Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.23.2-n (This TLS-1.3-only server supports ESNI, HelloRetryRequest, KeyUpdate, X25519Kyber768/draft0, ECDHE, FFDHE, etc.) HelloRetryRequest used to (re)negotiate DH group First ClientHello, key shares: 0x001D Second ClientHello, key shares: 0x0017 CRYPTO_CONTEXT Protocol version: 0x0304 Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256) Key exchange: 0x0017 (Secp256r1) (Handshake level) Handshake secrets: Client: 0xC90AA059C34CE68AC169FA9EE392640839442634603BC8D805B4EC7D171640A5 Server: 0x690EE27DFADF7DB0E0598ECDBB2EC85B14BA301C45EC4995D2C8D884A4C87470 Handshake keys: Client write: 0x7609AD11BF7D38F8C0756E968AC26B4F Server write: 0x96EB58ABA0022867ADE7ABEBCDA7837C Handshake IVs: Client write (IV): 0x964F3851E0D2E3263FC1CA2F Server write (IV): 0x92F7F95DCF139101585FC67D (Traffic level) Traffic secrets: Client: 0x40B7694D759217C86A4379719F1C1701197FCE22D3348BAA269E8CD8C3FE5C1D Server: 0xC46B7966D7DD48A7485513F08884158451C91219D7148FA3C67C6E8A3E972CEF KeyUpdates log, server: 0: 0x25A78764C7DED0605E442280640477D04802D11E3A9668C01F1E791F6F0C02E2 Traffic keys: Client write: 0xA3EA07FD3CF3440C3690DCBE09EA8337 Server write: 0xC0590685F829461A81E2E044F14F2363 KeyUpdates log, server: 0: 0x6C43A218063F568CCCFAD280EE267BF0 Traffic base IVs: Client write (base IV): 0xBAE979EEB9995014E2723DDE Server write (base IV): 0x8C49F01092E742C34B7C16B6 KeyUpdates log, server: 0: 0x7F0AC972711EAB7E80BCF972 --- Messages --- CLIENT_HELLO (recieved) Version: 0x0303 Cipher suites: 0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xCCA8 0xC02F,0xC014,0xC013,0x009D,0x009C,0x0035,0x002F Client Random: 8D:BE:3F:F4:A9:82:2E:EF:FF:9C:EC:55:68:A3:5C:D1:11:7A:0D:74:F0:BD:6F:4C:52:4A:54:A8:4D:09:59:D4 Client SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A Extensions: Type: 00 (0x0000); "server_name" 00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77 hostname: tls13.1d.pw Type: 05 (0x0005); "status_request" 01:00:00:00:00 Type: 10 (0x000A); "supported_groups" 0x001D (X25519) 0x0017 (Secp256r1) 0x0018 (Secp384r1) 0x0019 (Secp521r1) 0x001E (X448) 0x0100 (ffdhe2048) 0x0101 (ffdhe3072) 0x0102 (ffdhe4096) 0x0103 (ffdhe6144) 0x0104 (ffdhe8192) Type: 11 (0x000B); /non-TLS-1.3/ 01:00 Type: 13 (0x000D); "signature_algorithms" 00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09 08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01 03:02:02:03:02:01:02:02 Type: 50 (0x0032); "signature_algorithms_cert" 00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09 08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01 03:02:02:03:02:01:02:02 Type: 16 (0x0010); "application_layer_protocol_negotiation" 00:09:08:68:74:74:70:2F:31:2E:31 Type: 17 (0x0011); /non-TLS-1.3/ 00:07:02:00:04:00:00:00:00 Type: 23 (0x0017); /non-TLS-1.3/ Type: 43 (0x002B); "supported_versions" 0x0304 (TLS 1.3) 0x0303 (TLS 1.2) Type: 45 (0x002D); "psk_key_exchange_modes" 01:01 Type: 51 (0x0033); "key_share" X25519 (0x001D) x = 0x92165175548FD77501CE627FC021D3148A7541F408AE7690C7F74EF1CE8B3217 Type: 65281 (0xFF01); /non-TLS-1.3/ 00 HELLO_RETRY_REQUEST (sent, server) Legacy Version: 0x0303 Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256) HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A Extensions: Type: 51 (0x0033); "key_share" Secp256r1 (0x0017) Type: 44 (0x002C); "cookie" 00:08:0C:00:FE:E1:C0:DE:FA:57 Type: 43 (0x002B); "supported_versions" 0x0304 [Legacy ChangeCipherSpec message sent (server)] CLIENT_HELLO (recieved) Version: 0x0303 Cipher suites: 0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xCCA8 0xC02F,0xC014,0xC013,0x009D,0x009C,0x0035,0x002F Client Random: 8D:BE:3F:F4:A9:82:2E:EF:FF:9C:EC:55:68:A3:5C:D1:11:7A:0D:74:F0:BD:6F:4C:52:4A:54:A8:4D:09:59:D4 Client SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A Extensions: Type: 00 (0x0000); "server_name" 00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77 hostname: tls13.1d.pw Type: 05 (0x0005); "status_request" 01:00:00:00:00 Type: 10 (0x000A); "supported_groups" 0x001D (X25519) 0x0017 (Secp256r1) 0x0018 (Secp384r1) 0x0019 (Secp521r1) 0x001E (X448) 0x0100 (ffdhe2048) 0x0101 (ffdhe3072) 0x0102 (ffdhe4096) 0x0103 (ffdhe6144) 0x0104 (ffdhe8192) Type: 11 (0x000B); /non-TLS-1.3/ 01:00 Type: 13 (0x000D); "signature_algorithms" 00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09 08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01 03:02:02:03:02:01:02:02 Type: 50 (0x0032); "signature_algorithms_cert" 00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09 08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01 03:02:02:03:02:01:02:02 Type: 16 (0x0010); "application_layer_protocol_negotiation" 00:09:08:68:74:74:70:2F:31:2E:31 Type: 17 (0x0011); /non-TLS-1.3/ 00:07:02:00:04:00:00:00:00 Type: 23 (0x0017); /non-TLS-1.3/ Type: 43 (0x002B); "supported_versions" 0x0304 (TLS 1.3) 0x0303 (TLS 1.2) Type: 44 (0x002C); "cookie" 00:08:0C:00:FE:E1:C0:DE:FA:57 Type: 45 (0x002D); "psk_key_exchange_modes" 01:01 Type: 51 (0x0033); "key_share" Secp256r1 (0x0017) x = 0x8AA9E99DB0D2B9E08E743A06B5754A6D9992D157184ED62DBCE3CC6A66B396EE y = 0xEBE87D25C697B80FE307AE28CAC08F85F68E56DBC704D3126D2F5B85CBCB74E4 Type: 65281 (0xFF01); /non-TLS-1.3/ 00 SERVER_HELLO (sent) Legacy Version: 0x0303 Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256) Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A Extensions: Type: 51 (0x0033); "key_share" Secp256r1 (0x0017) x = 0x1FADAC79156E08C8532CE88DF887273141ACE16E44E9C268CE496596F41B65FA y = 0xF82394637B6ACF004AB253F956BD2CD6CA6C9AD8454BF1FBF281A6C54A93D99C Type: 43 (0x002B); "supported_versions" 0x0304 [Legacy ChangeCipherSpec message sent (server)] SERVER_HANDSHAKE_MESSAGES (sent) Type: 8 (0x08) - "encrypted_extensions" Length (octets, dec.): 2 00:00 Type: 11 (0x0B) - "certificate" Length (octets, dec.): 4196 [...] /skipped 4196 data octets/ Type: 15 (0x0F) - "certificate_verify" Length (octets, dec.): 108 05:03:00:68:30:66:02:31:00:C3:72:C7:F8:91:D2:EC:56:B3:C6:65:6E:29:7F:46:39:4E:06:4D:98:74:F7:15 EF:57:23:36:38:2A:48:8D:28:3F:36:0D:1E:0B:98:1A:AC:5E:AF:4C:12:A7:3F:46:05:02:31:00:BB:BB:87:99 33:B7:5B:7D:E9:A0:B4:A1:61:F0:5E:3A:48:E9:2E:29:20:7C:5F:50:8C:C1:E3:B2:BA:52:FE:66:06:E2:6F:72 51:55:75:6A:AF:33:B1:55:D4:48:8D:5F Type: 20 (0x14) - "finished" Length (octets, dec.): 32 10:2D:5E:D8:33:73:DB:2A:52:16:F1:53:0D:24:B2:3D:3B:24:D9:46:E6:03:B9:E5:EF:F1:7A:0C:EB:43:30:FA [Legacy ChangeCipherSpec message present (client)] CLIENT_FINISHED (received) Finished value: 0xF0AD0FE362495CB04A957B6D154FCA0279D73028F61218904FE46893B6C99A39 Client Finished status: OK CLIENT_APPLICATION_DATA (recieved) ASCII dump (filtered): GET / HTTP/1.1..User-Agent: CCBot/2.0 (https://commoncrawl.org/f aq/)..Accept: text/html,application/xhtml+xml,application/xml;q= 0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..If-Modified-Sinc e: Sat, 23 Sep 2023 10:53:00 GMT..Accept-Encoding: br,gzip..Host : tls13.1d.pw..Connection: Keep-Alive.... [Server KeyUpdate sent /message skipped/] TCP: server: 194.87.109.56:443; client: 34.229.63.28:57320; timestamp: 1701341515 Contacts: dxdt.ru, alex/()\/abaabb.xyz. /\_/\ ( 0.0 ) = ^ = /|_|\ (") (")=~ Provide ESNI to get second ASCII cat Elapsed server side: 330ms; ServerHello sent: 98ms (including HelloRetryRequest time); TLS connection established: 330ms.