Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0018
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0018 (Secp384r1)
(Handshake level)
Handshake secrets:
Client: 0xEB4469DF6E35FDCE86C49FD7D5E99341D410EB024FE37B980A881374D14002C8
Server: 0x5D013BD904EBCB3AA04494E1F3D2F2565B572C060146C1B19C0A426C56CA58E2
Handshake keys:
Client write: 0x8D9B9944BC3181EAC6F911BA19463F25
Server write: 0x20E892AE4D695B7033B225A4ADD51DB1
Handshake IVs:
Client write (IV): 0x7641F64BC3C7868994F57ACD
Server write (IV): 0x22E1CD94E305C58C98FA4424
(Traffic level)
Traffic secrets:
Client: 0x0BA5F52F34A08004C32D216DFCED68235EC75200528FEC92017057739CB71367
Server: 0x743B4B664633472FC6EB466C3A9A8B3E548B3A2C237E5F6C733EDF31D76C0D8C
KeyUpdates log, server:
0: 0xD73D42EE674FE1C1EF8D2B7AF3E041BC749CA2677931463E6910BCFEC891993F
Traffic keys:
Client write: 0x596CA71EA352B732A2F896F73A7B4C5C
Server write: 0xCECFA00516D6ADE1C88CC134A4609318
KeyUpdates log, server:
0: 0xD53BFA4AEE0BD18F19A44173DF9E901C
Traffic base IVs:
Client write (base IV): 0x39253381E98412A424A8F631
Server write (base IV): 0xC8E54595F8D1717347250929
KeyUpdates log, server:
0: 0x49EAC6AA9256367406930A24
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: 8B:DA:46:01:2A:03:DF:32:A1:A9:5D:56:27:02:31:BB:A1:4F:F8:1A:2B:C3:94:81:24:BB:2B:0C:53:A3:9D:B6
Client SessionID: 1B:6E:55:26:52:AF:A1:CE:80:F5:3A:9B:D6:63:5F:E5:41:9A:24:BD:D8:EB:A6:C9:D3:62:88:27:E7:8D:31:CA
Extensions:
Type: 23 (0x0017); /non-TLS-1.3/
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 35 (0x0023); /non-TLS-1.3/
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0x62E2226DB796160222F998E29D7F2E75A0F59BD51A2A1BFCFE104B8383497F7B
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: 1B:6E:55:26:52:AF:A1:CE:80:F5:3A:9B:D6:63:5F:E5:41:9A:24:BD:D8:EB:A6:C9:D3:62:88:27:E7:8D:31:CA
Extensions:
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
[Legacy ChangeCipherSpec message present (client)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: 8B:DA:46:01:2A:03:DF:32:A1:A9:5D:56:27:02:31:BB:A1:4F:F8:1A:2B:C3:94:81:24:BB:2B:0C:53:A3:9D:B6
Client SessionID: 1B:6E:55:26:52:AF:A1:CE:80:F5:3A:9B:D6:63:5F:E5:41:9A:24:BD:D8:EB:A6:C9:D3:62:88:27:E7:8D:31:CA
Extensions:
Type: 23 (0x0017); /non-TLS-1.3/
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 35 (0x0023); /non-TLS-1.3/
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
x = 0xD40B7E3851BAD5537863B3FD9E069A5360AA3082030AF88BF2EB4D0171DEACFB0592542B07C85A9ABAFCDE245E48EB14
y = 0x0AE8F0BD02C74470010E5B4BE3ACE308AD3EC1839C64D154AE4A85B9754DC11DE791E62CD6892776537287E0A5A278FA
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: 1B:6E:55:26:52:AF:A1:CE:80:F5:3A:9B:D6:63:5F:E5:41:9A:24:BD:D8:EB:A6:C9:D3:62:88:27:E7:8D:31:CA
Extensions:
Type: 51 (0x0033); "key_share"
Secp384r1 (0x0018)
x = 0x884DFC0FE9602539133D59E3779E9DE8644D3532211C1061EFD16D15BE349D6723496325775E87CF3D396F1C02FCC5CF
y = 0x063315C18E34D26B9085A96A495F17B8557DB379DB6ABED0788C60417FCE917ADD8976BB955D9E7E1B1CC6C06F577280
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3400
[...] /skipped 3400 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 107
05:03:00:67:30:65:02:31:00:A6:76:1A:0F:C6:68:86:44:E0:C3:E1:B7:59:0C:FE:31:89:49:92:FC:A3:20:45
9B:DB:84:4B:46:B8:30:CA:D0:C1:88:0C:55:0F:F7:CB:39:A3:CC:E8:08:1B:31:59:91:02:30:20:38:5E:8E:9C
31:7D:C7:BA:77:FA:09:2A:36:B8:10:A3:EA:A7:5F:12:EF:8D:6D:E5:71:37:42:A4:AE:30:42:63:F4:91:B9:0C
23:FC:B0:CC:1F:57:03:A1:01:20:5B
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
DD:20:7A:9C:50:75:08:37:DA:86:76:82:9D:73:D9:5C:14:69:2B:A9:BB:5D:69:16:DF:C4:3A:FD:15:09:4F:80
CLIENT_FINISHED (received)
Finished value: 0xFA790F1D42F72723E83338A0DEDAB36CA67A6DDBB9F45F2358FFDBC6B65A1069
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..accept: */*..user-agent: Mozilla/5.0 AppleWebKit
/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebo
t@anthropic.com)..accept-encoding: gzip, br, zstd, deflate..host
: tls13.1d.pw....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 216.73.217.131:2166; timestamp: 1783020991
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 310ms; ServerHello sent: 151ms (including HelloRetryRequest time); TLS connection established: 309ms.