👻 SPECTRE TLS v3

TLS Fingerprint Mutation Engine

Every TLS connection has a unique fingerprint (JA3/JA4). Websites use it to detect bots.
Spectre rotates your fingerprint on every request. You appear as a real browser.

Try It How It Works

Features

7 Browser Profiles

Chrome 120, Chrome 122, Safari 17, Firefox 121, Edge 120, Chrome Android, Safari iOS. Real cipher suites and extensions from actual browsers.

JA3/JA4 Rotation

Each request uses a different TLS fingerprint. Random profile selection or specify your preferred browser identity.

Request Jitter

Configurable timing jitter (mean 50ms, stddev 20ms) to mimic human browsing patterns. Defeats timing-based detection.

Real Browser Stacks

Not spoofed headers — actual TLS cipher suites, ALPN, extensions, and signature algorithms from real browsers.

SSRF Protection

Private IP ranges blocked. No access to internal networks. Safe to expose publicly.

Transparent Proxy

Returns raw HTML. No modification, no injection. What the target server sends is what you get.

Endpoints

/v1/spectre/fetch

Fetch a URL with a mutated TLS fingerprint.

# Basic fetch — random browser profile
curl -s "https://synthetic-context.net/v1/spectre/fetch?url=https://target.com"

# Returns raw HTML from the target, fetched with a random JA3/JA4 fingerprint

# Check which profile was used
curl -sI "https://synthetic-context.net/v1/spectre/fetch?url=https://example.com" | grep X-Profile

/v1/spectre/health & /v1/spectre/stats

# Health check
curl -s "https://synthetic-context.net/v1/spectre/health"
# {"status":"ok","service":"spectre-tls","version":"3.0","profiles":7}

# Detailed stats
curl -s "https://synthetic-context.net/v1/spectre/stats"
# {"total":1234,"success_rate":"99.2%","by_profile":{"chrome_120_linux":312,...}}

Use Cases

Web Scraping

Bypass TLS fingerprint-based bot detection. Cloudflare, Akamai, DataDome — all check JA3. Spectre defeats them at the TLS layer.

Price Monitoring

E-commerce sites serve different prices to detected bots. Appear as a real Chrome browser to see real prices.

Security Research

Test your own WAF detection. Verify that your JA3-based rules work against fingerprint mutation.

Try It

Fetch example.com through Spectre:

curl -s "https://synthetic-context.net/v1/spectre/fetch?url=https://example.com" | head -20

The target sees a real Chrome/Safari/Firefox TLS fingerprint, not a curl/python-requests fingerprint.

vs Alternatives

Feature	Spectre TLS	curl-impersonate	Playwright	ScrapFly
JA3/JA4 mutation	7 profiles	Static	No	Yes
Per-request rotation	Yes	No	No	Yes
No client install	API call	Binary	Binary	API
Request jitter	Yes	No	No	No
SSRF protection	Yes	N/A	N/A	Yes
Price	Free	Free (self-host)	Free (self-host)	From $30/mo