Common vs Targeted — the two tiers
Common checks each request against a fixed list of tell-tale signs: known crawler User-Agents (the string a client uses to identify itself), a missing Accept-Language header, scripting-engine UAs, and datacenter ASNs (the network blocks that cloud servers live in, as opposed to home internet). It blocks roughly the same traffic as Cloudflare's Bot Fight Mode. curl_cffi with Chrome impersonation presents a consistent client to the Common tier, because its UA, TLS (the encryption layer behind https), and headers all look like a real browser.
Targeted adds a Silent Challenge (a small piece of JavaScript that hands out an aws-waf-token) and a CAPTCHA Challenge action. When it's set to challenge rather than block, a request with no token gets a 405 response carrying an x-amzn-waf-action: challenge header plus an HTML page that runs the WAF challenge script. Targeted also counts requests per session token to catch ones coming in too fast.
How AWS labels classified requests
Unlike Cloudflare, AWS WAF doesn't give each request a 0–99 score. Instead it attaches labels — short tags describing what it thinks the request is — such as awswaf:managed:aws:bot-control:bot:category:scraping_framework or awswaf:managed:aws:bot-control:signal:automated_browser. The site owner then writes rules that act on those labels (block, challenge, or just count). This makes Bot Control more lenient by default than other vendors: a labelled request is only blocked if the owner actually added a rule for it, so many AWS-protected sites let through traffic that Cloudflare or Akamai would reject.
How different clients are handled (on sites you are permitted to access)
Common tier: any modern impersonation library (curl_cffi, tls-client, hrequests) plus a non-datacenter IP presents a consistent client. The signature list is short and well-known.
Targeted tier: if the owner chose challenge, a real-browser session (Playwright, Camoufox) completes the challenge once and then reuses the aws-waf-token cookie for later requests — the token stays valid for a while (~5 min by default, configurable). If the owner chose block, there's no challenge to complete, so a coherent, consistent browser configuration matters — broadly the same considerations as Akamai, but against a much weaker scoring model.
