TLS Client Hello Mirror

This service presents your browser's TLS Client Hello message in multiple formats. It can be used directly or in CI tests to check for TLS privacy pitfalls (session resumption, fingerprinting, system time exposure) and security shortcomings (deprecated TLS versions, weak cipher suites, missing features, etc). Details here.

API endpoints

API documentation

Connection

TLS version: TLS 1.3
Cipher suite: TLS_AES_128_GCM_SHA256
TLS session resumed: true

TLS session resumption marginally speeds up the initiation of connections, but it affects privacy in much the same way that HTTP cookies do: the server provides a unique token that your browser sends back on subsequent connections, allowing the server to link your visits even if your IP address changes. The browser can mitigate this by enforcing a short TLS session lifetime: the paper linked below proposes a limit of 10 minutes or less.

Tracking Users across the Web via TLS Session Resumption

Client Hello

Supported features

Signed certificate timestamps: false
OCSP stapling: true

Your browser does not validate Certificate Transparency log signatures.

Supported TLS/SSL versions

TLS 1.3
TLS 1.2

Cipher suites

Extensions

server_name
status_request
supported_groups
ec_point_formats
signature_algorithms
signature_algorithms_cert
application_layer_protocol_negotiation
status_request_v2
extended_master_secret
supported_versions
psk_key_exchange_modes
key_share
renegotiation_info
pre_shared_key

Supported groups

x25519
secp256r1
secp384r1
secp521r1
x448
ffdhe2048
ffdhe3072
ffdhe4096
ffdhe6144
ffdhe8192

Signature algorithms

ecdsa_secp256r1_sha256
ecdsa_secp384r1_sha384
ecdsa_secp521r1_sha512
rsa_pss_rsae_sha256
rsa_pss_rsae_sha384
rsa_pss_rsae_sha512
rsa_pss_pss_sha256
rsa_pss_pss_sha384
rsa_pss_pss_sha512
rsa_pkcs1_sha256
rsa_pkcs1_sha384
rsa_pkcs1_sha512
sha256,dsa (not recommended)
sha224,ecdsa (not recommended)
sha224,rsa (not recommended)
sha224,dsa (not recommended)
ecdsa_sha1 (not recommended)
rsa_pkcs1_sha1 (not recommended)
sha1,dsa (not recommended)

TLS fingerprint

JA3: 771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172,0-5-10-11-13-50-16-17-23-43-45-51-65281-41,29-23-24-25-30-256-257-258-259-260,0
JA3 MD5: 0a84269fcc8452ac11db9e0d0b6728db

NJA3v1: 771,771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172,5-10-11-13-17-23-43-45-50-51-65281,29-23-24-25-30-256-257-258-259-260,0,772-771,1027-1283-1539-2052-2053-2054-2057-2058-2059-1025-1281-1537-1026-771-769-770-515-513-514,1,
NJA3v1 SHA256/128: 2038c11f3b8ead13456c66cfc36202c2

Parameters in the Client Hello message differ between clients, enabling servers and on-path observers to detect what browser you are likely using (down to its version, or a range of versions) by deriving its fingerprint from said parameters. Worse, if you change any TLS-related settings, your TLS fingerprint becomes specific to a much smaller group of users, possibly even to you alone.

JA3 is a simple and popular type of TLS fingerprint. NJA3 is a similar style of fingerprint which aims to improve the robustness and accuracy of JA3.