Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.2-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, X25519Kyber768, P256Kyber768, P384Kyber768, ECDHE, FFDHE, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0018
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0018 (Secp384r1)
(Handshake level)
Handshake secrets:
Client: 0xCC9139803FBFD5B43FC1A5B908AC53F61C231DA4D21266F1430056CDCAA7A2AD
Server: 0x02BCD4B43CBEDBE03DC3A14686BE3D16B081AA0B293BE2975763038C1495084C
Handshake keys:
Client write: 0x807DCC95A062DE70C88FF01F4BEB4655
Server write: 0xD8F49BCAE9E63B07A085267BCBE3B385
Handshake IVs:
Client write (IV): 0x20AF6184921ECC2AFB68458F
Server write (IV): 0x293D40BCEC4C35DE7F77EC43
(Traffic level)
Traffic secrets:
Client: 0x6A4F7FF68DFF5284570092866607E5937CAB5CE1444A467979DBCE72680E009C
Server: 0xBFFEDE7FC4104EA034B41A461CFD072C3ED96A395F7F0BC588713E3EBA4D2483
KeyUpdates log, server:
0: 0x81A2FC0BD7D0A7BDAB751E670057E61F68DA481D3B8BB51F3C1E960B8F8AA3C3
Traffic keys:
Client write: 0xDA8B370EF6703FDA90E24ED8135D9654
Server write: 0x39E3B2F3721217DD2836AE5CC5BB8967
KeyUpdates log, server:
0: 0x060521C5656DB940BE9D785B4A604165
Traffic base IVs:
Client write (base IV): 0x0CCE2BA98F946D20DE82A12D
Server write (base IV): 0x3A4E063FBF3308825B7647C9
KeyUpdates log, server:
0: 0x99ABDF6306BFC8E3346BADB6
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: FC:B6:40:51:D2:74:8F:76:2F:BE:0B:01:85:3B:85:32:D6:C6:09:BE:F5:C0:85:97:75:7A:10:2D:C3:A5:05:DD
Client SessionID: 13:A4:1E:96:22:01:71:2F:0B:17:93:D9:61:02:6D:F0:B0:73:65:EF:19:2F:42:A0:30:15:70:CA:71:AE:47:6C
Extensions:
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 35 (0x0023); /non-TLS-1.3/
Type: 23 (0x0017); /non-TLS-1.3/
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0x0A94CAD4E1F7208203F47AB8755AD8D462BF1A32383C3B857AF938C44DFEC61C
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: 13:A4:1E:96:22:01:71:2F:0B:17:93:D9:61:02:6D:F0:B0:73:65:EF:19:2F:42:A0:30:15:70:CA:71:AE:47:6C
Extensions:
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
[Legacy ChangeCipherSpec message present (client)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: FC:B6:40:51:D2:74:8F:76:2F:BE:0B:01:85:3B:85:32:D6:C6:09:BE:F5:C0:85:97:75:7A:10:2D:C3:A5:05:DD
Client SessionID: 13:A4:1E:96:22:01:71:2F:0B:17:93:D9:61:02:6D:F0:B0:73:65:EF:19:2F:42:A0:30:15:70:CA:71:AE:47:6C
Extensions:
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 35 (0x0023); /non-TLS-1.3/
Type: 23 (0x0017); /non-TLS-1.3/
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
x = 0x5A0F26BA0C1F7BED60FFA85301BA190542FAA94D11CCB9DB32C57EE3463C3CBB81FFB0E1E1A97F8307E25211709A346B
y = 0x2EF27317FC385C8FB085CB7DCF2351F415DAA36FDF7E79048DC3B124972D1DB1D0A8A2A405EA06BEB936286597D02622
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: 13:A4:1E:96:22:01:71:2F:0B:17:93:D9:61:02:6D:F0:B0:73:65:EF:19:2F:42:A0:30:15:70:CA:71:AE:47:6C
Extensions:
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
x = 0x884DFC0FE9602539133D59E3779E9DE8644D3532211C1061EFD16D15BE349D6723496325775E87CF3D396F1C02FCC5CF
y = 0x063315C18E34D26B9085A96A495F17B8557DB379DB6ABED0788C60417FCE917ADD8976BB955D9E7E1B1CC6C06F577280
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 4190
[...] /skipped 4190 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 106
05:03:00:66:30:64:02:30:67:BC:6A:BE:5D:A1:26:47:06:F8:34:62:06:10:9E:66:B7:DB:F6:24:F9:8D:E6:DE
39:58:FF:7C:F8:77:1E:54:25:A7:65:3F:EE:48:1C:3A:32:FB:DA:B7:8E:59:96:AA:02:30:0A:71:BB:E6:39:89
8C:9C:41:B9:28:6C:5D:F3:DE:C1:74:28:15:78:F1:5D:44:A9:8E:A7:51:EB:F1:0E:F3:19:5B:F7:73:2E:D8:3E
14:D6:38:0F:20:33:27:98:27:2D
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
1F:43:9F:4B:FD:DF:67:DC:1B:C7:31:92:FB:D6:94:25:58:F6:70:BB:C3:F8:97:3C:62:04:79:C2:75:70:16:05
CLIENT_FINISHED (received)
Finished value: 0xBEEA591CD3F1F5428CA54E68374FB3D721BE538C3088575DEDFB3C0950C94ECC
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..accept: */*..user-agent: Mozilla/5.0 AppleWebKit
/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebo
t@anthropic.com)..accept-encoding: gzip, br, zstd, deflate..host
: tls13.1d.pw....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.109.56:443; client: 3.144.96.66:6094; timestamp: 1722075385
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 243ms; ServerHello sent: 121ms (including HelloRetryRequest time); TLS connection established: 242ms.