Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0101
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0101 (ffdhe3072)
(Handshake level)
Handshake secrets:
Client: 0xF46024E50764C9EC6FD4ADC744DEABF5F72C0E2653AD759FB603434C89B86D20
Server: 0x41808DD63154827383ECF6DEB1523F0CE952407BDAB390F33CF03C49079D0F18
Handshake keys:
Client write: 0x13EE22B012B200D849AF248F8FCCD6F8
Server write: 0x682BDCA723FB1A15B34CD65199151011
Handshake IVs:
Client write (IV): 0x56F92C588AD7A62965D3C277
Server write (IV): 0xFBD72295EFA4FDE59B17CDC5
(Traffic level)
Traffic secrets:
Client: 0xBAE508937B46DFD8112558AE899CFFCD98FCC7BF09EACB8C8AB4C2505E5B124D
Server: 0xE6108C8CA48DE835038EBDF1D2AE668C8E29168A049407D11ABABD0E66BE13F9
KeyUpdates log, server:
0: 0xE8789176A3B27BE4CF59CEBD8FED8FCB4EE0F7F4720BB2F546E848B8D77C91F5
Traffic keys:
Client write: 0xC0FD8E64EC74E447D113A322EE9A8EAE
Server write: 0x93CD75D2F4A1064ADA6DE2E5B46EBF5A
KeyUpdates log, server:
0: 0xA539CC42E61DD35C31981C77B924802E
Traffic base IVs:
Client write (base IV): 0xE67DEE89A91FACF8D0A6C20C
Server write (base IV): 0xAFB11005BCB3C01F728B4E31
KeyUpdates log, server:
0: 0xBDF737D7B557FD4975095971
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1301,0x1302,0x1303,0xC02B,0xC02F,0xC02C,0xC030,0xCCA9
0xCCA8,0xC013,0xC014
Client Random: FB:9E:F5:E6:80:66:D3:80:41:0E:30:4A:86:7E:B1:88:71:D7:51:30:A9:A2:E8:05:AF:49:2B:3F:06:53:68:FD
Client SessionID: 5A:FD:E2:1F:1E:F3:53:84:97:F6:36:46:3B:9D:C5:D3:9B:DD:30:7B:85:B5:D9:CC:78:0F:35:03:D6:82:E7:72
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
0x0403 (ECDSA_SECP256R1_SHA256)
0x0503 (ECDSA_SECP384R1_SHA384)
0x0603 (ECDSA_SECP521R1_SHA512)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0809 (RSA_PSS_PSS_SHA256)
0x080A (RSA_PSS_PSS_SHA384)
0x080B (RSA_PSS_PSS_SHA512)
0x0401 (RSA_PKCS1_SHA256)
0x0501 (RSA_PKCS1_SHA384)
0x0601 (RSA_PKCS1_SHA512)
0x0402 _unknown_
0x0303 _unknown_
0x0301 _unknown_
0x0302 _unknown_
0x0203 (ECDSA_SHA1)
0x0201 (RSA_PKCS1_SHA1)
0x0202 _unknown_
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0x02CE2C549BA1CE330DF999F9A54FB3B7CCB422F3F7695735ECB3811E97523863
Type: 65281 (0xFF01); /non-TLS-1.3/
00
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: 5A:FD:E2:1F:1E:F3:53:84:97:F6:36:46:3B:9D:C5:D3:9B:DD:30:7B:85:B5:D9:CC:78:0F:35:03:D6:82:E7:72
Extensions:
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1301,0x1302,0x1303,0xC02B,0xC02F,0xC02C,0xC030,0xCCA9
0xCCA8,0xC013,0xC014
Client Random: FB:9E:F5:E6:80:66:D3:80:41:0E:30:4A:86:7E:B1:88:71:D7:51:30:A9:A2:E8:05:AF:49:2B:3F:06:53:68:FD
Client SessionID: 5A:FD:E2:1F:1E:F3:53:84:97:F6:36:46:3B:9D:C5:D3:9B:DD:30:7B:85:B5:D9:CC:78:0F:35:03:D6:82:E7:72
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
0x0403 (ECDSA_SECP256R1_SHA256)
0x0503 (ECDSA_SECP384R1_SHA384)
0x0603 (ECDSA_SECP521R1_SHA512)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0809 (RSA_PSS_PSS_SHA256)
0x080A (RSA_PSS_PSS_SHA384)
0x080B (RSA_PSS_PSS_SHA512)
0x0401 (RSA_PKCS1_SHA256)
0x0501 (RSA_PKCS1_SHA384)
0x0601 (RSA_PKCS1_SHA512)
0x0402 _unknown_
0x0303 _unknown_
0x0301 _unknown_
0x0302 _unknown_
0x0203 (ECDSA_SHA1)
0x0201 (RSA_PKCS1_SHA1)
0x0202 _unknown_
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Len (octets, dec.): 384
Key:
29:CF:5E:A3:70:3F:18:91:FB:96:10:8B:E0:04:6D:32:2C:C1:6E:CA:E0:BA:A6:21:84:37:1E:72:15:CA:AD:63:2D
49:84:7F:08:41:D4:67:E3:4F:C0:EF:C2:86:F3:35:D1:D0:75:72:53:96:1F:53:4B:7D:1C:B3:57:F7:E8:EB:C8:09
57:62:5D:C5:43:A5:D0:27:82:6E:52:31:8D:64:B3:0B:FA:C9:40:10:90:02:DB:99:5C:E4:BA:48:FD:BA:FD:27:71
96:40:FF:03:35:1E:46:B4:20:E2:46:AE:31:4D:60:F9:0C:6A:4B:64:04:79:60:0B:E0:CE:86:04:6B:54:7D:8B:5A
89:1E:0B:92:3B:52:3E:00:8D:93:26:92:C9:D9:E8:F9:5C:41:B1:BA:CC:32:1E:08:F4:43:6A:D3:A9:8B:DD:F1:07
74:C6:6B:CA:00:19:91:53:22:21:4B:68:29:61:44:4A:A9:4E:4B:61:46:D7:9A:2F:03:6C:AF:AD:51:03:B7:60:60
9E:BA:E5:14:76:17:E1:3F:BB:CC:07:17:E4:BF:4F:0F:6B:9F:CE:07:BD:CE:72:12:66:31:6E:6A:47:A3:36:7A:12
E5:0F:D8:6C:11:C7:60:A7:69:EA:D7:C1:3B:79:AC:21:AD:7D:8C:D1:06:79:DD:65:7A:CD:FC:43:C1:42:41:E4:2E
B5:41:D6:3F:5F:92:47:80:FB:B6:A5:19:16:04:E1:9B:DA:AB:1C:F1:E7:99:BC:7F:42:8F:DA:8B:EE:93:48:14:80
B1:BE:58:A2:9D:75:32:CC:40:83:E0:D3:42:A0:FC:EF:2B:1A:30:5A:CB:62:11:1E:4B:B5:07:A4:DC:F3:C4:96:CD
C3:33:50:DF:81:D8:F5:83:FE:4F:C8:A1:4F:01:47:FD:D0:B7:23:99:B2:C7:C3:A2:9A:FB:99:AD:3F:DE:74:FC:C9
07:63:E5:9A:C4:C9:AD:34:4B:EF:6A:7D:A4:11:30:97:33:B5:D9:10:A9
Type: 65281 (0xFF01); /non-TLS-1.3/
00
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: 5A:FD:E2:1F:1E:F3:53:84:97:F6:36:46:3B:9D:C5:D3:9B:DD:30:7B:85:B5:D9:CC:78:0F:35:03:D6:82:E7:72
Extensions:
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Len (octets, dec.): 384
Key:
4F:24:C0:64:3B:37:B7:7A:0F:14:C1:75:0F:2D:31:D1:3E:83:1B:36:AC:D4:A5:0D:3C:99:A8:57:23:D6:4F:1D:60
D0:1F:7E:C7:57:E3:E0:AC:FA:C6:7B:0E:47:D7:9B:37:63:CC:D8:9A:96:72:5A:6B:C0:50:5E:F7:60:52:42:69:06
E7:93:D0:1B:07:8E:0C:23:E5:78:B9:6B:AA:F7:19:B1:AB:9D:F3:C2:56:0C:F6:9C:11:BC:A1:48:7E:1D:3A:CF:3B
0C:15:32:25:23:69:BF:DA:74:31:3F:7E:4C:78:F8:31:90:E7:30:6F:6E:FC:D4:CA:B8:52:A6:A0:59:16:9D:67:7E
17:F5:09:83:E4:70:05:0B:E5:9E:9E:01:C7:B6:A1:A1:A7:33:50:8D:1E:06:63:2C:51:84:37:94:97:7F:BD:D8:1F
DD:81:B5:53:A5:BB:F8:0F:7F:56:FC:8D:1E:7C:EC:E1:2A:6F:EB:8E:A8:CF:50:0D:47:9F:FE:69:89:D5:79:8B:5F
5B:8D:BE:A5:01:20:8F:BD:22:96:E6:23:FC:6D:2D:55:CD:83:B7:1C:D8:92:09:40:83:9F:18:70:30:15:9E:96:76
BE:92:C2:36:A9:2F:07:9E:9A:36:5C:15:04:0B:58:64:C9:27:F3:E2:EA:C6:FF:2C:D8:07:81:8C:5C:97:38:AD:E6
83:4B:47:C8:5B:0A:31:45:7D:A1:48:13:2C:23:81:F3:A9:B1:16:65:84:66:93:72:81:09:9E:2E:D9:5F:55:F5:DC
E1:CD:09:24:86:C2:BE:69:C6:78:3F:B4:5A:B7:46:6A:44:E4:0D:0F:F4:FD:29:11:A6:7A:D5:4A:44:B0:80:BC:8B
7C:9F:50:75:C7:51:5E:88:C8:65:D0:C5:A1:02:AF:C4:D5:1B:2C:AE:2A:E3:A8:E8:51:EC:CD:8F:63:1E:3B:38:D1
D3:8B:ED:28:8C:FB:15:5A:D3:0E:9A:85:80:3C:FC:C2:24:46:89:03:87
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3865
[...] /skipped 3865 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 106
05:03:00:66:30:64:02:30:2E:F2:39:52:94:3F:B2:BF:51:72:D8:17:70:F0:BB:CC:24:15:4B:E5:C3:0C:BA:C0
C2:94:0F:AF:31:26:E6:2A:EF:B3:C5:C9:37:44:CE:84:41:D9:17:5E:6D:7E:FD:E7:02:30:67:7D:BE:B0:8C:E4
81:72:51:8A:50:45:69:D6:8B:E1:A9:ED:1E:F3:83:1F:EB:7D:B0:46:28:02:38:94:78:7A:DF:43:AC:07:86:2A
B2:51:8D:25:59:38:30:79:24:BF
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
CE:CF:68:DA:4F:46:1D:1F:4C:2A:D1:00:DE:0D:ED:7A:34:94:21:D9:D6:8B:A5:5B:F5:77:60:A7:38:1D:0E:EA
[Legacy ChangeCipherSpec message present (client)]
CLIENT_FINISHED (received)
Finished value: 0x407FD13F9BA388633B84E71401B9202910BA68F0E189A17EB8610D887DBC201F
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..User-Agent: CCBot/2.0 (https://commoncrawl.org/f
aq/)..Accept: text/html,application/xhtml+xml,application/xml;q=
0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..If-Modified-Sinc
e: Sat, 07 Mar 2026 09:50:22 GMT..Accept-Encoding: zstd, br, gzi
p..Host: tls13.1d.pw..Connection: Keep-Alive....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 18.97.9.172:49896; timestamp: 1778863472
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 452ms; ServerHello sent: 147ms (including HelloRetryRequest time); TLS connection established: 451ms.