QUIC/HTTP3 Fingerprint
Test how QUIC/HTTP3 fingerprinting identifies your browser through JA4 hash, QUIC protocol parameters, TLS 1.3 over QUIC handshake, and HTTP/3 SETTINGS frames. Learn how modern protocols are used for browser identification.
Programmatic Access
User Agent
JA4 QUIC Fingerprint
JA4 is the successor to JA3, designed to fingerprint QUIC and HTTP/3 connections. The 'q' prefix indicates QUIC protocol (vs 't' for TCP/TLS). JA4+ Specification
JA4 FINGERPRINT BREAKDOWN
q =QUIC, t =TCP | TLS version | SNI | cipher count | extension count | ALPNHTTP/3 Fingerprint (H3)
HTTP/3 fingerprint based on SETTINGS frame parameters. Different browsers send different SETTINGS values, creating unique fingerprints.
Compare My Fingerprint
See how your HTTP/3 + QUIC fingerprint matches against known browser profiles from our database.
Analyzing fingerprint...
QUIC Connection Info
QUIC connection identifiers and parameters. Connection IDs enable connection migration when your IP changes. RFC 9000
QUIC Transport Parameters
Transport parameters define connection limits and capabilities. These values are exchanged during the handshake and used for fingerprinting. RFC 9000 Section 18.2
| Parameter | Value |
|---|---|
| Loading... | |
TLS 1.3 over QUIC
QUIC uses TLS 1.3 for encryption, integrated directly into the transport layer for faster handshakes (0-RTT or 1-RTT). RFC 9001
TLS Random
32-byte random value from the ClientHello, used for key derivation.
Cipher Suites
Offered cipher suites in order of preference. QUIC/TLS 1.3 only supports AEAD ciphers. Click any cipher to learn more about it.
Loading...
TLS Extensions
TLS extensions from the ClientHello. Extension order and values contribute to fingerprinting. RFC 8446 Section 4.2
Loading...
Supported Groups (Elliptic Curves)
Supported groups for key exchange. Groups marked "Key Share" have key material included in the ClientHello for 1-RTT handshake.
Loading...
HTTP/3 Protocol Details
HTTP/3 frames captured from your connection. The SETTINGS frame reveals client capabilities used for fingerprinting. RFC 9114 Section 7.2.4
Loading HTTP/3 frames...
Raw JSON Response
Complete fingerprint data in JSON format. Click on keys to copy paths, click on values to copy values. Use the toolbar to search, expand/collapse all, or copy the full JSON.
QUIC (Quick UDP Internet Connections) is a modern transport layer protocol developed by Google and standardized by the IETF. It powers HTTP/3, the latest version of the HTTP protocol.
Key Features of QUIC
- Built on UDP: Unlike TCP, QUIC uses UDP to avoid head-of-line blocking
- Integrated TLS 1.3: Encryption is built into the protocol, not layered on top
- 0-RTT Resumption: Previously visited sites can resume instantly without handshake
- Connection Migration: Connections survive IP address changes (e.g., WiFi to cellular)
- Multiplexed Streams: Multiple streams without head-of-line blocking
QUIC vs TCP
| Feature | TCP + TLS | QUIC |
|---|---|---|
| Handshake Round Trips | 2-3 RTT (TCP + TLS) | 1 RTT (or 0 with 0-RTT) |
| Head-of-Line Blocking | Yes (per connection) | No (per stream only) |
| Connection Migration | No | Yes |
| Encryption | Optional (TLS layer) | Mandatory (built-in) |
JA4 is the successor to JA3, designed to fingerprint TLS connections including QUIC and HTTP/3. While JA3 uses a 't' prefix for TCP TLS connections, JA4 for QUIC uses a 'q' prefix.
JA4 Format
JA4 fingerprints follow the format: a_b_c
- a (Protocol Info): Protocol type (q=QUIC, t=TCP), TLS version, SNI mode, cipher count, extension count, ALPN
- b (Cipher Hash): Truncated SHA256 hash of sorted cipher suites (12 chars)
- c (Extension Hash): Truncated SHA256 hash of extensions and signature algorithms (12 chars)
JA4 Example Breakdown
q13d0313h3_0f2cb44170f4_e3b0c44298fc
│││││││││ │ │
│││││││││ │ └─ Extension hash (12 chars)
│││││││││ └────────────── Cipher hash (12 chars)
││││││││└─────────────── ALPN (h3 = HTTP/3)
│││││││└──────────────── Extension count (13)
││││││└───────────────── Cipher count (03)
│││││└────────────────── SNI present (d)
││││└─────────────────── TLS version (13 = TLS 1.3)
│││└──────────────────── Protocol (q = QUIC)JA4 vs JA3
| Feature | JA3 | JA4 |
|---|---|---|
| Hash Algorithm | MD5 (full) | SHA256 (truncated) |
| Protocol Support | TCP/TLS only | TCP/TLS and QUIC |
| Readable Format | No (just hash) | Yes (includes metadata) |
| ALPN Included | No | Yes |
JA4 provides stronger fingerprinting than JA3 because QUIC connections expose additional protocol parameters like transport settings, 0-RTT support, and datagram capabilities.
Encrypted Client Hello (ECH) is a TLS extension that encrypts the ClientHello message, hiding sensitive information like the Server Name Indication (SNI) from network observers.
Why ECH Matters
- Privacy: Network observers cannot see which domain you're connecting to
- Censorship Resistance: Makes it harder to block specific websites
- Fingerprinting Impact: Outer SNI shows a generic domain, hiding the real destination
How ECH Works
- DNS returns an ECH configuration (via HTTPS record)
- Client encrypts the real ClientHello with the server's public key
- An "outer" ClientHello with a different SNI is visible to observers
- Server decrypts and processes the real "inner" ClientHello
ECH and Fingerprinting
When ECH is active, the fingerprint is derived from the encrypted inner ClientHello. The outer SNI (shown in the UI) is typically a generic Cloudflare domain, while your actual destination remains private.
As websites migrate to HTTP/3, anti-bot systems are adding QUIC fingerprinting to their detection arsenal:
Detection Methods
- JA4 Blacklisting: Block known automation tool QUIC fingerprints
- Protocol Consistency: Verify browser claims match QUIC capabilities
- Transport Parameters: Check QUIC transport settings match expected browser values
- 0-RTT Behavior: Real browsers use 0-RTT for repeat visits; bots often don't
- HTTP/3 SETTINGS: QPACK parameters and datagram support vary by browser
Fingerprinting Vectors in QUIC
| Vector | What It Reveals | Uniqueness |
|---|---|---|
| JA4 Hash | TLS configuration (ciphers, extensions) | High |
| Transport Parameters | QUIC flow control settings | Medium |
| HTTP/3 SETTINGS | QPACK, datagram support | Medium |
| Connection ID Length | Implementation-specific | Low |
Challenges for Web Scrapers
- curl: Only supports HTTP/3 with experimental builds (--http3-only flag)
- Python requests: No native QUIC support
- Go: quic-go library available but fingerprint differs from browsers
- Browser Automation: Puppeteer/Playwright use real browsers with correct fingerprints
Current Options
1. Browser Automation (Recommended)
Puppeteer, Playwright, and Selenium use real browser engines that support HTTP/3 with correct QUIC fingerprints.
const browser = await puppeteer.launch();
const page = await browser.newPage();
// Browser automatically uses HTTP/3 when available
await page.goto('https://http3-site.com');2. Fallback to HTTP/2
Most sites still support HTTP/2 fallback. If QUIC fingerprinting blocks you, use TCP-based connections with proper JA3 fingerprinting.
3. Scrapfly ASP
Scrapfly's Anti-Scraping Protection automatically handles protocol negotiation and uses real browser fingerprints for both HTTP/2 and HTTP/3.
from scrapfly import ScrapflyClient, ScrapeConfig
client = ScrapflyClient(key='YOUR_API_KEY')
result = client.scrape(ScrapeConfig(
url='https://http3-site.com',
asp=True # Handles QUIC fingerprinting automatically
))Pro Tip
Most anti-bot systems prioritize HTTP/2 + JA3 fingerprinting over QUIC/JA4. Focus on getting JA3 right first, and QUIC fingerprinting will follow naturally when using browser automation or services like Scrapfly.
You can access your QUIC fingerprint programmatically via our API (requires HTTP/3 support):
API Endpoint
GET https://quic.tools.scrapfly.io/api/fp/quicResponse Format (JSON)
{
"user_agent": "Mozilla/5.0 ...",
"ja4": "q13d0313h3_0f2cb44170f4_e3b0c44298fc",
"ja4_r": "q13d0313h3_1301_",
"ja4_hash": "b8f0b1ffca70",
"h3_hash": "3ea2ceb1247f05496538d350915beeb6",
"h3_text": "1:65536;7:100;51:1;39484089984:2235535436",
"quic": {
"dcid": "55fd4caf46c83010",
"dcid_length": 8,
"scid": "961d09d6",
"scid_length": 4,
"0-rtt": false,
"version": { "id": 1, "name": "QUICv1" },
"transport_parameters": {
"initial_max_data": 15728640,
"initial_max_streams_bidi": 100,
"max_idle_timeout_ms": 30000
}
},
"tls": {
"ech": { "ech_success": true, "outer_sni": "example.com" },
"cipher_suite": { "id": 4865, "name": "TLS_AES_128_GCM_SHA256" },
"cipher_suites": [...],
"extensions": [...],
"selected_version": { "id": 772, "name": "TLS 1.3" }
},
"http3": [
{
"id": 4,
"name": "SETTINGS",
"stream_id": 2,
"settings": [
{ "id": 1, "name": "SETTINGS_QPACK_MAX_TABLE_CAPACITY", "value": 65536 }
]
}
]
}curl Example (requires HTTP/3 build)
# Requires curl compiled with HTTP/3 support (nghttp3 + ngtcp2 or quiche)
curl --http3-only 'https://quic.tools.scrapfly.io/api/fp/quic'
# Check if your curl supports HTTP/3:
curl --version | grep HTTP3JavaScript Example
// Browser will automatically use HTTP/3 if supported
fetch('https://quic.tools.scrapfly.io/api/fp/quic')
.then(r => r.json())
.then(data => {
console.log('JA4:', data.ja4);
console.log('JA4 Hash:', data.ja4_hash);
console.log('H3 Hash:', data.h3_hash);
console.log('ECH Active:', data.tls?.ech?.ech_success);
console.log('QUIC Version:', data.quic?.version?.name);
});
The fingerprint data is also available in the browser console via window.fingerprint.
