search

Noooste / azuretls-client

An easy-to-use HTTP client 100% in Go to spoof TLS/JA3 and HTTP2 fingerprint
MIT License
162 stars 21 forks source link

[~] update chrome profile cipher order #96

Closed stanislav-milchev closed 3 months ago

stanislav-milchev commented 3 months ago

Info

As the Chrome 126 has officially arrived, I started comparing the fingerprints of it and the current default chrome profile. I've got two colleagues with windows machines to send me the output of the tls.peet.ws/api/all request (results bellow). I notice that the ciphers were out of order. I have not gotten deeper into the rest of it but I'll be looking at it one of these days.

fingerprints

Output of tls.browserleaks.com/json of the real browser:

{
  "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36",
  "ja3_hash": "0b42287a3fcc74442b448efeda46ceae",
  "ja3_text": "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,65037-0-11-43-27-65281-17513-18-45-35-16-23-13-10-51-5,25497-29-23-24,0",
  "ja3n_hash": "4c9ce26028c11d7544da00d3f7e4f45c",
  "ja3n_text": "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,0-5-10-11-13-16-18-23-27-35-43-45-51-17513-65037-65281,25497-29-23-24,0",
  "akamai_hash": "52d84b11737d980aef856699f885ca86",
  "akamai_text": "1:65536;2:0;4:6291456;6:262144|15663105|0|m,a,s,p"
}

With this proposed fix, now the normalised ja3 (ja3n) matches;

tls peet api results

{
    "http_version": "h2",
    "method": "GET",
    "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36",
    "tls": {
        "ciphers": [
            "TLS_GREASE (0xCACA)",
            "TLS_AES_128_GCM_SHA256",
            "TLS_AES_256_GCM_SHA384",
            "TLS_CHACHA20_POLY1305_SHA256",
            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
            "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
            "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
            "TLS_RSA_WITH_AES_128_GCM_SHA256",
            "TLS_RSA_WITH_AES_256_GCM_SHA384",
            "TLS_RSA_WITH_AES_128_CBC_SHA",
            "TLS_RSA_WITH_AES_256_CBC_SHA"
        ],
        "extensions": [
            {
                "name": "TLS_GREASE (0xeaea)"
            },
            {
                "name": "supported_groups (10)",
                "supported_groups": [
                    "TLS_GREASE (0xaaaa)",
                    "X25519Kyber768 (25497)",
                    "X25519 (29)",
                    "P-256 (23)",
                    "P-384 (24)"
                ]
            },
            {
                "name": "extended_master_secret (23)",
                "master_secret_data": "",
                "extended_master_secret_data": ""
            },
            {
                "name": "application_layer_protocol_negotiation (16)",
                "protocols": [
                    "h2",
                    "http/1.1"
                ]
            },
            {
                "name": "status_request (5)",
                "status_request": {
                    "certificate_status_type": "OSCP (1)",
                    "responder_id_list_length": 0,
                    "request_extensions_length": 0
                }
            },
            {
                "name": "application_settings (17513)",
                "protocols": [
                    "h2"
                ]
            },
            {
                "name": "compress_certificate (27)",
                "algorithms": [
                    "brotli (2)"
                ]
            },
            {
                "name": "extensionRenegotiationInfo (boringssl) (65281)",
                "data": "00"
            },
            {
                "name": "supported_versions (43)",
                "versions": [
                    "TLS_GREASE (0x6a6a)",
                    "TLS 1.3",
                    "TLS 1.2"
                ]
            },
            {
                "name": "key_share (51)",
                "shared_keys": [
                    {
                        "TLS_GREASE (0xaaaa)": "00"
                    },
                    {
                        "X25519Kyber768 (25497)": "66ddfc32756b29e3efcbfc9c385f6ddfa2687cd25dd0c451a662869e1492b92e6bc7105acc3e5bfcb5f606890a449390d166979a7c8c7740f52b4fe0f1b90fa92bee1817edfaa79b07aed56a5447d32fbb951044dc3944c97423ca2540101b770208eea3c8f5f24fae8cbe1cf35525485c5388cdb8578a24280e0c9c0e8ecb01a9287e74378857f12d793c53747b2c12457679992fbebacdd5893d29b86e0bca4e84250db44605f7f375e4d40476663b0d664c62d1763df45524731416dc20f5744726579474987633e10a0801b6bdf78535a448d75b50f837ae676c52a5ac8cdb828aed8594a7963d21cb0bd28c6c72197db06c842150341b6878e9b09cad7cbb81502bef8c0ac4724ab14a797882894d867cd1aab193718f0f189bbeb1ba5d418b0246607cf9953042269f17b6b64c6efd9926d0e807f4e079b9d822253a7131a8b004392fc573b2cca6b5fe3bb3b43425120ba923f4a71dc04899b4671f8c2b15b456e9a63f1f6a74e65747a7059ff3783fae5c493d735aa4929f46099a100464ee53c7fb525d0294aefe991271a08edb66800a8c3f8a538b4e198562f18e7f969ff6c1b8be5cb87be03a78897679141373d3934784bd8e6a3451157ad43296a57979a1397644b117ecf52d5393ca7c93226c49221bd5b7a60530003c2b71430066f358a21a46f39309e3c23325f88a5735911cb23ea8382bd19b6b09da8eb6f435b544b37af92b3bb08e7c5814151ab1311164f1d852d5678e5136752a6870df34a2b7a9c68cb2bd11e95bd9608fb8937d39c53a3dbb868563017c92628dc127027a9d657a2ad083a106820e92e323ff4835d4424259c2c9c279cda2d7bae9bc410b3525b565160ee34cffeb3b7d430b4af180cedb295ac3cb83a3aafbba2f5b579acb2246def75fa4788d21622dd7fc163da9a9e3b240834775b4139f53f34fac95b873f86cdf2490b7d36116fb901dab7ad0f67e907cc549718e6a48574e299b694c8bed9ab7084830a219964f394002f4a610d00a71d0ce4bb7c4adc6a22263523118624148be04ea437c58bd17c08c0ba82e88663920431b18655e269b8925dc6f64749c44e8a005108fbc279c2d1095e6e4a30733232a41b5ce820b7b16cbb24b521c60b6dbf2369ce0c14eb753b88080fbc98eb0178c63bb318ca9cf692986fc7a48d0a646b31300d246177b3396ea33bbb6749c30877bd76ab6c9c2305a96a410d0730d715c0510a245c0a26b59c09aa7a4b1a7198a7b5b2fd97e9c14ac95aa32531b9db0d0853bd8813a5720d8732e1f9a214db0a2911c4cc585acbc586599a79ba077656af46829e4cdb0b699aa3b4dbed4bf55a58e7f5a7ee125bca3c8cadda2c1ca7a6b0af64ef2e0813f896465c7b685a41b22d96b8309cbb79399181944ab7502935b01299225cd8a2869d25b9b3267c1f2adc2402082bc49b067cd2e58c52e488b21a5cd0d4c9414f3354db647ae0a5bf3e37074550d7c652243691a505b8ad9253debb76fe4c61548d1c0c8659e16e89732e137abab90a97cc5f0415ba05ab699676e232570b0000fc93167a42417b3193dc0020383006a13945e3cf5776ecb2e9e00a24c97c263c2632b86af2f6086f1812940953ab8fc1a5092ae2ab2bf8e6540604214994989a8125efefc1c8fdc6d97da13d7c9b30bdef7f7e97171315423d2352a1a402c1637b35fafbee78a7c37f0dc44a2ba05"
                    },
                    {
                        "X25519 (29)": "b755827e350c183a0dddd9e316eeb7622e8ed23579f1c38ca9d0023cf963af7d"
                    }
                ]
            },
            {
                "name": "ec_point_formats (11)",
                "elliptic_curves_point_formats": [
                    "0x00"
                ]
            },
            {
                "name": "psk_key_exchange_modes (45)",
                "PSK_Key_Exchange_Mode": "PSK with (EC)DHE key establishment (psk_dhe_ke) (1)"
            },
            {
                "name": "server_name (0)",
                "server_name": "tls.peet.ws"
            },
            {
                "name": "extensionEncryptedClientHello (boringssl) (65037)",
                "data": "0000010001d50020f909c99de346405382255b5343a99428b7db56f4d54fa40debd3b26f1d1f645200b0ea60332fe89d6f3acd65a9c1607e756738cec27ed99706d4d556021ea9eacbe38e33ad32271b63693e48a94f4c46aaa7739183a1fa1bb8d3ed1b91e11ea681538dbe58d6e3495031e979c66006ffb7f7e82ec9287ea3be1f6aacc9278cf6c99e8dcaed749302736149bee1220303bb92ea275f267993597387c2734e57087578901532f5a08a4b5ed46d8e91f247458f0529551740e890d7e7b753512952a8a4ccfa00e3f1bdfa8f56a09bfc9d5c54be"
            },
            {
                "name": "signature_algorithms (13)",
                "signature_algorithms": [
                    "ecdsa_secp256r1_sha256",
                    "rsa_pss_rsae_sha256",
                    "rsa_pkcs1_sha256",
                    "ecdsa_secp384r1_sha384",
                    "rsa_pss_rsae_sha384",
                    "rsa_pkcs1_sha384",
                    "rsa_pss_rsae_sha512",
                    "rsa_pkcs1_sha512"
                ]
            },
            {
                "name": "session_ticket (35)",
                "data": ""
            },
            {
                "name": "signed_certificate_timestamp (18)"
            },
            {
                "name": "TLS_GREASE (0x3a3a)"
            }
        ],
        "tls_version_record": "771",
        "tls_version_negotiated": "772",
        "ja3": "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,10-23-16-5-17513-27-65281-43-51-11-45-0-65037-13-35-18,25497-29-23-24,0",
        "ja3_hash": "985fdfb10a941d5af021422b869dd00a",
        "ja4": "t13d1516h2_8daaf6152771_b1ff8ab2d16f",
        "peetprint": "GREASE-772-771|2-1.1|GREASE-25497-29-23-24|1027-2052-1025-1283-2053-1281-2054-1537|1|2|GREASE-4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53|0-10-11-13-16-17513-18-23-27-35-43-45-5-51-65037-65281-GREASE-GREASE",
        "peetprint_hash": "b8ce945a4d9a7a9b5b6132e3658fe033",
        "client_random": "9197868071fb2590c21b307d8d4bceb83cf564a76399f0ff5781336f8013c9f5",
        "session_id": "3b60c48f978e00faa34c2ce866abd8e3c42dd6cfcf64f98e0a67a974a9eabdde"
    },
    "http2": {
        "akamai_fingerprint": "1:65536,2:0,4:6291456,6:262144|15663105|0|m,a,s,p",
        "akamai_fingerprint_hash": "90224459f8bf70b7d0a8797eb916dbc9",
        "sent_frames": [
            {
                "frame_type": "SETTINGS",
                "length": 24,
                "settings": [
                    "HEADER_TABLE_SIZE = 65536",
                    "ENABLE_PUSH = 0",
                    "INITIAL_WINDOW_SIZE = 6291456",
                    "MAX_HEADER_LIST_SIZE = 262144"
                ]
            },
            {
                "frame_type": "WINDOW_UPDATE",
                "length": 4,
                "increment": 15663105
            },
            {
                "frame_type": "HEADERS",
                "stream_id": 1,
                "length": 468,
                "headers": [
                    ":method: GET",
                    ":authority: tls.peet.ws",
                    ":scheme: https",
                    ":path: /api/all",
                    "sec-ch-ua: \\\"Not/A)Brand\\\";v=\\\"8\\\", \\\"Chromium\\\";v=\\\"126\\\", \\\"Google Chrome\\\";v=\\\"126\\",
                    "sec-ch-ua-mobile: ?0",
                    "sec-ch-ua-platform: \\\"Windows\\",
                    "upgrade-insecure-requests: 1",
                    "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36",
                    "accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
                    "sec-fetch-site: none",
                    "sec-fetch-mode: navigate",
                    "sec-fetch-user: ?1",
                    "sec-fetch-dest: document",
                    "accept-encoding: gzip, deflate, br, zstd",
                    "accept-language: en-GB,en-US;q=0.9,en;q=0.8",
                    "priority: u=0, i"
                ],
                "flags": [
                    "EndStream (0x1)",
                    "EndHeaders (0x4)",
                    "Priority (0x20)"
                ],
                "priority": {
                    "weight": 256,
                    "depends_on": 0,
                    "exclusive": 1
                }
            }
        ]
    },
    "tcpip": {
        "cap_length": 407,
        "dst_port": 443,
        "src_port": 64066,
        "ip": {
            "id": 22377,
            "ttl": 113,
            "ip_version": 4,
            "dst_ip": "205.185.123.167",
        },
        "tcp": {
            "ack": 3143682599,
            "checksum": 340,
            "seq": 1454929075,
            "window": 514
        }
    }
}

{
    "http_version": "h2",
    "method": "GET",
    "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36",
    "tls": {
        "ciphers": [
            "TLS_GREASE (0x6A6A)",
            "TLS_AES_128_GCM_SHA256",
            "TLS_AES_256_GCM_SHA384",
            "TLS_CHACHA20_POLY1305_SHA256",
            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
            "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
            "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
            "TLS_RSA_WITH_AES_128_GCM_SHA256",
            "TLS_RSA_WITH_AES_256_GCM_SHA384",
            "TLS_RSA_WITH_AES_128_CBC_SHA",
            "TLS_RSA_WITH_AES_256_CBC_SHA"
        ],
        "extensions": [
            {
                "name": "TLS_GREASE (0xfafa)"
            },
            {
                "name": "application_layer_protocol_negotiation (16)",
                "protocols": [
                    "h2",
                    "http/1.1"
                ]
            },
            {
                "name": "supported_groups (10)",
                "supported_groups": [
                    "TLS_GREASE (0xdada)",
                    "X25519Kyber768 (25497)",
                    "X25519 (29)",
                    "P-256 (23)",
                    "P-384 (24)"
                ]
            },
            {
                "name": "extended_master_secret (23)",
                "master_secret_data": "",
                "extended_master_secret_data": ""
            },
            {
                "name": "compress_certificate (27)",
                "algorithms": [
                    "brotli (2)"
                ]
            },
            {
                "name": "signed_certificate_timestamp (18)"
            },
            {
                "name": "session_ticket (35)",
                "data": ""
            },
            {
                "name": "extensionEncryptedClientHello (boringssl) (65037)",
                "data": "00000100014500208e267b0ae554d9be45b5b4dc7ac0f2ab9e944171eb03c5bbbce27aa4d6343a6a00d080c8bc5712afe36f663749f4337334c8e53fa23a45672f052804f36ca07515aa270d3038ee4414acd8fcdb40a151c825745463527b79ca6f6b63cf20b31868265d786f34ada99560bc80b1fbc967a0cc28e71935f8afdc561e9ce4749138e42407ca24d03e7d38ee0730b487e10526e46f6e7b688722954bea1b0bfc53501743f870284f1df95a3091bb80992339b6a27ca18e14ed780a2517bf2344125ae63d8fe66603eff4fb98d94127283feb5c9dc8a1ce5d7fde66995055552e3debfd909ba13a648e8b8b8a1e622fc767c90a9a"
            },
            {
                "name": "supported_versions (43)",
                "versions": [
                    "TLS_GREASE (0xaaaa)",
                    "TLS 1.3",
                    "TLS 1.2"
                ]
            },
            {
                "name": "signature_algorithms (13)",
                "signature_algorithms": [
                    "ecdsa_secp256r1_sha256",
                    "rsa_pss_rsae_sha256",
                    "rsa_pkcs1_sha256",
                    "ecdsa_secp384r1_sha384",
                    "rsa_pss_rsae_sha384",
                    "rsa_pkcs1_sha384",
                    "rsa_pss_rsae_sha512",
                    "rsa_pkcs1_sha512"
                ]
            },
            {
                "name": "status_request (5)",
                "status_request": {
                    "certificate_status_type": "OSCP (1)",
                    "responder_id_list_length": 0,
                    "request_extensions_length": 0
                }
            },
            {
                "name": "key_share (51)",
                "shared_keys": [
                    {
                        "TLS_GREASE (0xdada)": "00"
                    },
                    {
                        "X25519Kyber768 (25497)": "d850a964af2e8e8c70bc968d8fc19f07d64a492b010bf3070321dd89cd36ce7c57c968b8443876777634ab000cb8996075ca622b10a48cace85b5809446e4781387bb55f7869823b789e4d53763fb99d0cbcb4f384a1c6d7ce80961495b01f97d5260a3b68a4a7cad4a63cf8027a07c783c04c662b932228ea4b65a48d0f9a58950a7eb412b4e3cb543df7cf30a833317b6c188466577b618138bb6ca2bb8d68b1cc08746ab756b7959f1dda87b5a730c8eb093bc31282285cbf864d8d610ba8d023fb6b014fd41c489c85904b7590b7105a48504b672043b07ddb87999fea9d75d2a83db64302d800e6d3446e77c58d226f2771776b2084bf7c29e572918bdabe064296f432b2fcb9500db6bbfeb365705742db5277299c8da1222987d8acf2d26c9a6c9ee3a790440b8b97f58e6fa62e42099d475a898a13bb748a9b8f0755aba55b371b2132896df4943d29897cb672baefd833fcc797f5396f152480c078555bc467b780a33b622768265e7633b6330b2c28bbb1d4455d152280a4c14b28b5237c80828cc5773429abec520afc9baeb2801e0e80ab7f725bc3ec68198088006d18f6a6befc715df3e2cf87cc485de48fa690108f220bb5e9bb6edabe0063a03f7115ad60ab04da5936ba35ad249138a33eb2825bfb148bff6c88d0d00fbb240f0496109c38041c971729c5883e4755fc34afa79a89b76246ff640d29a764e7e524662393294a6de6244dba25cee5a8435933b7e2a4b7b0fc47b7078e278414465a7f29536f22341cbbf2a71db1a4810753b3b7463af5462d900fe3233da79488cd742831bb62f0e7433da1773c1ac6e4d30eeb5384b3115f39b153f93528286925672583dcdc8aa54b9c558758358a46f3bb5534a3264a02a2db321c897868012407909520ca966ea6680eee8732a84a58b3093f8d60b782c6c3b615575a92b324689e33d25f0f4b9b7796232c940cc4547851c71bcdbc9f83ca093ac31f81f14a70933a5f31bb2e21379b8a2adbc34a4b68031dd556ec305cda201eeb8948d07b21564593c3c7b221aa22a5522a6a3190d7868ca8e853a18c39dfecb7e09b1fe57128fe838b6be82f4fa139e0e96d5ba175c6f895d2a105a9549261cc6bb62b4a177830d5795dd1311ed6ec184fac1a3e4b8128d91b68932b16cc7c19391dcc299f18021272d53cf8aa2b543c18dbd504dc305a052599fc3a6033878bd5568801d91b0147828e0525a92262ddcc9ed5e2cbfcb77e0597be7f013ec22300fcb685cae404c226732a5b5a2a9587d8a83fcba1867aaa306b9b4bf8a8b847e16cc9ac402d329850877e78822510c3410870436106cc4d3661dbe18ea50a7cd68b68b0c247096654e2f76b6c7883454a164b64505fc70bfe9a0105729ada6207f1320551a54e4a6576c13b816855862b9ba12364c0ce460cbce58b10739c2349cef356635c50122082212cd3a0c8422ebf1c9d44513686d9cf3532bcef21c5c6ebb22818567ff25309d392aa225390313b5c5111f432b67a15396c02ac32728f079b37777acd7e538e4c02b4fc009ee6c75237156e35463dd6896bb7a9b430632ae55b4208477af249359dd86649573d34680d8c34af30378842e4c33bb98630684b70d0c0232104302c3b7dab6653c83f877c6724b747c7b89719607a30266cae3f3d17cff751507ad6aa6fdea19b4bc909389cce3be4d488ab7735964a0783"
                    },
                    {
                        "X25519 (29)": "dee357a78c1a1cf9b15f11203702be3aab151d156146e1ad860bdbeffab8a168"
                    }
                ]
            },
            {
                "name": "application_settings (17513)",
                "protocols": [
                    "h2"
                ]
            },
            {
                "name": "extensionRenegotiationInfo (boringssl) (65281)",
                "data": "00"
            },
            {
                "name": "psk_key_exchange_modes (45)",
                "PSK_Key_Exchange_Mode": "PSK with (EC)DHE key establishment (psk_dhe_ke) (1)"
            },
            {
                "name": "ec_point_formats (11)",
                "elliptic_curves_point_formats": [
                    "0x00"
                ]
            },
            {
                "name": "server_name (0)",
                "server_name": "tls.peet.ws"
            },
            {
                "name": "TLS_GREASE (0xeaea)"
            }
        ],
        "tls_version_record": "771",
        "tls_version_negotiated": "772",
        "ja3": "771,4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53,16-10-23-27-18-35-65037-43-13-5-51-17513-65281-45-11-0,25497-29-23-24,0",
        "ja3_hash": "9d13c152cdea3214616e27c1d4a4252d",
        "ja4": "t13d1516h2_8daaf6152771_b1ff8ab2d16f",
        "peetprint": "GREASE-772-771|2-1.1|GREASE-25497-29-23-24|1027-2052-1025-1283-2053-1281-2054-1537|1|2|GREASE-4865-4866-4867-49195-49199-49196-49200-52393-52392-49171-49172-156-157-47-53|0-10-11-13-16-17513-18-23-27-35-43-45-5-51-65037-65281-GREASE-GREASE",
        "peetprint_hash": "b8ce945a4d9a7a9b5b6132e3658fe033",
        "client_random": "679c6a7553b5fd4efe323308c3aeeeb78b0fe8b9fff27be8fb7bb655bedd0388",
        "session_id": "cb131929869cfe4342bd49da898d05a6e3298b26520f5b15f61fee0630deefa4"
    },
    "http2": {
        "akamai_fingerprint": "1:65536,2:0,4:6291456,6:262144|15663105|0|m,a,s,p",
        "akamai_fingerprint_hash": "90224459f8bf70b7d0a8797eb916dbc9",
        "sent_frames": [
            {
                "frame_type": "SETTINGS",
                "length": 24,
                "settings": [
                    "HEADER_TABLE_SIZE = 65536",
                    "ENABLE_PUSH = 0",
                    "INITIAL_WINDOW_SIZE = 6291456",
                    "MAX_HEADER_LIST_SIZE = 262144"
                ]
            },
            {
                "frame_type": "WINDOW_UPDATE",
                "length": 4,
                "increment": 15663105
            },
            {
                "frame_type": "HEADERS",
                "stream_id": 1,
                "length": 458,
                "headers": [
                    ":method: GET",
                    ":authority: tls.peet.ws",
                    ":scheme: https",
                    ":path: /api/all",
                    "sec-ch-ua: \\\"Not/A)Brand\\\";v=\\\"8\\\", \\\"Chromium\\\";v=\\\"126\\\", \\\"Google Chrome\\\";v=\\\"126\\",
                    "sec-ch-ua-mobile: ?0",
                    "sec-ch-ua-platform: \\\"Windows\\",
                    "upgrade-insecure-requests: 1",
                    "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36",
                    "accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
                    "sec-fetch-site: none",
                    "sec-fetch-mode: navigate",
                    "sec-fetch-user: ?1",
                    "sec-fetch-dest: document",
                    "accept-encoding: gzip, deflate, br, zstd",
                    "accept-language: en-US,en;q=0.9",
                    "priority: u=0, i"
                ],
                "flags": [
                    "EndStream (0x1)",
                    "EndHeaders (0x4)",
                    "Priority (0x20)"
                ],
                "priority": {
                    "weight": 256,
                    "depends_on": 0,
                    "exclusive": 1
                }
            }
        ]
    },
    "tcpip": {
        "cap_length": 439,
        "dst_port": 443,
        "src_port": 61957,
        "ip": {
            "id": 25339,
            "ttl": 115,
            "ip_version": 4,
            "dst_ip": "205.185.123.167",
        },
        "tcp": {
            "ack": 661932003,
            "checksum": 5539,
            "seq": 1026892287,
            "window": 514
        }
    }
}