Network Detection

TLS Anomaly

Detect browser spoofing via TLS fingerprint analysis

What it detects

Compares the visitor's TLS fingerprint (cipher suites, extensions, supported protocols) against expected fingerprints for their claimed browser. Mismatches indicate browser spoofing, headless browsers, or automated tools.

How it works

Captures the TLS ClientHello during the handshake and generates a JA3/JA4 fingerprint. Compares this against a database of known browser TLS fingerprints. Flags discrepancies between the User-Agent string and the actual TLS capabilities.

Network Detection

Use cases

Related signals

Related

use case

Bot Mitigation

Distinguish humans from automated traffic

use case

Fraud Prevention

Stop fraudsters before they act

signal

Headless Browser

Detect Selenium, Puppeteer, and Playwright automation

signal

Browser Tampering

Detect when browser APIs have been overridden

Start identifying devices today

Free tier includes 25,000 identifications per month. No credit card required.

Get started free