Skip to content

JA4_R missing for chrome? 0029 #178

New issue
New issue
Closed
Closed
JA4_R missing for chrome? 0029#178
@UnChaotic

Description

@UnChaotic
UnChaotic
opened on Aug 27, 2025 · edited by UnChaotic

my browser ja4_r
002f,0035,009c,009d,1301,1302,1303,c013,c014,c02b,c02c,c02f,c030,cca8,cca9_0000,0005,000a,000b,000d,0012,0017,001b,0023,0029,002b,002d,0033,44cd,fe0d,ff01_0403,0804,0401,0503,0805,0501,0806,0601

with curl impersonate
002f,0035,009c,009d,1301,1302,1303,c013,c014,c02b,c02c,c02f,c030,cca8,cca9_0000,0005,000a,000b,000d,0012,0017,001b,0023,002b,002d,0033,44cd,fe0d,ff01_0403,0804,0401,0503,0805,0501,0806,0601

at first my ja4 is t13d1516h2_8daaf6152771_8802cfb92a1f on first browser page load then it changes to
after refreshing the page to
t13d1517h2_8daaf6152771_7e51fdad25f2
Can't this be easily detected? :O

full fingerprint my browser
https://pastebin.com/kAfG6KKE
and curl impersonate
https://pastebin.com/PcKjp6eb

Activity

UnChaotic

UnChaotic commented on Aug 28, 2025

@UnChaotic
UnChaotic
on Aug 28, 2025
Author

im on windows 11 latest version chrome 139

lexiforest

lexiforest commented on Aug 28, 2025

@lexiforest
lexiforest
on Aug 28, 2025
Owner

JA4 is not very useful, because it's cryptically encoded and does not cover the entire of hello packet. I cannot offer any help for a ja4 mismatch. The likely reason is PSK extension. Feel free to reopen if you can compare the hello packet content, recommended tools are wireshark and tls.peet.ws.

lexiforest
closed this as completedon Aug 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @UnChaotic@lexiforest

        Issue actions