1. [JA3 Fingerprint](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) 2. [ TLS Extensions ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extensions "Browse all TLS Extensions") 3. application\_layer\_protocol\_negotiation [ Browse All TLS Extensions ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extensions) # application\_layer\_protocol\_negotiation TLS Extension Code: `16` ### Extension Details Extension Name `application_layer_protocol_negotiation` Extension Code (Decimal) `16` Extension Code (Hex) `0x0010` RFC Reference [ RFC 7301 ](https://datatracker.ietf.org/doc/html/rfc7301) ### What is application\_layer\_protocol\_negotiation? ALPN (Application-Layer Protocol Negotiation) allows the client and server to negotiate which application protocol (HTTP/1.1, HTTP/2, HTTP/3) will be used over the TLS connection. This eliminates an extra round trip compared to NPN (Next Protocol Negotiation). Common ALPN values include "h2" (HTTP/2), "http/1.1", and "h3" (HTTP/3). Browsers typically advertise multiple protocols in order of preference: h2, http/1.1. ALPN is defined in RFC 7301 and is essential for modern web performance. ALPN values are also used in TLS fingerprinting to identify clients. ### Role in JA3 Fingerprinting How This Extension Affects Fingerprinting The **application\_layer\_protocol\_negotiation** extension is part of the TLS Client Hello packet that JA3 analyzes to create a unique fingerprint of your browser or HTTP client. **JA3 Construction:** JA3 concatenates TLS parameters including extensions in a specific format: `TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS` Different browsers and HTTP clients support different sets of TLS extensions, making this a key differentiator in fingerprinting. The presence, absence, or order of extensions like `application_layer_protocol_negotiation` can reveal: - Browser type and version (Chrome, Firefox, Safari, Edge) - Operating system (Windows, macOS, Linux, Android, iOS) - HTTP library (curl, Python requests, Go http.Client, Node.js) - Bot detection - automated tools often have distinctive extension sets ### Test Your TLS Configuration See if your browser or HTTP client includes the `application_layer_protocol_negotiation` extension in its TLS handshake: [ Test Your JA3 Fingerprint ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) The JA3 tool will show all TLS extensions your client advertises, including application\_layer\_protocol\_negotiation. ### Browser & Client Support **Modern Browser Support:** - **Chrome/Edge:** Full support for application\_layer\_protocol\_negotiation - **Firefox:** Full support for application\_layer\_protocol\_negotiation - **Safari:** Full support for application\_layer\_protocol\_negotiation **HTTP Client Libraries:** - **curl:** Support varies by OpenSSL/LibreSSL version - **Python requests:** Limited TLS extension control - **curl\_cffi:** Can mimic browser TLS configurations - **Scrapfly API:** Automatically matches real browser TLS fingerprints ### Related TLS Resources ##### TLS Extensions - [server\_name (SNI)](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/server-name) - [supported\_groups](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/supported-groups) - [ALPN](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/application-layer-protocol-negotiation) - [supported\_versions](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/supported-versions) ##### Testing Tools - [JA3 Fingerprint Tool](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) - [Browser Fingerprint Test](https://scrapfly.io/web-scraping-tools/browser-fingerprint) ### Technical References - **RFC Specification:** [ RFC 7301 - TLS Extensions ](https://datatracker.ietf.org/doc/html/rfc7301) - **IANA Registry:** [ TLS ExtensionType Values ](https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml) - **JA3 Project:** [ JA3 - TLS Client Fingerprinting ](https://github.com/salesforce/ja3)