go-tls-madeyoureset

Forges a real-browser TLS ClientHello with uTLS (Go) — a pure wire-layer JA3/JA4 spoof, no browser engine.

botverdict
1.00score
6/185checks fired

Convicting tells 6

net.accept_encoding_vs_uaUA claims a modern browser but Accept-Encoding omits Brotli (scripted client)
net.h2_header_order_vs_uaChromium UA but the HTTP/2 regular-header order is not chromium-shaped (JA4H)
net.h2_madeyouresetHTTP/2 MadeYouReset stream-reset coercion (CVE-2025-8671) on this connection
net.h2_unknown_vs_uaModern-browser UA but the HTTP/2 stack matches no known browser engine
net.no_js_executionPage request with a TLS fingerprint but no browser layer (no JS ran — scripted client)
net.sec_fetch_vs_uaUA claims a modern browser but the request omits Sec-Fetch metadata headers

← all evaders  ·  the detection matrix