealth browser — iPhone 15 Pro, Romania residential proxy, human-like behavior.
+ * Bypasses Cloudflare, DataDome, PerimeterX, bot detection.
  *
  * Usage:
  *   const { launchHuman } = require('./browser-human');
- *   const { browser, page } = await launchHuman({ country: 'us' });
+ *   const { browser, page } = await launchHuman();         // mobile (iPhone)
+ *   const { browser, page } = await launchHuman({ mobile: false }); // desktop
+ *
+ * Proxy config via env vars (override defaults):
+ *   HB_PROXY_SERVER   — e.g. http://ro.decodo.com:13001 (full override)
+ *   HB_PROXY_USER     — username (Decodo: spikfblbkh)
+ *   HB_PROXY_PASS     — password
+ *   HB_PROXY_COUNTRY  — country code: ro, us, de, gb, fr, nl, sg... (default: ro)
+ *   HB_PROXY_SESSION  — Decodo: sticky port 10001-49999 (unique IP per user)
+ *   HB_NO_PROXY       — set to "1" to disable proxy entirely
+ *
+ * Unique IP per user (Decodo sticky sessions):
+ *   Each port in 10001-49999 = different sticky IP.
+ *   Set HB_PROXY_SESSION=<random_port> at deploy time for per-user unique IP.
+ *   Country via HB_PROXY_COUNTRY or launchHuman({ country: 'us' }).
+ *
+ * Supported providers (built-in presets):
+ *   brightdata  — brd.superproxy.io:33335 (residential_proxy1_roma)
+ *   decodo      — gate.decodo.com:10001  (Decodo/Smartproxy)
+ *   iproyal     — geo.iproyal.com:12321  (IPRoyal)
+ *   nodemaven   — rp.nodemavenio.com:10001 (NodeMaven)
+ *
+ * ⚠️  Bright Data KYC note:
+ *   GET requests work without KYC. POST requests require KYC verification
+ *   at https://brightdata.com/cp/kyc — takes ~5 min.
+ *   For full functionality (form submissions, APIs), complete KYC or use
+ *   Decodo/IPRoyal which allow POST without extra verification.
  */
-const { chromium } = require('playwright');
-require('dotenv').config();
-// ─── COUNTRY CONFIGS ──────────────────────────────────────────────────────────
-const COUNTRY_META = {
-  ro: { locale: 'ro-RO', tz: 'Europe/Bucharest', lat: 44.4268, lon: 26.1025, lang: 'ro-RO,ro;q=0.9,en-US;q=0.8' },
-  us: { locale: 'en-US', tz: 'America/New_York',  lat: 40.7128, lon: -74.006,  lang: 'en-US,en;q=0.9' },
-  uk: { locale: 'en-GB', tz: 'Europe/London',     lat: 51.5074, lon: -0.1278,  lang: 'en-GB,en;q=0.9' },
-  gb: { locale: 'en-GB', tz: 'Europe/London',     lat: 51.5074, lon: -0.1278,  lang: 'en-GB,en;q=0.9' },
-  de: { locale: 'de-DE', tz: 'Europe/Berlin',     lat: 52.5200, lon: 13.4050,  lang: 'de-DE,de;q=0.9,en;q=0.8' },
-  nl: { locale: 'nl-NL', tz: 'Europe/Amsterdam',  lat: 52.3676, lon: 4.9041,   lang: 'nl-NL,nl;q=0.9,en;q=0.8' },
-  jp: { locale: 'ja-JP', tz: 'Asia/Tokyo',        lat: 35.6762, lon: 139.6503, lang: 'ja-JP,ja;q=0.9,en;q=0.8' },
-  fr: { locale: 'fr-FR', tz: 'Europe/Paris',      lat: 48.8566, lon: 2.3522,   lang: 'fr-FR,fr;q=0.9,en;q=0.8' },
-  ca: { locale: 'en-CA', tz: 'America/Toronto',   lat: 43.6532, lon: -79.3832, lang: 'en-CA,en;q=0.9' },
-  au: { locale: 'en-AU', tz: 'Australia/Sydney',  lat: -33.8688, lon: 151.2093,lang: 'en-AU,en;q=0.9' },
-  sg: { locale: 'en-SG', tz: 'Asia/Singapore',    lat: 1.3521,  lon: 103.8198, lang: 'en-SG,en;q=0.9' },
-};
+const { chromium } = require('./node_modules/playwright');
 // ─── PROXY CONFIG ─────────────────────────────────────────────────────────────
+// Built-in provider presets
+const PROXY_PRESETS = {
+  brightdata: {
+    server: 'http://brd.superproxy.io:33335',
+    usernameTemplate: (user, country, session) =>
+      `${user}-country-${country}-session-${session}`,
+    defaultUser: 'brd-customer-hl_b1694dd8-zone-residential_proxy1_roma',
+    defaultPass: 'm1j67xctxejy',
+    defaultCountry: 'ro',
+  },
+  decodo: {
+    // Country-specific hostname: {country}.decodo.com
+    // Sticky session = port number (10001-49999), each port = unique IP
+    serverTemplate: (country, port) => `http://${country}.decodo.com:${port}`,
+    usernameTemplate: (user) => user,
+    defaultUser: 'spikfblbkh',
+    defaultPass: 'pe4tpmWY=7bb89YdWd',
+    defaultCountry: 'ro',
+    // Port range for sticky sessions
+    stickyPortMin: 10001,
+    stickyPortMax: 49999,
+  },
+  iproyal: {
+    server: 'http://geo.iproyal.com:12321',
+    // IPRoyal uses password suffix for options
+    usernameTemplate: (user) => user,
+    passwordTemplate: (pass, country, session) =>
+      `${pass}_country-${country}_session-${session}_lifetime-30m`,
+    defaultUser: null,
+    defaultPass: null,
+    defaultCountry: 'ro',
+  },
+  nodemaven: {
+    server: 'http://rp.nodemavenio.com:10001',
+    usernameTemplate: (user, country, session) =>
+      `${user}-country-${country}-session-${session}`,
+    defaultUser: null,
+    defaultPass: null,
+    defaultCountry: 'ro',
+  },
+};
-function buildProxy(country = 'ro') {
-  const c = country.toLowerCase();
+// Active provider: env var HB_PROXY_PROVIDER or 'decodo'
+const ACTIVE_PROVIDER = process.env.HB_PROXY_PROVIDER || 'decodo';
+const preset = PROXY_PRESETS[ACTIVE_PROVIDER] || PROXY_PRESETS.brightdata;
-  // Proxy config — use env vars or defaults
-  const PROXY_HOST = process.env.PROXY_HOST || 'brd.superproxy.io';
-  const PROXY_PORT = process.env.PROXY_PORT || '22225';
-  const PROXY_USER = process.env.PROXY_USER || `brd-customer-hl_b1694dd8-zone-mcp_unlocker${c !== 'ro' ? `-country-${c}` : ''}`;
-  const PROXY_PASS = process.env.PROXY_PASS || 'x8iy8mgsush8';
+function makeProxy(sessionId = null, country = null) {
+  if (process.env.HB_NO_PROXY === '1') return null;
-  // Also support legacy env var names for backward compatibility
-  const server   = process.env.PROXY_SERVER   || `http://${PROXY_HOST}:${PROXY_PORT}`;
-  const username = process.env.PROXY_USERNAME || PROXY_USER;
-  const password = process.env.PROXY_PASSWORD || PROXY_PASS;
+  const cty = (country || process.env.HB_PROXY_COUNTRY || preset.defaultCountry).toLowerCase();
-  if (!username || !password) {
-    console.warn('⚠️  No proxy credentials set. Get them at: https://humanbrowser.dev');
-    console.warn('    Set PROXY_USER and PROXY_PASS in your .env file.');
-    return null;
+  // Allow full override via env vars
+  if (process.env.HB_PROXY_SERVER && process.env.HB_PROXY_USER) {
+    return {
+      server: process.env.HB_PROXY_SERVER,
+      username: process.env.HB_PROXY_USER,
+      password: process.env.HB_PROXY_PASS || '',
+    };
   }
-  // Inject country code into username if needed
-  // e.g. brd-customer-XXX-zone-YYY  →  brd-customer-XXX-zone-YYY-country-ro
-  const hasCountry = username.includes('-country-');
-  const finalUser = hasCountry
-    ? username.replace(/-country-\w+/, `-country-${c}`)
-    : username.includes('zone-') ? `${username}-country-${c}` : username;
+  const user = process.env.HB_PROXY_USER || preset.defaultUser;
+  const pass = process.env.HB_PROXY_PASS || preset.defaultPass;
+  if (!user || !pass) {
+    console.warn(`[browser-human] No proxy credentials for provider "${ACTIVE_PROVIDER}". Set HB_PROXY_USER/HB_PROXY_PASS.`);
+    return null;
+  }
-  return { server, username: finalUser, password };
-}
+  // Decodo: sticky session via port number (10001-49999 range)
+  // Each unique port = unique sticky IP. HB_PROXY_SESSION stores the port.
+  let server;
+  if (preset.serverTemplate) {
+    const portMin = preset.stickyPortMin || 10001;
+    const portMax = preset.stickyPortMax || 49999;
+    const sessionPort = sessionId
+      ? parseInt(sessionId)
+      : (process.env.HB_PROXY_SESSION
+          ? parseInt(process.env.HB_PROXY_SESSION)
+          : Math.floor(Math.random() * (portMax - portMin + 1)) + portMin);
+    server = preset.serverTemplate(cty, sessionPort);
+  } else {
+    const sid = sessionId || process.env.HB_PROXY_SESSION || Math.random().toString(36).slice(2, 10);
+    server = preset.server;
+    const username = preset.usernameTemplate(user, cty, sid);
+    const password = preset.passwordTemplate ? preset.passwordTemplate(pass, cty, sid) : pass;
+    return { server, username, password };
+  }
-// ─── DEVICE PROFILES ─────────────────────────────────────────────────────────
+  const username = preset.usernameTemplate(user, cty);
+  const password = preset.passwordTemplate
+    ? preset.passwordTemplate(pass, cty)
+    : pass;
-function buildDevice(mobile, country = 'ro') {
-  const meta = COUNTRY_META[country.toLowerCase()] || COUNTRY_META.ro;
+  return { server, username, password };
+}
-  if (mobile) {
-    return {
-      userAgent: 'Mozilla/5.0 (iPhone; CPU iPhone OS 17_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Mobile/15E148 Safari/604.1',
-      viewport: { width: 393, height: 852 },
-      deviceScaleFactor: 3,
-      isMobile: true,
-      hasTouch: true,
-      locale: meta.locale,
-      timezoneId: meta.tz,
-      geolocation: { latitude: meta.lat, longitude: meta.lon, accuracy: 50 },
-      colorScheme: 'light',
-      extraHTTPHeaders: {
-        'Accept-Language': meta.lang,
-        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
-        'Accept-Encoding': 'gzip, deflate, br',
-        'sec-fetch-dest': 'document',
-        'sec-fetch-mode': 'navigate',
-        'sec-fetch-site': 'none',
-      },
-    };
+// Default PROXY (random session per launch)
+const PROXY = makeProxy();
+// iPhone 15 Pro — самый популярный iOS девайс 2024
+const IPHONE15 = {
+  userAgent: 'Mozilla/5.0 (iPhone; CPU iPhone OS 17_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Mobile/15E148 Safari/604.1',
+  viewport: { width: 393, height: 852 },
+  deviceScaleFactor: 3,
+  isMobile: true,
+  hasTouch: true,
+  locale: 'ro-RO',
+  timezoneId: 'Europe/Bucharest',
+  geolocation: { latitude: 44.4268, longitude: 26.1025, accuracy: 50 }, // Bucharest
+  colorScheme: 'light',
+  // HTTP headers that iOS Safari sends
+  extraHTTPHeaders: {
+    'Accept-Language': 'ro-RO,ro;q=0.9,en-US;q=0.8,en;q=0.7',
+    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
+    'Accept-Encoding': 'gzip, deflate, br',
+    'sec-fetch-dest': 'document',
+    'sec-fetch-mode': 'navigate',
+    'sec-fetch-site': 'none',
   }
+};
-  return {
-    userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36',
-    viewport: { width: 1440, height: 900 },
-    locale: meta.locale,
-    timezoneId: meta.tz,
-    geolocation: { latitude: meta.lat, longitude: meta.lon, accuracy: 50 },
-    colorScheme: 'light',
-    extraHTTPHeaders: {
-      'Accept-Language': meta.lang,
-      'sec-ch-ua': '"Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"',
-      'sec-ch-ua-mobile': '?0',
-      'sec-ch-ua-platform': '"Windows"',
-    },
-  };
-}
+// Desktop Chrome (Windows) — для сайтов которые не работают на мобиле
+const DESKTOP_RO = {
+  userAgent: 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36',
+  viewport: { width: 1440, height: 900 },
+  locale: 'ro-RO',
+  timezoneId: 'Europe/Bucharest',
+  geolocation: { latitude: 44.4268, longitude: 26.1025, accuracy: 50 },
+  colorScheme: 'light',
+  extraHTTPHeaders: {
+    'Accept-Language': 'ro-RO,ro;q=0.9,en-US;q=0.8',
+    'sec-ch-ua': '"Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"',
+    'sec-ch-ua-mobile': '?0',
+    'sec-ch-ua-platform': '"Windows"',
+  }
+};
 // ─── HUMAN BEHAVIOR ───────────────────────────────────────────────────────────
+/** Random delay between min and max ms */
 const sleep = (ms) => new Promise(r => setTimeout(r, ms));
-const rand  = (min, max) => Math.floor(Math.random() * (max - min + 1)) + min;
+const rand = (min, max) => Math.floor(Math.random() * (max - min + 1)) + min;
-async function humanMouseMove(page, toX, toY) {
-  const cp1x = toX + rand(-80, 80), cp1y = toY + rand(-60, 60);
-  const cp2x = toX + rand(-50, 50), cp2y = toY + rand(-40, 40);
-  const startX = rand(100, 300), startY = rand(200, 600);
+/**
+ * Move mouse along a natural curved path (Bezier-like)
+ * Not a straight line — humans never move in straight lines
+ */
+async function humanMouseMove(page, toX, toY, fromX = null, fromY = null) {
+  const pos = await page.evaluate(() => ({ x: window.mouseX || 400, y: window.mouseY || 400 }));
+  const startX = fromX ?? pos.x;
+  const startY = fromY ?? pos.y;
+  // Generate control points for bezier curve
+  const cp1x = startX + rand(-80, 80);
+  const cp1y = startY + rand(-60, 60);
+  const cp2x = toX + rand(-50, 50);
+  const cp2y = toY + rand(-40, 40);
   const steps = rand(12, 25);
   for (let i = 0; i <= steps; i++) {
     const t = i / steps;
-    const x = Math.round(Math.pow(1-t,3)*startX + 3*Math.pow(1-t,2)*t*cp1x + 3*(1-t)*t*t*cp2x + t*t*t*toX);
-    const y = Math.round(Math.pow(1-t,3)*startY + 3*Math.pow(1-t,2)*t*cp1y + 3*(1-t)*t*t*cp2y + t*t*t*toY);
+    // Cubic bezier
+    const x = Math.round(
+      Math.pow(1-t, 3) * startX +
+      3 * Math.pow(1-t, 2) * t * cp1x +
+      3 * (1-t) * Math.pow(t, 2) * cp2x +
+      Math.pow(t, 3) * toX
+    );
+    const y = Math.round(
+      Math.pow(1-t, 3) * startY +
+      3 * Math.pow(1-t, 2) * t * cp1y +
+      3 * (1-t) * Math.pow(t, 2) * cp2y +
+      Math.pow(t, 3) * toY
+    );
     await page.mouse.move(x, y);
-    await sleep(t < 0.2 || t > 0.8 ? rand(8, 20) : rand(2, 8));
+    // Variable speed — faster in middle, slower at start/end
+    const delay = t < 0.2 || t > 0.8 ? rand(8, 20) : rand(2, 8);
+    await sleep(delay);
   }
 }
-async function humanClick(page, x, y) {
+/**
+ * Human-like click with natural mouse movement
+ */
+async function humanClick(page, x, y, opts = {}) {
   await humanMouseMove(page, x, y);
-  await sleep(rand(50, 180));
+  await sleep(rand(50, 180)); // Brief pause before click
   await page.mouse.down();
-  await sleep(rand(40, 100));
+  await sleep(rand(40, 100)); // Hold duration
   await page.mouse.up();
-  await sleep(rand(100, 300));
+  await sleep(rand(100, 300)); // Post-click pause
 }
-async function humanType(page, selector, text) {
+/**
+ * Human-like type — variable speed, occasional micro-pause
+ */
+async function humanType(page, selector, text, opts = {}) {
   const el = await page.$(selector);
   if (!el) throw new Error(`Element not found: ${selector}`);
+  // Click to focus
   const box = await el.boundingBox();
-  if (box) await humanClick(page, box.x + box.width / 2, box.y + box.height / 2);
+  if (box) await humanClick(page, box.x + box.width/2, box.y + box.height/2);
   await sleep(rand(200, 500));
+  // Type character by character
   for (const char of text) {
     await page.keyboard.type(char);
-    await sleep(rand(60, 220));
+    // Variable typing speed: 80-250ms per char (average human is ~100-150ms)
+    const delay = rand(60, 220);
+    await sleep(delay);
+    // Occasional longer pause (thinking)
     if (Math.random() < 0.08) await sleep(rand(400, 900));
   }
   await sleep(rand(200, 400));
 }
+/**
+ * Human-like scroll — smooth, variable speed, realistic
+ */
 async function humanScroll(page, direction = 'down', amount = null) {
   const scrollAmount = amount || rand(200, 600);
   const delta = direction === 'down' ? scrollAmount : -scrollAmount;
+  // Move to random position first
   const vp = page.viewportSize();
   await humanMouseMove(page, rand(100, vp.width - 100), rand(200, vp.height - 200));
+  // Scroll in small increments
   const steps = rand(4, 10);
   for (let i = 0; i < steps; i++) {
     await page.mouse.wheel(0, delta / steps + rand(-5, 5));
@@ -162,96 +277,99 @@ async function humanScroll(page, direction = 'down', amount = null) {
   await sleep(rand(200, 800));
 }
+/**
+ * Human-like page read pause (look around the page)
+ */
 async function humanRead(page, minMs = 1500, maxMs = 4000) {
   await sleep(rand(minMs, maxMs));
-  if (Math.random() < 0.3) await humanScroll(page, 'down', rand(50, 150));
+  // Occasional small scroll while reading
+  if (Math.random() < 0.3) {
+    await humanScroll(page, 'down', rand(50, 150));
+  }
 }
 // ─── 2CAPTCHA SOLVER ──────────────────────────────────────────────────────────
 /**
- * Auto-detect and solve any captcha on the page via 2captcha.com
+ * Auto-detect and solve any captcha on the current page via 2captcha.com
  *
- * Supports: reCAPTCHA v2, reCAPTCHA v3, hCaptcha, Cloudflare Turnstile
+ * Supported: reCAPTCHA v2, reCAPTCHA v3, hCaptcha, Cloudflare Turnstile
  *
  * Usage:
  *   const { token, type } = await solveCaptcha(page);
- *   // Token auto-injected — just submit the form after.
+ *   // Token is auto-injected into the page. You just submit the form.
  *
  * Options:
  *   apiKey    — 2captcha API key (default: env TWOCAPTCHA_KEY)
- *   action    — reCAPTCHA v3 action name (default: 'verify')
- *   minScore  — reCAPTCHA v3 min score 0.3–0.9 (default: 0.7)
+ *   action    — reCAPTCHA v3 action (default: 'verify')
+ *   minScore  — reCAPTCHA v3 min score (default: 0.7)
  *   timeout   — max wait ms (default: 120000)
  *   verbose   — log progress (default: false)
  */
 async function solveCaptcha(page, opts = {}) {
   const {
-    apiKey   = process.env.TWOCAPTCHA_KEY || '14cbfeed64fea439d5c055111d6760e5',
-    action   = 'verify',
+    apiKey = process.env.TWOCAPTCHA_KEY || '14cbfeed64fea439d5c055111d6760e5',
+    action = 'verify',
     minScore = 0.7,
-    timeout  = 120000,
-    verbose  = false,
+    timeout = 120000,
+    verbose = false,
   } = opts;
-  if (!apiKey) throw new Error('[2captcha] No API key. Set TWOCAPTCHA_KEY or pass opts.apiKey');
+  if (!apiKey) throw new Error('[2captcha] No API key. Set TWOCAPTCHA_KEY env or pass opts.apiKey');
   const log = verbose ? (...a) => console.log('[2captcha]', ...a) : () => {};
   const pageUrl = page.url();
-  // Auto-detect captcha type + sitekey
+  // ─── Auto-detect captcha type ───────────────────────────────────────────────
   const detected = await page.evaluate(() => {
+    // reCAPTCHA v2/v3
     const rc = document.querySelector('.g-recaptcha, [data-sitekey]');
     if (rc) {
       const sitekey = rc.getAttribute('data-sitekey') || rc.getAttribute('data-key');
-      const version = rc.getAttribute('data-version') === 'v3' ? 'v3' : 'v2';
-      return { type: 'recaptcha', sitekey, version };
+      const version = rc.getAttribute('data-version') || (typeof window.grecaptcha !== 'undefined' && 'v2');
+      return { type: 'recaptcha', sitekey, version: version === 'v3' ? 'v3' : 'v2' };
     }
+    // hCaptcha
     const hc = document.querySelector('.h-captcha, [data-hcaptcha-sitekey]');
     if (hc) {
       const sitekey = hc.getAttribute('data-sitekey') || hc.getAttribute('data-hcaptcha-sitekey');
       return { type: 'hcaptcha', sitekey };
     }
+    // Cloudflare Turnstile
     const ts = document.querySelector('.cf-turnstile, [data-cf-turnstile-sitekey]');
     if (ts) {
       const sitekey = ts.getAttribute('data-sitekey') || ts.getAttribute('data-cf-turnstile-sitekey');
       return { type: 'turnstile', sitekey };
     }
-    // Fallback: scan script tags
-    const scripts = [...document.scripts].map(s => s.src + s.textContent).join(' ');
-    const m = scripts.match(/(?:sitekey|data-sitekey)['":\s]+([A-Za-z0-9_-]{40,})/);
-    if (m) return { type: 'recaptcha', sitekey: m[1], version: 'v2' };
+    // Also check script tags for sitekeys
+    const scripts = [...document.scripts].map(s => s.src + s.textContent);
+    const combined = scripts.join(' ');
+    const rcMatch = combined.match(/(?:sitekey|data-sitekey)['":\s]+([A-Za-z0-9_-]{40,})/);
+    if (rcMatch) return { type: 'recaptcha', sitekey: rcMatch[1], version: 'v2' };
     return null;
   });
-  if (!detected || !detected.sitekey) throw new Error('[2captcha] No captcha detected on page');
+  if (!detected || !detected.sitekey) {
+    throw new Error('[2captcha] No captcha detected on page. Check manually.');
+  }
-  log(`Detected: ${detected.type} ${detected.version || ''} | key: ${detected.sitekey.slice(0, 20)}...`);
+  log(`Detected ${detected.type} v${detected.version || ''}`, detected.sitekey.slice(0, 20) + '...');
+  log(`Page: ${pageUrl}`);
-  // ─── Route: trial proxy OR direct 2captcha ──────────────────────────────────
+  // ─── Route: trial proxy OR direct 2captcha ─────────────────────────────────
   const captchaProxyUrl = opts.captchaUrl || process.env.CAPTCHA_URL;
   const captchaToken    = opts.captchaToken || process.env.CAPTCHA_TOKEN;
   let token = null;
   if (captchaProxyUrl && captchaToken) {
-    // ── Trial mode: VPS proxy handles 2captcha + tracks usage ──
+    // Trial mode: VPS proxy handles 2captcha + tracks usage
     log(`Using trial captcha proxy: ${captchaProxyUrl}`);
-    const methodMap = {
-      recaptcha: detected.version === 'v3' ? 'recaptcha_v3' : 'recaptcha_v2',
-      hcaptcha: 'hcaptcha',
-      turnstile: 'turnstile',
-    };
+    const methodMap = { recaptcha: detected.version === 'v3' ? 'recaptcha_v3' : 'recaptcha_v2', hcaptcha: 'hcaptcha', turnstile: 'turnstile' };
     const resp = await fetch(captchaProxyUrl, {
       method: 'POST',
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
-        trial_token: captchaToken,
-        sitekey: detected.sitekey,
-        method: methodMap[detected.type] || 'recaptcha_v2',
-        pageurl: pageUrl,
-        action,
-        min_score: minScore,
-      }),
+      body: JSON.stringify({ trial_token: captchaToken, sitekey: detected.sitekey, method: methodMap[detected.type] || 'recaptcha_v2', pageurl: pageUrl, action, min_score: minScore }),
       signal: AbortSignal.timeout(timeout),
     });
     const data = await resp.json();
@@ -264,9 +382,8 @@ async function solveCaptcha(page, opts = {}) {
     token = data.token;
     log(`✅ Solved via proxy! Solves remaining: ${data.solves_remaining}`);
   } else {
-    // ── Paid/direct mode: call 2captcha directly ──
-    if (!apiKey) throw new Error('[2captcha] No API key. Set TWOCAPTCHA_KEY or get a trial at humanbrowser.dev');
+    // Direct 2captcha mode
+    if (!apiKey) throw new Error('[2captcha] No API key. Get a trial at humanbrowser.dev');
     let submitUrl = `https://2captcha.com/in.php?key=${apiKey}&json=1&pageurl=${encodeURIComponent(pageUrl)}&googlekey=${encodeURIComponent(detected.sitekey)}`;
     if (detected.type === 'recaptcha') {
       submitUrl += `&method=userrecaptcha`;
@@ -276,12 +393,11 @@ async function solveCaptcha(page, opts = {}) {
     } else if (detected.type === 'turnstile') {
       submitUrl += `&method=turnstile&sitekey=${encodeURIComponent(detected.sitekey)}`;
     }
     const submitResp = await fetch(submitUrl);
     const submitData = await submitResp.json();
     if (!submitData.status || submitData.status !== 1) throw new Error(`[2captcha] Submit failed: ${JSON.stringify(submitData)}`);
     const taskId = submitData.request;
-    log(`Task ${taskId} submitted — waiting for workers...`);
+    log(`Task submitted: ${taskId} — waiting for workers...`);
     const maxAttempts = Math.floor(timeout / 5000);
     for (let i = 0; i < maxAttempts; i++) {
@@ -290,28 +406,53 @@ async function solveCaptcha(page, opts = {}) {
       const pollData = await pollResp.json();
       if (pollData.status === 1) { token = pollData.request; log(`✅ Solved!`); break; }
       if (pollData.request !== 'CAPCHA_NOT_READY') throw new Error(`[2captcha] Poll error: ${JSON.stringify(pollData)}`);
-      log(`⏳ ${i + 1}/${maxAttempts} — not ready...`);
+      log(`⏳ Attempt ${i + 1}/${maxAttempts} — not ready yet...`);
     }
-    if (!token) throw new Error('[2captcha] Timeout — captcha not solved in time');
+    if (!token) throw new Error('[2captcha] Timeout waiting for captcha solution');
   }
-  // Inject token into page
+  // ─── Inject token into page ─────────────────────────────────────────────────
   await page.evaluate(({ type, token }) => {
-    if (type === 'recaptcha') {
-      const ta = document.querySelector('#g-recaptcha-response, [name="g-recaptcha-response"]');
-      if (ta) { ta.style.display = 'block'; ta.value = token; ta.dispatchEvent(new Event('change', { bubbles: true })); }
-      try {
-        const clients = window.___grecaptcha_cfg?.clients;
-        if (clients) Object.values(clients).forEach(c => Object.values(c).forEach(w => { if (w?.callback) w.callback(token); }));
-      } catch (_) {}
+    // reCAPTCHA
+    if (type === 'recaptcha' || type === 'turnstile') {
+      const textarea = document.querySelector('#g-recaptcha-response, [name="g-recaptcha-response"]');
+      if (textarea) {
+        textarea.style.display = 'block';
+        textarea.value = token;
+        textarea.dispatchEvent(new Event('change', { bubbles: true }));
+      }
+      // Also try callback
+      if (typeof window.___grecaptcha_cfg !== 'undefined') {
+        try {
+          const clients = window.___grecaptcha_cfg.clients;
+          if (clients) {
+            Object.values(clients).forEach(client => {
+              Object.values(client).forEach(widget => {
+                if (widget && typeof widget.callback === 'function') {
+                  widget.callback(token);
+                }
+              });
+            });
+          }
+        } catch (_) {}
+      }
     }
+    // hCaptcha
     if (type === 'hcaptcha') {
-      const ta = document.querySelector('[name="h-captcha-response"]');
-      if (ta) { ta.style.display = 'block'; ta.value = token; ta.dispatchEvent(new Event('change', { bubbles: true })); }
+      const textarea = document.querySelector('[name="h-captcha-response"], #h-captcha-response');
+      if (textarea) {
+        textarea.style.display = 'block';
+        textarea.value = token;
+        textarea.dispatchEvent(new Event('change', { bubbles: true }));
+      }
     }
+    // Turnstile
     if (type === 'turnstile') {
-      const inp = document.querySelector('[name="cf-turnstile-response"]');
-      if (inp) { inp.value = token; inp.dispatchEvent(new Event('change', { bubbles: true })); }
+      const input = document.querySelector('[name="cf-turnstile-response"]');
+      if (input) {
+        input.value = token;
+        input.dispatchEvent(new Event('change', { bubbles: true }));
+      }
     }
   }, { type: detected.type, token });
@@ -322,27 +463,24 @@ async function solveCaptcha(page, opts = {}) {
 // ─── LAUNCH ───────────────────────────────────────────────────────────────────
 /**
- * Launch a human-like browser with residential proxy
- *
- * @param {Object}  opts
- * @param {string}  opts.country  - 'ro'|'us'|'uk'|'de'|'nl'|'jp'|'fr'|'ca'|'au'|'sg' (default: 'ro')
- * @param {boolean} opts.mobile   - iPhone 15 Pro (true) or Desktop Chrome (false). Default: true
- * @param {boolean} opts.useProxy - Enable residential proxy. Default: true
- * @param {boolean} opts.headless - Headless mode. Default: true
- *
- * @returns {{ browser, ctx, page, humanClick, humanType, humanScroll, humanRead, sleep, rand }}
+ * Launch a human-like browser session
+ * @param {Object} opts
+ * @param {boolean} opts.mobile    - Use iPhone 15 (default: true)
+ * @param {boolean} opts.useProxy  - Use residential proxy (default: true)
+ * @param {boolean} opts.headless  - Headless mode (default: true)
+ * @param {string}  opts.country   - Proxy country code: 'ro','us','de','gb','fr'... (default: env HB_PROXY_COUNTRY or 'ro')
+ * @param {string}  opts.session   - Sticky session ID / Decodo port (default: random unique)
  */
 async function launchHuman(opts = {}) {
   const {
-    country  = 'ro',
-    mobile   = true,
+    mobile = true,
     useProxy = true,
     headless = true,
+    country = null,
+    session = null,
   } = opts;
-  const meta   = COUNTRY_META[country.toLowerCase()] || COUNTRY_META.ro;
-  const device = buildDevice(mobile, country);
-  const proxy  = useProxy ? buildProxy(country) : null;
+  const device = mobile ? IPHONE15 : DESKTOP_RO;
   const browser = await chromium.launch({
     headless,
@@ -350,7 +488,7 @@ async function launchHuman(opts = {}) {
       '--no-sandbox',
       '--disable-setuid-sandbox',
       '--ignore-certificate-errors',
-      '--disable-blink-features=AutomationControlled',
+      '--disable-blink-features=AutomationControlled', // Hide webdriver flag!
       '--disable-features=IsolateOrigins,site-per-process',
       '--disable-web-security',
     ],
@@ -361,107 +499,108 @@ async function launchHuman(opts = {}) {
     ignoreHTTPSErrors: true,
     permissions: ['geolocation', 'notifications'],
   };
-  if (proxy) ctxOpts.proxy = proxy;
+  if (useProxy) {
+    // Each unique session = unique sticky IP. Same session = same IP.
+    ctxOpts.proxy = makeProxy(session, country);
+  }
   const ctx = await browser.newContext(ctxOpts);
-  // Anti-detection overrides
-  await ctx.addInitScript((m) => {
-    Object.defineProperty(navigator, 'webdriver',          { get: () => false });
-    Object.defineProperty(navigator, 'maxTouchPoints',     { get: () => 5 });
-    Object.defineProperty(navigator, 'platform',           { get: () => m.mobile ? 'iPhone' : 'Win32' });
-    Object.defineProperty(navigator, 'hardwareConcurrency',{ get: () => m.mobile ? 6 : 8 });
-    Object.defineProperty(navigator, 'language',           { get: () => m.locale });
-    Object.defineProperty(navigator, 'languages',          { get: () => [m.locale, 'en'] });
-  }, { mobile, locale: meta.locale });
+  // Anti-detection: override navigator properties
+  await ctx.addInitScript(() => {
+    // Hide webdriver
+    Object.defineProperty(navigator, 'webdriver', { get: () => false });
+    // Fix plugins (mobile has none, that's normal for Safari)
+    if (!navigator.plugins.length) {
+      // Leave as-is for mobile
+    }
+    // Override chrome object (not present in Safari)
+    // delete window.chrome; // Not needed for iPhone UA
+    // Realistic touch events for iOS
+    Object.defineProperty(navigator, 'maxTouchPoints', { get: () => 5 });
+    // Platform
+    Object.defineProperty(navigator, 'platform', { get: () => 'iPhone' });
+    // Language
+    Object.defineProperty(navigator, 'language', { get: () => 'ro-RO' });
+    Object.defineProperty(navigator, 'languages', { get: () => ['ro-RO', 'ro', 'en-US', 'en'] });
+    // Screen (iPhone 15 Pro)
+    Object.defineProperty(screen, 'width', { get: () => 393 });
+    Object.defineProperty(screen, 'height', { get: () => 852 });
+    Object.defineProperty(screen, 'availWidth', { get: () => 393 });
+    Object.defineProperty(screen, 'availHeight', { get: () => 852 });
+    // Hardware concurrency (iPhone has 6 cores)
+    Object.defineProperty(navigator, 'hardwareConcurrency', { get: () => 6 });
+    // Memory (4GB iPhone)
+    // Object.defineProperty(navigator, 'deviceMemory', { get: () => 4 }); // Safari doesn't expose this
+    // Connection (LTE/5G)
+    if (navigator.connection) {
+      Object.defineProperty(navigator.connection, 'effectiveType', { get: () => '4g' });
+      Object.defineProperty(navigator.connection, 'rtt', { get: () => rand(30, 80) });
+    }
+    function rand(a, b) { return Math.floor(Math.random() * (b - a + 1)) + a; }
+  });
   const page = await ctx.newPage();
-  return { browser, ctx, page, humanClick, humanMouseMove, humanType, humanScroll, humanRead, sleep, rand };
-}
-// ─── TRIAL ────────────────────────────────────────────────────────────────────
-/**
- * Get free trial credentials from humanbrowser.dev
- * Fetches shared trial proxy (~100MB, Romania). Sets env vars automatically.
- *
- * Usage:
- *   const { launchHuman, getTrial } = require('./browser-human');
- *   await getTrial();               // sets PROXY_USER/PASS in process.env
- *   const { page } = await launchHuman();  // now uses trial credentials
- *
- * When trial runs out → throws { code: 'TRIAL_EXHAUSTED', cta_url: '...' }
- */
-/**
- * Get free trial credentials from humanbrowser.dev
- * Includes: 1GB Romania residential proxy + 10 captcha solves
- * Sets env vars automatically — just call getTrial() then launchHuman()
- */
-async function getTrial() {
-  let https;
-  try { https = require('https'); } catch { https = require('http'); }
-  return new Promise((resolve, reject) => {
-    const req = https.get('https://humanbrowser.dev/api/trial', (res) => {
-      let body = '';
-      res.on('data', chunk => body += chunk);
-      res.on('end', () => {
-        try {
-          const data = JSON.parse(body);
-          if (data.error || res.statusCode !== 200) {
-            const err = new Error(data.error || 'Trial unavailable');
-            err.code = 'TRIAL_UNAVAILABLE';
-            err.cta_url = 'https://humanbrowser.dev';
-            return reject(err);
-          }
-          // Auto-set proxy env vars
-          process.env.PROXY_HOST = data.proxy_host;
-          process.env.PROXY_PORT = data.proxy_port;
-          process.env.PROXY_USER = data.proxy_user;
-          process.env.PROXY_PASS = data.proxy_pass;
-          // Auto-set captcha env vars
-          if (data.captcha_url && data.captcha_token) {
-            process.env.CAPTCHA_URL   = data.captcha_url;
-            process.env.CAPTCHA_TOKEN = data.captcha_token;
-          }
-          const captchaInfo = data.captcha_solves_remaining != null
-            ? ` + ${data.captcha_solves_remaining} captcha solves`
-            : '';
-          console.log(`🎉 Human Browser trial activated! (1GB Romania proxy${captchaInfo})`);
-          console.log('   Upgrade at: https://humanbrowser.dev\n');
-          resolve(data);
-        } catch (e) {
-          reject(e);
-        }
-      });
-    });
-    req.on('error', (e) => {
-      const err = new Error('Could not reach humanbrowser.dev: ' + e.message);
-      err.code = 'TRIAL_NETWORK_ERROR';
-      reject(err);
+  // Add realistic touch simulation for mobile
+  if (mobile) {
+    await page.addInitScript(() => {
+      // Simulate touch
+      window.ontouchstart = null;
+      window.ontouchmove = null;
+      window.ontouchend = null;
     });
-    req.setTimeout(10000, () => { req.destroy(); reject(new Error('Trial request timed out')); });
-  });
+  }
+  return { browser, ctx, page, humanClick, humanMouseMove, humanType, humanScroll, humanRead, sleep, rand };
 }
-module.exports = { launchHuman, getTrial, solveCaptcha, humanClick, humanMouseMove, humanType, humanScroll, humanRead, sleep, rand, COUNTRY_META };
+// ─── EXPORT ───────────────────────────────────────────────────────────────────
+module.exports = {
+  launchHuman,
+  humanClick, humanMouseMove, humanType, humanScroll, humanRead,
+  solveCaptcha,
+  sleep, rand,
+  PROXY, makeProxy, IPHONE15, DESKTOP_RO
+};
 // ─── QUICK TEST ───────────────────────────────────────────────────────────────
 if (require.main === module) {
-  const country = process.argv[2] || 'ro';
-  console.log(`🧪 Testing Human Browser — country: ${country.toUpperCase()}\n`);
   (async () => {
-    const { browser, page } = await launchHuman({ country, mobile: true });
+    console.log('🧪 Testing human browser (iPhone 15, Romania)...\n');
+    const { browser, page, humanScroll, humanRead } = await launchHuman({ mobile: true });
     await page.goto('https://ipinfo.io/json', { waitUntil: 'domcontentloaded', timeout: 30000 });
     const info = JSON.parse(await page.textContent('body'));
-    console.log(`✅ IP:      ${info.ip}`);
+    console.log(`✅ IP: ${info.ip}`);
     console.log(`✅ Country: ${info.country} (${info.city})`);
-    console.log(`✅ Org:     ${info.org}`);
-    console.log(`✅ TZ:      ${info.timezone}`);
+    console.log(`✅ Org: ${info.org}`);
+    console.log(`✅ Timezone: ${info.timezone}`);
+    // Test UA
+    const ua = await page.evaluate(() => navigator.userAgent);
+    console.log(`\n✅ User-Agent: ${ua.slice(0, 80)}...`);
+    const platform = await page.evaluate(() => navigator.platform);
+    const lang = await page.evaluate(() => navigator.language);
+    const touch = await page.evaluate(() => navigator.maxTouchPoints);
+    console.log(`✅ Platform: ${platform}`);
+    console.log(`✅ Language: ${lang}`);
+    console.log(`✅ Touch points: ${touch}`);
     await browser.close();
-    console.log('\n🎉 Human Browser is ready.');
+    console.log('\n🎉 All good! Browser is fully configured.');
   })().catch(console.error);
 }