Proprietary Technology

Network Fingerprinting Evolved

DNS4 identifies devices, software, and threats through multi-protocol analysis uniquely correlated with DNS intelligence. See what others miss.

Start Free Trial View Documentation
DNS4 Analysis Result
fingerprint: "t13d1516h2_e92c3fa1_a4b8c9"
server: "nginx/1.21.6"
tls_version: "TLS 1.3"
os_family: "Linux"
is_bot: false
vpn_detected: false
threat_score: 12/100
dns_age_days: 3650

7

Fingerprinting Methods

50M+

Fingerprints Collected

<100ms

Average Response Time

99.9%

API Uptime

7 Fingerprinting Methods

DNS4 analyzes network traffic from multiple angles, providing comprehensive visibility into devices and threats

DNS4-TLS

Server-side TLS fingerprinting for infrastructure identification

  • Server software detection
  • TLS configuration analysis
  • Infrastructure patterns
  • Certificate chain validation

DNS4-HTTP

HTTP header analysis for client identification

  • Bot vs. human detection
  • Browser fingerprinting
  • Suspicious user agents
  • Header anomaly detection

DNS4-CERT

Certificate behavior analysis for threat detection

  • Certificate reuse tracking
  • Self-signed detection
  • CT log analysis
  • Malware cert patterns

DNS4-SSH

SSH connection fingerprinting for security analysis

  • SSH client identification
  • Brute-force detection
  • Scanner identification
  • Key exchange analysis

DNS4-TCP

TCP stack fingerprinting for OS identification

  • Operating system detection
  • Device type classification
  • Spoofing detection
  • TTL/window analysis

DNS4-LAT

Latency analysis for proxy and VPN detection

  • VPN/proxy detection
  • Geographic mismatch
  • BGP hijacking detection
  • Network path analysis

JA4 Integration

Full integration with FoxIO's open-source JA4 client TLS fingerprinting standard. Detect known malware signatures, identify applications, and track C2 communication patterns.

How DNS4 Works

DNS4 uniquely correlates network fingerprints with DNS intelligence for unprecedented visibility

1

Capture

Collect network signals from TLS, HTTP, TCP, SSH, and latency data

2

Fingerprint

Generate unique fingerprints using proprietary algorithms

3

Correlate

Cross-reference with DNS intelligence and threat databases

4

Analyze

Return actionable insights with threat scores and classifications

Use Cases

DNS4 powers security operations across industries

Enterprise Security

Protect your network with comprehensive device visibility and threat detection.

  • Identify unauthorized devices on your network
  • Detect C2 communication and data exfiltration
  • Track certificate reuse across infrastructure
  • Monitor for vulnerable software versions

Threat Intelligence

Map adversary infrastructure and track threat actor techniques.

  • Map attacker infrastructure and C2 servers
  • Track threat actor TTPs over time
  • Identify malware families by fingerprint
  • Correlate IoCs across protocols

Fraud Prevention

Distinguish legitimate users from automated threats and fraud attempts.

  • Detect VPN and proxy usage
  • Identify OS and browser spoofing
  • Distinguish bots from human users
  • Detect account takeover attempts

MSSPs & SOCs

Scale security operations with multi-tenant fingerprinting.

  • Multi-tenant architecture with data isolation
  • Per-client fingerprint databases
  • SIEM and SOAR integrations
  • Scalable API with generous rate limits

Developer-Friendly API

Integrate DNS4 fingerprinting into your applications with our RESTful API and SDKs for Python, Node.js, and Go.

  • Sub-100ms response times
  • RESTful JSON API
  • Comprehensive documentation
  • SDKs for major languages
  • Generous rate limits
Read the Docs
Python SDK Example 
from dnsscience import DNS4Client

# Initialize client
client = DNS4Client(api_key="YOUR_API_KEY")

# TLS fingerprinting
tls = client.tls.analyze("example.com")
print(f"Server: {tls.server_software}")
print(f"Score: {tls.threat_score}/100")

# Unified multi-method analysis
result = client.analyze(
    "example.com",
    methods=["tls", "http", "cert", "tcp"]
)
print(f"Risk: {result.threat_summary.risk_score}")

Contact Us

Have questions? Need support? We're here to help.

EMERGENCY SUPPORT

Critical Security Incident?

For active security breaches, ongoing attacks, or critical infrastructure compromises requiring immediate response:

EMERGENCY HOTLINE +1 (888) 555-1234

Available 24/7/365

Average response time: <15 minutes

Direct access to security engineers

Start Fingerprinting Today

Get comprehensive network visibility with DNS4. Free tier available with 100 requests per day.

Start Free Trial Contact Us