No Mac Mini. No local install. Your agent runs it anywhere. Residential IPs from 10+ countries. Bypasses Cloudflare, DataDome, PerimeterX.
🌐 Product page: https://humanbrowser.cloud 🤖 A2A endpoint:
https://agent.humanbrowser.cloud/a2a💬 Support: https://t.me/virixlabs
Regular Playwright on a data-center server gets blocked immediately by:
- Cloudflare (bot score detection)
- DataDome (fingerprint analysis)
- PerimeterX (behavioral analysis)
- Instagram, LinkedIn, TikTok (residential IP requirement)
- Google sign-in, Akamai BMP (TLS / WebRTC fingerprint matching)
Local stealth libraries (patchright, undetected-chromedriver, playwright-stealth) close some of these gaps in JS, but leak others — most notably WebRTC ICE candidates that surface the server's real datacenter IP regardless of your proxy.
Human Browser's cloud build runs a custom forked Chromium with C++-source-level fingerprint patches (TLS ja3/ja4 matched to real Chrome, GPU vendor/renderer spoofing, WebRTC IP replacement, canvas/WebGL/audio noise) that you cannot get from any npm package. Plus residential proxies. Plus a live browser viewer. Drive it via the Agent2Agent protocol — no install, no version pinning, no Linux build of Chromium for you to maintain.
Endpoint: https://agent.humanbrowser.cloud/a2a
Auth: Authorization: Bearer hb_live_<your-token>
Agent card: https://agent.humanbrowser.cloud/.well-known/agent.json
Works with anything that speaks A2A — LangGraph, CrewAI, Google ADK, OpenAI Agents SDK, Claude/Anthropic agents, any hand-rolled JSON-RPC client.
# 1. Submit a goal — get back task_id and viewerUrl
curl -sS https://agent.humanbrowser.cloud/a2a \
-H "Authorization: Bearer hb_live_<your-token>" \
-H "Content-Type: application/json" \
-d '{
"jsonrpc": "2.0",
"id": 1,
"method": "message/send",
"params": {
"message": {
"role": "user",
"metadata": { "profile": "main", "model": "anthropic/claude-sonnet-4-6" },
"parts": [{ "kind": "text", "text": "Log into example.com and report the dashboard total" }]
}
}
}'
# → { "result": {
# "id": "t_abc...",
# "metadata": { "viewerUrl": "https://humanbrowser.cloud/a/s_xyz?k=...", "cost": {...} }
# } }
# 2. Poll task.metadata while running — every 5–10 s.
# metadata is enriched per step: step_count, current_url, last_thinking,
# last_eval, last_action, cost.
curl -sS https://agent.humanbrowser.cloud/a2a \
-H "Authorization: Bearer hb_live_<your-token>" \
-H "Content-Type: application/json" \
-d '{"jsonrpc":"2.0","id":2,"method":"tasks/get","params":{"id":"t_abc..."}}'
# 3. When task.state ∈ {completed, failed, canceled} → done.
# Final outcome is in task.metadata.outcome:
# { success, result, step_count, duration_ms, cost, files }
# Full artifact in task.artifacts[0].Pass callback_url in message.metadata and we POST the final Task envelope to that URL when the task hits a terminal state. Signed with X-HB-Signature: sha256=<HMAC> when the server is configured with a webhook secret. Retries 3× on 5xx / network errors with 2 / 8 / 30 s backoff.
{
"message": {
"role": "user",
"metadata": {
"profile": "main",
"callback_url": "https://your-agent.host/hb-callback"
},
"parts": [{ "kind": "text", "text": "..." }]
}
}method: "message/stream" returns Server-Sent Events; each step pushes a status-update event with the latest task.metadata. Use this if your client can hold a long-lived connection.
Every spawned session ships a viewerUrl in task.metadata. Open it to:
- Watch the browser live
- See the agent timeline (👤 you · 🤖 caller-agent like dzeny · 🧠 hb-agent — color-coded)
- Inject manual goals into a running session via the input box
message/send resolves only on terminal state, and tasks routinely run 5–30 min. Don't hold an HTTP connection that long — NAT / load-balancer / proxy timeouts will sever it and your client loses context while our server keeps running and billing. Use polling or webhooks instead.
Pass logins / passwords / API keys via the A2A DataPart with metadata.sensitive=true — they're injected as task input and are stripped from logs, never written to artifacts, never echoed back in streams.
{
"message": {
"role": "user",
"parts": [
{ "kind": "text", "text": "Log in and download the latest report" },
{ "kind": "data", "data": { "email": "...", "password": "..." }, "metadata": { "sensitive": true } }
]
}
}Each session inherits a named profile that persists cookies / localStorage / IndexedDB / Service Worker storage between spawns. Pass it in message.metadata.profile:
{ "message": { "metadata": { "profile": "polymarket-main" }, "role": "user", "parts": [...] } }If you don't pass one, the server uses the token's default_profile (configurable per token via admin API) and falls back to "default". Same profile across reconnects → same cookies, same fingerprint, same WebRTC IP. Up to 5 concurrent sessions per token by default.
If you want to skip the cloud entirely and drive your own Chromium with a residential proxy you supply yourself, the human-browser npm package exposes launchHuman() — a drop-in Playwright launcher with our humanizer helpers, geo-fingerprint plumbing, and built-in 2captcha integration.
Note: the library does NOT include our forked Chromium with C++ stealth patches — that binary is part of the cloud build only. Library mode is patchright-stealth-plus-helpers; expect lower pass-rate on Cloudflare BM / DataDome / Google sign-in / WebRTC-aware bot scoring than the cloud.
const { launchHuman } = require('human-browser');
// Zero config — auto-fetches trial credentials from humanbrowser.cloud
const { browser, page, humanType, humanClick, humanScroll, sleep } = await launchHuman();
const { page } = await launchHuman({ country: 'us' }); // US residential IP
const { page } = await launchHuman({ mobile: false }); // Desktop Chrome fingerprintnpm install human-browser playwright
npx playwright install chromium --with-depsFor proxy-provider env vars (BYO Decodo / IPRoyal / Bright Data / NodeMaven / Oxylabs), see the proxy setup notes and the env section of scripts/browser-human.js.
| Country | Code | Best for |
|---|---|---|
| 🇷🇴 Romania | ro |
Polymarket, Instagram, Binance, Cloudflare |
| 🇺🇸 United States | us |
Netflix, DoorDash, US banks, Amazon |
| 🇬🇧 United Kingdom | gb |
Polymarket, Binance, BBC iPlayer |
| 🇩🇪 Germany | de |
EU services, German e-commerce |
| 🇳🇱 Netherlands | nl |
Crypto, Polymarket, Web3 |
| 🇯🇵 Japan | jp |
Japanese e-commerce, Line |
| 🇫🇷 France | fr |
EU services, luxury brands |
| 🇨🇦 Canada | ca |
North American services |
| 🇸🇬 Singapore | sg |
APAC/SEA e-commerce |
| 🇦🇺 Australia | au |
Oceania content |
→ Buy a plan + pricing: https://humanbrowser.cloud → Support & questions: https://t.me/virixlabs → Full spec for hand-rolled A2A clients: SKILL.md