go-tls-web-bot-auth-replay
Forges a real-browser TLS ClientHello with uTLS (Go) — a pure wire-layer JA3/JA4 spoof, no browser engine.
botverdict
0.98score
2/185checks fired
Convicting tells 2
net.no_js_executionPage request with a TLS fingerprint but no browser layer (no JS ran — scripted client)net.web_bot_auth_nonce_replayA valid Web Bot Auth (RFC 9421) signature reuses an in-window nonce — a captured-credential replay