High-performance proxy API and client for making stealthy HTTP requests with custom TLS fingerprints. Built with TypeScript, Fastify, Axios, and tlsclientwrapper.
- 🔒 TLS Fingerprinting - Mimic real browser signatures (Chrome, Safari, Firefox)
- ⚡ High Performance - Built on Fastify
- 🌐 Full HTTP Support - All methods (GET, POST, PUT, PATCH, DELETE, etc.)
- 🔄 Rotating Proxy Support - Built-in proxy rotation
- 💪 TypeScript - Fully typed
- 📦 Dual Package - Use as server or import client library
npm install github:CloverLabsAI/stealth-req-apiCreate a .env file in your project:
STEALTH_REQ_HOST=http://your-server:3000
STEALTH_REQ_SECRET=your-secret-hereUse the client:
import { createStealthClient } from 'stealth-req-api';
// Auto-reads from STEALTH_REQ_HOST and STEALTH_REQ_SECRET
const client = createStealthClient();
// Use like axios
const response = await client.get('https://httpbin.org/ip');
console.log(response.data);- Clone and install:
git clone https://github.com/CloverLabsAI/stealth-req-api.git
cd stealth-req-api
npm install- Configure
.env:
PORT=3000
HOST=0.0.0.0
PROXY_SECRET=your-random-uuid-here
DEFAULT_PROXY_URL=http://user:[email protected]:port- Run:
npm run dev # Development with auto-reload
npm run build # Build for production
npm start # Productionconst client = createStealthClient({
baseURL: 'http://localhost:3000', // Server URL (default: STEALTH_REQ_HOST)
proxySecret: 'secret', // Auth secret (default: STEALTH_REQ_SECRET)
tlsClientIdentifier: 'chrome_120', // TLS fingerprint (default: chrome_120)
timeout: 30000, // Request timeout in ms
proxyUrl: 'http://proxy.com:port', // Optional proxy
followRedirects: true, // Follow redirects
insecureSkipVerify: false // Skip TLS verification
});Client:
STEALTH_REQ_HOST- Server URLSTEALTH_REQ_SECRET- Authentication secret
Server:
PORT- Server port (default: 3000)HOST- Server host (default: 0.0.0.0)PROXY_SECRET- Authentication secret (generate withnode -e "console.log(crypto.randomUUID())")DEFAULT_PROXY_URL- Default rotating proxy (optional)
// GET request
await client.get(url, config?)
// POST request
await client.post(url, data?, config?)
// PUT request
await client.put(url, data?, config?)
// PATCH request
await client.patch(url, data?, config?)
// DELETE request
await client.delete(url, config?)Health Check:
GET /healthProxy Request:
POST /proxy
Content-Type: application/json
X-Proxy-Secret: your-secret
{
"url": "https://example.com",
"method": "GET",
"headers": {},
"body": null,
"clientIdentifier": "chrome_120",
"timeout": 30000
}Available browser fingerprints:
Chrome: chrome_103 - chrome_120
Safari: safari_15_6_1, safari_16_0, safari_ios_16_0
Firefox: firefox_102 - firefox_120
Opera: opera_89 - opera_91
Mobile: nike_ios_mobile, zalando_android_mobile, etc.
const client = createStealthClient();
const response = await client.get('https://api.example.com/data');const response = await client.post('https://api.example.com/create', {
name: 'Test',
value: 123
});const response = await client.get('https://api.example.com', {
headers: { 'X-Custom': 'value' }
});const client = createStealthClient({
tlsClientIdentifier: 'safari_ios_16_0'
});import { startServer } from 'stealth-req-api/server';
await startServer();Your App → stealth-req-api client → stealth-req-api server → Target Site
(axios) (tlsclientwrapper)
The client sends requests to your proxy server, which uses tlsclientwrapper to make requests with custom TLS fingerprints that mimic real browsers.
- Always set
PROXY_SECRETin production - Use HTTPS in production
- Keep proxy credentials secure
- Rotate secrets regularly
MIT