Metadata-Version: 2.4
Name: ja3-fingerprint-checker
Version: 0.1.0
Summary: CLI to print the JA3/TLS fingerprint your HTTP client or proxy sends, with a browser-vs-bot verdict and exit-IP ASN.
Author-email: JiBao Proxy <support@jibaoproxy.com>
License: MIT
Project-URL: Homepage, https://jibaoproxy.com
Project-URL: JA3 web tool, https://check.jibaoproxy.com
Project-URL: Source, https://github.com/jibaoproxyofficial-pixel/ja3-fingerprint-checker
Keywords: ja3,tls-fingerprint,fingerprint,anti-bot,web-scraping,cloudflare,proxy,bot-detection
Classifier: Environment :: Console
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Topic :: Security
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Dynamic: license-file

# ja3-fingerprint-checker

[![PyPI version](https://img.shields.io/pypi/v/ja3-fingerprint-checker.svg)](https://pypi.org/project/ja3-fingerprint-checker/)
[![Python versions](https://img.shields.io/pypi/pyversions/ja3-fingerprint-checker.svg)](https://pypi.org/project/ja3-fingerprint-checker/)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)

A one-command CLI that prints the **JA3 / TLS fingerprint your HTTP client — or your proxy — sends**, tells you whether it looks like a real browser or an automation library, and shows the ASN/geo of the exit IP. See what Cloudflare, DataDome, and PerimeterX see *before* your request reaches the page.

```bash
pip install ja3-fingerprint-checker
```

## Usage

```bash
ja3check
```

```
Verdict: Automation / library fingerprint
  detected client : Python

JA3 hash: 375c6162a492dfbf2795909110ce8424
JA3: 771,4865-4866-4867-...,43-51-...,29-23-24,0
  ALPN: h2, http/1.1   GREASE: False   extensions: 7

Exit IP: 203.0.113.7  AS15169 Example Cloud  (Germany)
  flags: datacenter

Why this can get flagged:
  - No GREASE values — real Chrome/Firefox/Edge always inject GREASE; their absence is a strong bot signal
  - Only 7 TLS extensions — browsers send ~15+; a short list looks like a raw TLS stack
  - Missing Accept-Language — browsers always send it; many scrapers omit it
```

### Check the fingerprint through your proxy

The useful part: see what JA3 + exit IP your scraper actually presents when routed through a proxy.

```bash
ja3check --proxy http://USERNAME:PASSWORD@us.jibaoproxy.com:913
```

### Other options

```bash
ja3check --json                       # raw JSON, for scripts/CI
ja3check --user-agent "Mozilla/5.0 …" # spoof a UA and see if it still looks like a bot
ja3check --url https://your-echo/     # point at a different JA3 echo endpoint
```

Use it in `--json` mode to **fail CI** if your scraper's fingerprint regresses to "bot".

## Why JA3 matters

Your TLS ClientHello (cipher suites, extensions, curves) is hashed into a **JA3 fingerprint** that's stable per client library. A datacenter IP plus a `python`/`curl`/`okhttp` JA3 gets scored as a bot at the handshake — long before any header or JavaScript check. Rotating IPs doesn't fix a fingerprint that screams "library." You need an exit whose ASN looks residential **and** a TLS fingerprint that matches a real browser.

This CLI talks to the [JiBao Proxy JA3 tool](https://check.jibaoproxy.com) by default (`--url` to change it). We build [JiBao Proxy](https://jibaoproxy.com) for clean residential exits — 72M+ IPs across 200+ countries. The CLI works against any compatible echo endpoint, though.

## Related

- [JA3 / TLS fingerprint detection, explained](https://jibaoproxy.com/blog/ja3-tls-fingerprint-detection-explained.html)
- [Bypassing DataDome & PerimeterX in 2026](https://jibaoproxy.com/blog/datadome-perimeterx-bypass-2026.html)
- [Headless browser detection (CDP leaks)](https://jibaoproxy.com/blog/headless-browser-detection-2026.html)

## License

MIT
