Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0017
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0017 (Secp256r1)
(Handshake level)
Handshake secrets:
Client: 0xF4912A0CABA9EBD6F6308E1C99B5A27481C44EADE9B86EF156E8FCD536D1D76A
Server: 0x4969039FAC974F1C69389D60F26F74C53693300FA42AACA7103371A1653F87CC
Handshake keys:
Client write: 0x30C3E8369884044B120C088BD3E07042
Server write: 0xB61E4779838A574FDBA6447E626547C1
Handshake IVs:
Client write (IV): 0x6A455B97771E2851A140149B
Server write (IV): 0x27FD49D852EA810067F9273C
(Traffic level)
Traffic secrets:
Client: 0x35A7E0F01887B0B1D32C74D4DF1527EADDA14DE9DA6989267901EDF9AE4B0928
Server: 0x806412E830E0C600293729FAE846A1B3986B0C1BB424A5961EC2F37ABD0575E9
KeyUpdates log, server:
0: 0x4F3E5D1FC74BA0EF2B248D5694D7A771B5F1541897B1776A15052116F8372B08
Traffic keys:
Client write: 0x314B91EFE8064FBA791BDD662E2B0237
Server write: 0xE5443DB39DB96B02427ABFEE28CE8FFE
KeyUpdates log, server:
0: 0x2A35A438E926409BD5CBF7953E19FD7C
Traffic base IVs:
Client write (base IV): 0x1EC872E4D77B342CF715C92E
Server write (base IV): 0x1BE3F93D9EC748B6B52C6B1D
KeyUpdates log, server:
0: 0xE1395F74653C65442F8D2C23
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: 4C:FB:0A:6F:63:05:AC:1D:AF:95:E8:DE:91:C0:E9:91:53:F7:55:C6:74:3A:22:99:52:F4:3F:8F:8F:9F:FF:A1
Client SessionID: EF:57:D7:B5:D5:A8:9E:F7:07:CA:72:C8:AC:30:9B:4A:9E:16:DD:41:AF:5F:E1:B7:59:19:EE:CB:B1:E9:73:3D
Extensions:
Type: 35 (0x0023); /non-TLS-1.3/
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 23 (0x0017); /non-TLS-1.3/
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0x31C5EC6D4F581ECBB3D2DEFAB22BA504D786EB4470CAB4ADE0E688CEB1A34163
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: EF:57:D7:B5:D5:A8:9E:F7:07:CA:72:C8:AC:30:9B:4A:9E:16:DD:41:AF:5F:E1:B7:59:19:EE:CB:B1:E9:73:3D
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
[Legacy ChangeCipherSpec message present (client)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: 4C:FB:0A:6F:63:05:AC:1D:AF:95:E8:DE:91:C0:E9:91:53:F7:55:C6:74:3A:22:99:52:F4:3F:8F:8F:9F:FF:A1
Client SessionID: EF:57:D7:B5:D5:A8:9E:F7:07:CA:72:C8:AC:30:9B:4A:9E:16:DD:41:AF:5F:E1:B7:59:19:EE:CB:B1:E9:73:3D
Extensions:
Type: 35 (0x0023); /non-TLS-1.3/
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 23 (0x0017); /non-TLS-1.3/
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0xA35046F26B236C10BF0A82F8572B9D494507540B5A5637AC2B290DB90C82822A
y = 0x64339D53EC3A60CF9CA3982F6CBAC7235B66C4461FE34FD2DA780E39C9AED0FE
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: EF:57:D7:B5:D5:A8:9E:F7:07:CA:72:C8:AC:30:9B:4A:9E:16:DD:41:AF:5F:E1:B7:59:19:EE:CB:B1:E9:73:3D
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0x1FADAC79156E08C8532CE88DF887273141ACE16E44E9C268CE496596F41B65FA
y = 0xF82394637B6ACF004AB253F956BD2CD6CA6C9AD8454BF1FBF281A6C54A93D99C
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3400
[...] /skipped 3400 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 107
05:03:00:67:30:65:02:31:00:82:DA:CD:83:40:37:48:F9:71:0E:5F:8E:FD:A1:8E:F6:CC:0A:E8:B7:28:D9:3C
BA:23:26:96:D6:F7:3B:83:EE:7E:B9:F1:BE:DA:01:64:EA:07:D7:91:54:9A:74:98:04:02:30:03:79:F6:F7:87
4C:CF:70:97:BB:35:37:66:8A:BC:52:9B:FA:7E:BD:CD:30:B2:29:2D:43:5F:0E:E3:AD:08:72:8D:6D:EE:1F:1A
91:69:60:31:8B:A8:ED:BA:0D:2C:D2
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
00:B2:99:A9:F3:36:CD:4C:2F:B9:EB:09:9E:39:31:07:A1:3F:0A:33:D5:47:D4:74:6D:B1:FB:72:60:59:4B:BF
CLIENT_FINISHED (received)
Finished value: 0x9F36B56343B0893518AC542190417C32F658CED559C0C69C37DF1D1DDF86BE96
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..accept: */*..user-agent: Mozilla/5.0 AppleWebKit
/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebo
t@anthropic.com)..accept-encoding: gzip, br, zstd, deflate..host
: tls13.1d.pw....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 216.73.217.53:52400; timestamp: 1780689237
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 332ms; ServerHello sent: 178ms (including HelloRetryRequest time); TLS connection established: 331ms.