1. [JA3 Fingerprint](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) 2. TLS Extensions # TLS Extensions Database Complete reference of 25 IANA-registered TLS extensions ### About TLS Extensions TLS extensions are optional features that clients and servers can negotiate during the TLS handshake. They extend the core TLS protocol to support additional capabilities like Server Name Indication (SNI), Application-Layer Protocol Negotiation (ALPN), and more. In **JA3 fingerprinting**, the set of TLS extensions advertised by a client is a key component of the fingerprint. Different browsers and HTTP libraries support different extensions, making this a reliable way to identify and differentiate clients. **JA3 Format:** `TLS_VERSION,CIPHERS,EXTENSIONS,CURVES,POINT_FORMATS` ### Search TLS Extensions Try searching for: "server\_name", "SNI", "0x0000", "23", "ALPN", or "grease" ### All TLS Extensions (25) | Extension Name | Code (Dec) | Code (Hex) | Description | RFC | |---|---|---|---|---| | [ `server_name` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/server-name) | `0` | `0x0000` | Server Name Indication (SNI) extension allows the client to indicate which hostname it is attempting... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc6066) | | [ `max_fragment_length` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/max-fragment-length) | `1` | `0x0001` | The Maximum Fragment Length extension allows clients with limited buffer sizes to negotiate a smalle... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc6066) | | [ `status_request` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/status-request) | `5` | `0x0005` | The Certificate Status Request extension, also known as OCSP Stapling, allows the client to request ... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc6066) | | [ `supported_groups` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/supported-groups) | `10` | `0x000A` | The Supported Groups extension (formerly called Elliptic Curves) indicates which elliptic curve grou... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.7) | | [ `ec_point_formats` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/ec-point-formats) | `11` | `0x000B` | The EC Point Formats extension specifies which elliptic curve point formats the client can parse. Th... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8422) | | [ `signature_algorithms` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/signature-algorithms) | `13` | `0x000D` | The Signature Algorithms extension indicates which signature algorithms the client supports for veri... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.3) | | [ `application_layer_protocol_negotiation` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/application-layer-protocol-negotiation) | `16` | `0x0010` | ALPN (Application-Layer Protocol Negotiation) allows the client and server to negotiate which applic... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc7301) | | [ `signed_certificate_timestamp` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/signed-certificate-timestamp) | `18` | `0x0012` | The Signed Certificate Timestamp (SCT) extension enables Certificate Transparency by allowing client... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc6962) | | [ `extended_master_secret` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/extended-master-secret) | `23` | `0x0017` | The Extended Master Secret extension addresses the "Triple Handshake Attack" vulnerability in TLS 1.... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc7627) | | [ `compress_certificate` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/compress-certificate) | `27` | `0x001B` | The Compress Certificate extension allows TLS certificate chains to be compressed using algorithms l... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8879) | | [ `record_size_limit` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/record-size-limit) | `28` | `0x001C` | The Record Size Limit extension allows clients and servers to negotiate the maximum size of TLS reco... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8449) | | [ `session_ticket` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/session-ticket) | `35` | `0x0023` | The Session Ticket extension enables stateless TLS session resumption. Instead of the server maintai... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc5077) | | [ `pre_shared_key` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/pre-shared-key) | `41` | `0x0029` | The Pre-Shared Key (PSK) extension in TLS 1.3 enables fast session resumption and 0-RTT (Zero Round-... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.11) | | [ `early_data` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/early-data) | `42` | `0x002A` | The Early Data extension (also known as 0-RTT) allows clients to send application data in the first ... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.10) | | [ `supported_versions` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/supported-versions) | `43` | `0x002B` | The Supported Versions extension allows clients to indicate which TLS versions they support. In TLS ... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.1) | | [ `cookie` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/cookie) | `44` | `0x002C` | The Cookie extension in TLS 1.3 is used for stateless handshake retries when the server is under loa... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.2) | | [ `certificate_authorities` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/certificate-authorities) | `47` | `0x002F` | The Certificate Authorities extension allows clients to indicate which certificate authorities (CAs)... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.4) | | [ `key_share` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/key-share) | `51` | `0x0033` | The Key Share extension in TLS 1.3 contains the client's cryptographic key exchange parameters for (... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.8) | | [ `psk_key_exchange_modes` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/psk-key-exchange-modes) | `45` | `0x002D` | The PSK Key Exchange Modes extension specifies which modes the client supports when using PSK (Pre-S... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc8446#section-4.2.9) | | [ `renegotiation_info` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/renegotiation-info) | `65281` | `0xFF01` | The Renegotiation Info extension prevents the TLS renegotiation attack discovered in 2009. Without t... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc5746) | | [ `padding` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/padding) | `21` | `0x0015` | The Padding extension allows clients to pad the Client Hello message to a desired size. This is used... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc7685) | | [ `application_settings` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/application-settings) | `17513` | `0x4469` | Application Settings (ALPS) is a Chrome-introduced TLS extension that lets the server hint applicati... | [ draft-vvv-tls-alps ](https://datatracker.ietf.org/doc/html/draft-vvv-tls-alps) | | [ `application_settings_new_codepoint` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/application-settings-new-codepoint) | `17613` | `0x44CD` | Application Settings (ALPS), re-codepointed at 17613. Recent Chrome builds emit the same Application... | [ draft-vvv-tls-alps ](https://datatracker.ietf.org/doc/html/draft-vvv-tls-alps) | | [ `encrypted_client_hello` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/encrypted-client-hello) | `65037` | `0xFE0D` | Encrypted Client Hello (ECH) hides the contents of the TLS Client Hello — including SNI and ALPN — f... | [ draft-ietf-tls-esni ](https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni) | | [ `quic_transport_parameters` ](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/extension/quic-transport-parameters) | `57` | `0x0039` | QUIC Transport Parameters is a TLS extension carried inside the TLS 1.3 handshake when TLS is being ... | [ RFC ](https://datatracker.ietf.org/doc/html/rfc9001) | No extensions found matching your search. Try searching for extension names (e.g., "server\_name"), codes (e.g., "23"), or keywords. ### Related Resources ##### TLS Fingerprinting - [JA3 Fingerprint Tool](https://scrapfly.io/web-scraping-tools/ja3-fingerprint) - [Browse All Cipher Suites](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/cipher-suites) - [Browse All Supported Groups](https://scrapfly.io/web-scraping-tools/ja3-fingerprint/supported-groups) ##### External References - [IANA TLS ExtensionType Values ](https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtml) - [JA3 - TLS Client Fingerprinting ](https://github.com/salesforce/ja3)