Successfully connected
TLS 1.3 OK; HelloRetryRequest used;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0101
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1303 (TLS_CHACHA20_POLY1305_SHA256)
Key exchange: 0x0101 (ffdhe3072)
(Handshake level)
Handshake secrets:
Client: 0x454D81B3DC465CBF70923A39813928A8236C699C97C018E06805073326E2D837
Server: 0x7362EE7C5C66B4E6FC813BD104B38B02076A68B6F0030633D055542054A4DAA1
Handshake keys:
Client write: 0xAF79D088035E93726EC2162BA395967818B7C1B0988E4A36A80E5CA0AC89A1F4
Server write: 0xC90679348B0FA3CDB1B2F96490785233DB58BBB6132D715C268F8CA590C08CD8
Handshake IVs:
Client write (IV): 0xEDF32D0DB3E8F6853451BE66
Server write (IV): 0x0E4E49F0FA012F60A4A698D4
(Traffic level)
Traffic secrets:
Client: 0xD49B0FE154179B1C9847EDB8DBD6EC85816F8E380DB0888AA19E095CE2FA7B5D
Server: 0x8FEE58FE1D29BCC20953ED8C204A47FB88997B3F5CDAE03B476AE33658F82230
Traffic keys:
Client write: 0x9C9624F0F5E2073D6193C1BC7B4C274CA19C9A25F067CAE55F43334E8284E0EF
Server write: 0x98AC54DA0B7387B4AD6E9C2F3A972582AF173103756DE98492B9BEC0FAB1FE7E
Traffic base IVs:
Client write (base IV): 0x3D54E445359FC443F8E774FD
Server write (base IV): 0xE179BBD70036D45CCB71990C
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xCCA8
0xC02F,0xC014,0xC013,0x009D,0x009C,0x0035,0x002F
Client Random: 40:82:DB:75:F6:F2:F3:AB:96:47:71:63:29:23:14:65:AD:25:66:A5:9E:98:62:3D:D8:BA:DB:68:02:4D:EC:1E
Client SessionID: D3:8F:66:AA:52:BF:5F:14:EA:2C:57:ED:04:63:3B:E7:6C:2B:3E:03:A6:FD:50:A3:23:FF:A0:3E:9A:B0:45:E3
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
0x0403 (ECDSA_SECP256R1_SHA256)
0x0503 (ECDSA_SECP384R1_SHA384)
0x0603 (ECDSA_SECP521R1_SHA512)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0809 (RSA_PSS_PSS_SHA256)
0x080A (RSA_PSS_PSS_SHA384)
0x080B (RSA_PSS_PSS_SHA512)
0x0401 (RSA_PKCS1_SHA256)
0x0501 (RSA_PKCS1_SHA384)
0x0601 (RSA_PKCS1_SHA512)
0x0402 _unknown_
0x0303 _unknown_
0x0301 _unknown_
0x0302 _unknown_
0x0203 (ECDSA_SHA1)
0x0201 (RSA_PKCS1_SHA1)
0x0202 _unknown_
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0xBD49D891BB3B87F93B704C0347F2112CEC6B2416A97FD2EBFF06A7153641E237
Type: 65281 (0xFF01); /non-TLS-1.3/
00
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1303 (TLS_CHACHA20_POLY1305_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: D3:8F:66:AA:52:BF:5F:14:EA:2C:57:ED:04:63:3B:E7:6C:2B:3E:03:A6:FD:50:A3:23:FF:A0:3E:9A:B0:45:E3
Extensions:
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xCCA8
0xC02F,0xC014,0xC013,0x009D,0x009C,0x0035,0x002F
Client Random: 40:82:DB:75:F6:F2:F3:AB:96:47:71:63:29:23:14:65:AD:25:66:A5:9E:98:62:3D:D8:BA:DB:68:02:4D:EC:1E
Client SessionID: D3:8F:66:AA:52:BF:5F:14:EA:2C:57:ED:04:63:3B:E7:6C:2B:3E:03:A6:FD:50:A3:23:FF:A0:3E:9A:B0:45:E3
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
0x0403 (ECDSA_SECP256R1_SHA256)
0x0503 (ECDSA_SECP384R1_SHA384)
0x0603 (ECDSA_SECP521R1_SHA512)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0809 (RSA_PSS_PSS_SHA256)
0x080A (RSA_PSS_PSS_SHA384)
0x080B (RSA_PSS_PSS_SHA512)
0x0401 (RSA_PKCS1_SHA256)
0x0501 (RSA_PKCS1_SHA384)
0x0601 (RSA_PKCS1_SHA512)
0x0402 _unknown_
0x0303 _unknown_
0x0301 _unknown_
0x0302 _unknown_
0x0203 (ECDSA_SHA1)
0x0201 (RSA_PKCS1_SHA1)
0x0202 _unknown_
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Len (octets, dec.): 384
Key:
44:C8:05:01:80:8C:15:F1:32:6C:21:0A:1B:C4:6C:DE:13:BE:B0:AB:48:93:8A:2D:5B:45:A6:D5:A5:D9:5E:7F:6B
61:33:71:5B:5D:9D:2C:0F:AD:73:B6:73:E9:2E:8C:52:75:EA:1F:61:75:E7:47:BC:76:1E:31:7E:04:C3:41:F5:6B
DF:0F:2F:67:C9:67:A5:6C:A4:EC:30:60:20:B2:F5:75:94:C5:4A:2D:16:9E:AC:F2:F6:C5:BF:1E:EC:26:3E:39:E3
D0:A4:02:9A:C7:D3:06:34:D0:28:C0:F8:93:9C:34:DC:9E:ED:EE:84:9D:EF:4B:EF:1B:29:4C:AB:E3:94:E2:3F:90
8A:D0:46:CE:7D:EE:A0:24:EC:75:BD:D3:CF:B0:60:8B:02:63:72:A3:E7:85:16:06:17:DA:D0:E4:AE:22:29:EB:67
CA:17:4C:5F:3B:C3:5E:DE:80:68:6C:F1:B8:AE:E0:72:84:0A:8C:63:36:CE:1C:8F:17:C4:65:D6:9E:AF:C6:0D:F8
00:36:18:91:F9:29:BF:A1:D8:3F:DC:BE:7E:24:E8:7B:1C:59:98:47:95:8F:D9:24:F6:C5:21:7A:D6:75:5C:6C:33
49:DA:A6:8C:5F:22:A6:22:46:60:0B:B6:6F:24:AB:E6:40:95:54:11:81:EE:39:77:24:E4:9D:0A:22:F1:F8:FC:3A
4E:55:3E:D0:A4:E5:94:A3:0D:A5:AC:37:A1:A1:ED:94:4A:EA:09:C2:9F:23:E7:C7:23:F3:57:6F:28:5F:FC:FC:44
6A:AF:2B:D3:7B:5C:C4:FE:CF:C2:49:CD:C8:9D:2D:A5:21:60:72:74:7D:16:6F:7B:35:E7:01:80:4C:DD:44:29:19
CB:27:8D:FB:31:FA:D5:09:6A:C6:84:0F:8D:EB:F3:04:24:BB:80:04:35:32:BB:1E:4F:D2:4E:7D:1B:20:E9:91:1E
DC:0C:6D:0A:F6:39:82:48:A9:7C:8E:27:28:D0:4E:CD:B7:81:B4:45:9B
Type: 65281 (0xFF01); /non-TLS-1.3/
00
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1303 (TLS_CHACHA20_POLY1305_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: D3:8F:66:AA:52:BF:5F:14:EA:2C:57:ED:04:63:3B:E7:6C:2B:3E:03:A6:FD:50:A3:23:FF:A0:3E:9A:B0:45:E3
Extensions:
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Len (octets, dec.): 384
Key:
4F:24:C0:64:3B:37:B7:7A:0F:14:C1:75:0F:2D:31:D1:3E:83:1B:36:AC:D4:A5:0D:3C:99:A8:57:23:D6:4F:1D:60
D0:1F:7E:C7:57:E3:E0:AC:FA:C6:7B:0E:47:D7:9B:37:63:CC:D8:9A:96:72:5A:6B:C0:50:5E:F7:60:52:42:69:06
E7:93:D0:1B:07:8E:0C:23:E5:78:B9:6B:AA:F7:19:B1:AB:9D:F3:C2:56:0C:F6:9C:11:BC:A1:48:7E:1D:3A:CF:3B
0C:15:32:25:23:69:BF:DA:74:31:3F:7E:4C:78:F8:31:90:E7:30:6F:6E:FC:D4:CA:B8:52:A6:A0:59:16:9D:67:7E
17:F5:09:83:E4:70:05:0B:E5:9E:9E:01:C7:B6:A1:A1:A7:33:50:8D:1E:06:63:2C:51:84:37:94:97:7F:BD:D8:1F
DD:81:B5:53:A5:BB:F8:0F:7F:56:FC:8D:1E:7C:EC:E1:2A:6F:EB:8E:A8:CF:50:0D:47:9F:FE:69:89:D5:79:8B:5F
5B:8D:BE:A5:01:20:8F:BD:22:96:E6:23:FC:6D:2D:55:CD:83:B7:1C:D8:92:09:40:83:9F:18:70:30:15:9E:96:76
BE:92:C2:36:A9:2F:07:9E:9A:36:5C:15:04:0B:58:64:C9:27:F3:E2:EA:C6:FF:2C:D8:07:81:8C:5C:97:38:AD:E6
83:4B:47:C8:5B:0A:31:45:7D:A1:48:13:2C:23:81:F3:A9:B1:16:65:84:66:93:72:81:09:9E:2E:D9:5F:55:F5:DC
E1:CD:09:24:86:C2:BE:69:C6:78:3F:B4:5A:B7:46:6A:44:E4:0D:0F:F4:FD:29:11:A6:7A:D5:4A:44:B0:80:BC:8B
7C:9F:50:75:C7:51:5E:88:C8:65:D0:C5:A1:02:AF:C4:D5:1B:2C:AE:2A:E3:A8:E8:51:EC:CD:8F:63:1E:3B:38:D1
D3:8B:ED:28:8C:FB:15:5A:D3:0E:9A:85:80:3C:FC:C2:24:46:89:03:87
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3887
[...] /skipped 3887 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 108
05:03:00:68:30:66:02:31:00:FB:FB:FE:8E:13:17:93:65:E8:79:77:04:90:B2:B8:07:DC:8E:50:19:B6:AC:08
FD:41:DF:CD:09:DA:63:B0:5E:F4:8A:07:F2:8C:04:DE:86:D0:6D:59:9A:DC:7A:61:F8:02:31:00:E5:CA:FB:96
CB:0C:9E:42:67:F1:01:9F:B4:9B:65:BE:91:30:0F:A3:05:23:4B:66:CF:3C:98:22:AE:F1:6D:50:A7:8C:40:F8
4F:40:47:1F:72:30:83:DA:46:77:7C:84
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
24:28:83:2A:D4:DA:D8:04:14:70:2D:BA:04:31:89:19:05:19:DA:91:06:80:32:D6:57:DB:7B:B3:B4:FB:3F:CF
[Legacy ChangeCipherSpec message present (client)]
CLIENT_FINISHED (received)
Finished value: 0xA2060BC31BCEFFD1746AF13B596ECC58ADCC8F021AC3F19C80BCF72D7E3A8AE8
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..User-Agent: CCBot/2.0 (https://commoncrawl.org/f
aq/)..Accept: text/html,application/xhtml+xml,application/xml;q=
0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..If-Modified-Sinc
e: Thu, 20 Mar 2025 04:55:13 GMT..Accept-Encoding: br,gzip..Host
: tls13.1d.pw..Connection: Keep-Alive....
TCP: server: 194.87.103.72:443; client: 18.97.14.85:46850; timestamp: 1744946624
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 487ms; ServerHello sent: 160ms (including HelloRetryRequest time); TLS connection established: 487ms.