Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0018
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0018 (Secp384r1)
(Handshake level)
Handshake secrets:
Client: 0xCB211CD455D8871667FA85B664C9852BC858902C9E9BEBB253A05E011C741E04
Server: 0xAB970E001193735A22E29F10854FA68E53306CA833067334F9489F2631FC769D
Handshake keys:
Client write: 0x89374CBB20EC12DE4E24EA014C56A850
Server write: 0x3DE23FBE4D455BD2605D8ED18BFA705D
Handshake IVs:
Client write (IV): 0xBCB28BA8E74E1E946EFC2D25
Server write (IV): 0xB79F74DB4369E957962CA87A
(Traffic level)
Traffic secrets:
Client: 0x8CAB293B89AA824A3A5DBDC996D516CE060B97D9296D1B53DA15A3511788178F
Server: 0x24C1EF345F8C0B9C957E6C0E0805D058D02C590086C9AA0E8AB3845F71672488
KeyUpdates log, server:
0: 0x81ED7BD955067216CD94A2F7ABE9A0AFA38ADA4D982798B34F7189F872ADF523
Traffic keys:
Client write: 0x61BADCC7BC6E9E1013D1D2F157B50E22
Server write: 0x4ACCA4E4DD77CC57260987D67B28AE4D
KeyUpdates log, server:
0: 0xC69E8A571F2822E2A64B7854A9C76C50
Traffic base IVs:
Client write (base IV): 0x9F3F8DA6B01D2D3AD19A0EA9
Server write (base IV): 0x95C44669BEF351A926CFF60D
KeyUpdates log, server:
0: 0x1E266EB7632AE3175E094B60
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: 8F:74:14:DB:13:9C:4F:34:56:A0:25:BD:1B:42:FA:CA:63:18:92:3B:2F:DC:60:A2:72:35:77:04:93:92:17:A5
Client SessionID: 0C:B8:02:16:76:1A:8E:82:7E:21:69:92:16:46:78:B7:F3:E9:3A:2E:20:7E:0F:4F:20:8F:2D:09:07:53:DD:F9
Extensions:
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 35 (0x0023); /non-TLS-1.3/
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0xEFCA0C0CC4F4DAAB568701CD6D595EE4DEC4308ED55977133BA7A5DE0EF64D67
Type: 23 (0x0017); /non-TLS-1.3/
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: 0C:B8:02:16:76:1A:8E:82:7E:21:69:92:16:46:78:B7:F3:E9:3A:2E:20:7E:0F:4F:20:8F:2D:09:07:53:DD:F9
Extensions:
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
[Legacy ChangeCipherSpec message present (client)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: 8F:74:14:DB:13:9C:4F:34:56:A0:25:BD:1B:42:FA:CA:63:18:92:3B:2F:DC:60:A2:72:35:77:04:93:92:17:A5
Client SessionID: 0C:B8:02:16:76:1A:8E:82:7E:21:69:92:16:46:78:B7:F3:E9:3A:2E:20:7E:0F:4F:20:8F:2D:09:07:53:DD:F9
Extensions:
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 35 (0x0023); /non-TLS-1.3/
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
x = 0xE15B098A042E58EB675354E05675E727E30B38CAA1DF1E80B4B9B7CF0EC5CA40E9BF7F0C9167424710596F273C15CA7D
y = 0xECAB4DEB9350294287866BF2BC5E65F1CDD4B56ACBDB3777E68324EF0AACABC6939FDF781BF960E46FCE96C3F9240009
Type: 23 (0x0017); /non-TLS-1.3/
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: 0C:B8:02:16:76:1A:8E:82:7E:21:69:92:16:46:78:B7:F3:E9:3A:2E:20:7E:0F:4F:20:8F:2D:09:07:53:DD:F9
Extensions:
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
x = 0x884DFC0FE9602539133D59E3779E9DE8644D3532211C1061EFD16D15BE349D6723496325775E87CF3D396F1C02FCC5CF
y = 0x063315C18E34D26B9085A96A495F17B8557DB379DB6ABED0788C60417FCE917ADD8976BB955D9E7E1B1CC6C06F577280
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3401
[...] /skipped 3401 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 107
05:03:00:67:30:65:02:30:34:FA:D3:38:68:A8:49:22:FE:31:D5:98:28:4C:1A:FF:1E:46:30:7D:80:98:A8:47
D2:8C:38:F0:FC:90:D0:9C:B9:CE:85:F1:A8:50:26:17:2B:13:CB:E1:A0:F1:A3:0F:02:31:00:92:6C:27:FB:2C
C3:3B:38:50:F1:54:02:12:81:6B:AE:20:23:8D:FB:7F:31:B0:A4:1E:CB:BF:7F:27:44:59:9D:7A:25:20:D9:56
CC:99:8D:FF:E5:AA:D8:8A:A0:8F:6F
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
5F:F8:21:89:BE:F1:78:E4:CE:DA:60:A3:A6:64:B0:18:1C:FD:8B:2D:C9:DD:C6:D3:2E:01:DD:83:7F:66:60:0C
CLIENT_FINISHED (received)
Finished value: 0xC8B9C96DEA85F82C16A40DA772699A656C3ED5010FB92E2FE53DA6EB301FD852
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..accept: */*..user-agent: Mozilla/5.0 AppleWebKit
/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebo
t@anthropic.com)..accept-encoding: gzip, br, zstd, deflate..host
: tls13.1d.pw....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 216.73.216.219:1208; timestamp: 1781052558
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 304ms; ServerHello sent: 153ms (including HelloRetryRequest time); TLS connection established: 303ms.