What is JA3 / JA4 fingerprint?
Also: ja3 · ja4 · tls fingerprint
A JA3 (or newer JA4) fingerprint is a hash of the fields in a TLS ClientHello — the parameters a client offers when starting an encrypted connection. Because VPN clients, proxies, and automation tools assemble these fields differently from mainstream browsers, the fingerprint helps identify what software is really connecting.
Two clients claiming to be the same browser will share a JA3/JA4 hash if they truly are; a mismatch between the claimed user-agent and the TLS fingerprint exposes spoofing, VPN wrappers, or scripted clients.
TLS fingerprinting is one signal among many — it complements IP reputation and active probing rather than replacing them.
How IPLogs handles it
IPLogs hashes the TLS ClientHello (JA3/JA4) and compares it against known VPN-client and automation fingerprints.