19e9c51f437497b4

Seen (all time)
(past week)
10M times (0.02%)
805K times (0.13%)
Rank (all time)
(past week)
325 / 698711
73 / 24921
TLS VersionTLS 1.0
Handshake VersionTLS 1.2
Cipher Suites
exact match
GREASE (0x0a0a)
TLS_CHACHA20_POLY1305_SHA256 (0x1303)
TLS_AES_128_GCM_SHA256 (0x1301)
TLS_AES_256_GCM_SHA384 (0x1302)
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca9)
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcca8)
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
Compression Methodsnull (0x00)
Extensions
exact match
GREASE (0x0a0a)
server_name (0x0000)
extended_master_secret (0x0017)
renegotiation_info (0xff01)
supported_groups (0x000a)
ec_point_formats (0x000b)
SessionTicket TLS (0x0023)
application_layer_protocol_negotiation (0x0010)
status_request (0x0005)
signature_algorithms (0x000d)
signed_certificate_timestamp (0x0012)
key_share (0x0033)
psk_key_exchange_modes (0x002d)
supported_versions (0x002b)
compressed_certificate (0x001b)
GREASE (0x0a0a)
pre_shared_key (0x0029)
Supported Groups
exact match
GREASE (0x0a0a)
x25519 (0x001d)
secp256r1 (0x0017)
secp384r1 (0x0018)
Signature Algorithmsecdsa_secp256r1_sha256 (0x0403)
rsa_pss_rsae_sha256 (0x0804)
rsa_pkcs1_sha256 (0x0401)
ecdsa_secp384r1_sha384 (0x0503)
rsa_pss_rsae_sha384 (0x0805)
rsa_pkcs1_sha384 (0x0501)
rsa_pss_rsae_sha512 (0x0806)
rsa_pkcs1_sha512 (0x0601)
EC Point Formatsuncompressed (0x00)
ALPNh2
http/1.1
Key Share GREASE (0x0a0a) - 1-byte key
x25519 (0x001d) - 32-byte key
PSK Key Exchange Modes psk_dhe_ke (0x01)
Supported Versions
exact match
GREASE (0x0a0a)
TLS 1.3 (0x0304)
TLS 1.2 (0x0303)
TLS 1.1 (0x0302)
TLS 1.0 (0x0301)
Certificate Compression Algorithms brotli (0x0002)
Record Size Limit
nid1867240258588153780
Cluster Cluster #3
58 fingerprints, comprising 42.2% of connections
Related cab2baf994ded9c9 (compare) Seen 13278052 times (0.03%)
5182ad5b8f7636ed (compare) Seen 53800 times (0.00%)
110b387731d3d91b (compare) Seen 218132 times (0.00%)
f708e72daadefd78 (compare) Seen 227309 times (0.00%)
e666bf5b327d4391 (compare) Seen 55125 times (0.00%)
a766e3e00d611ed2 (compare) Seen 16280 times (0.00%)
9c3809d8d43dcaa9 (compare) Seen 950979 times (0.00%)
5408690af1e08199 (compare) Seen 37340979 times (0.08%)
0488a56cc3e2ad6d (compare) Seen 102370 times (0.00%)
28c7e0b0874a4031 (compare) Seen 13458 times (0.00%)
9c673fd64a32c8dc (compare) Seen 179143257 times (0.38%)
Labels
uTLS generated code
// import tls "github.com/refraction-networking/utls"
tcpConn, err := net.Dial("tcp", "tlsfingerprint.io:443")
if err != nil {
	fmt.Printf("net.Dial() failed: %+v\n", err)
	return
}

config := tls.Config{ServerName: "tlsfingerprint.io"}
// This fingerprint includes feature(s), not fully supported by TLS.
// uTLS client with this fingerprint will only be able to to talk to servers,
// that also do not support those features. 
tlsConn := tls.Client(tcpConn, &tlsConfig, utls.HelloCustom)
clientHelloSpec := tls.ClientHelloSpec {
	CipherSuites: []uint16{
		tls.GREASE_PLACEHOLDER,
		tls.TLS_CHACHA20_POLY1305_SHA256,
		tls.TLS_AES_128_GCM_SHA256,
		tls.TLS_AES_256_GCM_SHA384,
		tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
		tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
		tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
		tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
		tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
		tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
		tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
		tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
		tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
		tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
		tls.TLS_RSA_WITH_AES_128_CBC_SHA,
		tls.TLS_RSA_WITH_AES_256_CBC_SHA,
	},
	CompressionMethods: []byte{
		0x00, // compressionNone
	},
	Extensions: []tls.TLSExtension{
		&tls.UtlsGREASEExtension{},
		&tls.SNIExtension{},
		&tls.UtlsExtendedMasterSecretExtension{},
		&tls.RenegotiationInfoExtension{renegotiation: tls.RenegotiateOnceAsClient},
		&tls.SupportedCurvesExtension{[]tls.CurveID{
			tls.CurveID(tls.GREASE_PLACEHOLDER),
			tls.X25519,
			tls.CurveP256,
			tls.CurveP384,
		}},
		&tls.SupportedPointsExtension{SupportedPoints: []byte{
			0x00, // pointFormatUncompressed
		}},
		&tls.SessionTicketExtension{},
		&tls.ALPNExtension{AlpnProtocols: []string{"h2","http/1.1"}},
		&tls.StatusRequestExtension{},
		&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []SignatureScheme{
			tls.ECDSAWithP256AndSHA256,
			tls.PSSWithSHA256,
			tls.PKCS1WithSHA256,
			tls.ECDSAWithP384AndSHA384,
			tls.PSSWithSHA384,
			tls.PKCS1WithSHA384,
			tls.PSSWithSHA512,
			tls.PKCS1WithSHA512,
		},},
		&tls.SCTExtension{},
		&tls.KeyShareExtension{[]tls.KeyShare{
			{Group: tls.CurveID(tls.GREASE_PLACEHOLDER), Data: []byte{0}},
			{Group: tls.X25519},
		}},
		&tls.PSKKeyExchangeModesExtension{[]uint8{
			tls.PskModeDHE,
		}},
		&tls.SupportedVersionsExtension{[]uint16{
			tls.GREASE_PLACEHOLDER,
			tls.VersionTLS13,
			tls.VersionTLS12,
			tls.VersionTLS11,
			tls.VersionTLS10,
		}},
		&tls.FakeCertCompressionAlgsExtension{[]tls.CertCompressionAlgo{
			tls.CertCompressionBrotli,
		}},
		&tls.UtlsGREASEExtension{},
		&tls.GenericExtension {id: 0x0029}, // WARNING: UNKNOWN EXTENSION, USE AT YOUR OWN RISK
	},
}
tlsConn.ApplyPreset(clientHelloSpec)
        
n, err = tlsConn.Write("Hello, World!")
// or tlsConn.Handshake() for better control

Times seen (per hour)

Percent seen (24 hour averaged)

User Agents