Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0017
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1302 (TLS_AES_256_GCM_SHA384)
Key exchange: 0x0017 (Secp256r1)
(Handshake level)
Handshake secrets:
Client: 0xDCD89CD14BDF2E36F85431B7C7BA61DFCE3B8184EAEC565CC2585829CAD5F55955136666B0C470CFD87F84FEAA9F1441
Server: 0x2509B7A4C64A7827765A9D25FDE9BF9D4153D217FB706F79DC6D308B629D95139CE71E66CBA04BB4A275270825E2790D
Handshake keys:
Client write: 0xF938CB74D55AA255352D711B15FF73824B1AFF3909B3C97D165A75EB8E131C95
Server write: 0x307B756446159F4701DA47D1862961BFFCE97A7DE7646FDFB2D1DFDA028A3EDD
Handshake IVs:
Client write (IV): 0x6D6A431FC58AF20AF04073D2
Server write (IV): 0xBCA49FBC6DCFAF1C925A905B
(Traffic level)
Traffic secrets:
Client: 0x0487974145D7AE5C4B7B8390F8FFC3AF18E31047E76E9230A0DA57A44856058D2B79F2152A376D2A4B0C0889DD3C9686
Server: 0xABF1F1BD2F91F53540AAC94C64B200A22FD34B1F5253948F5690A91ECEA49DADB652D304DAE6630BE43F9375A9AE7E69
KeyUpdates log, server:
0: 0x450A623D7F8ECE119DB0E77E844A5093AB00398A50E41E4D936C4A821B6978D077B31A8A5ADA22EC633FD4B7E36572F6
Traffic keys:
Client write: 0xDA3EAD7EB8E5ACDD8A3D21AD33C214C9B43FF20E51557D88AD6C86E54AD8F7FE
Server write: 0xDC8D939A34E2C63C340F8CC08BCB834FC836F2C9E01E5281AD0C665A8CACA0C8
KeyUpdates log, server:
0: 0x7F0485E8252F7F765AFCC202B690643587F2D0227344FFF17E32CF7DDBC1EE9C
Traffic base IVs:
Client write (base IV): 0xD68D3D2F6E40A98E5AA8E0BE
Server write (base IV): 0x81C10506EA8BA93891818BBB
KeyUpdates log, server:
0: 0xFBDEBA9E38EC00B5A6283BBB
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: E3:1E:AE:49:AF:98:B9:BF:C2:A9:29:30:5D:FB:A2:DA:C9:9F:D8:9A:D6:9F:23:92:2B:D6:D2:D0:6B:AC:59:45
Client SessionID: F1:20:7B:6D:1B:80:A8:9C:43:5C:CA:52:AC:59:14:70:31:6A:E9:F1:00:65:DA:FF:FA:4C:E8:ED:3E:E3:4D:15
Extensions:
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0xA17D8BD23D94C2EA3F540771955DC8CA4D3163557EA5A76702A95128F2F48D6A
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 23 (0x0017); /non-TLS-1.3/
Type: 35 (0x0023); /non-TLS-1.3/
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1302 (TLS_AES_256_GCM_SHA384)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: F1:20:7B:6D:1B:80:A8:9C:43:5C:CA:52:AC:59:14:70:31:6A:E9:F1:00:65:DA:FF:FA:4C:E8:ED:3E:E3:4D:15
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
[Legacy ChangeCipherSpec message present (client)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: E3:1E:AE:49:AF:98:B9:BF:C2:A9:29:30:5D:FB:A2:DA:C9:9F:D8:9A:D6:9F:23:92:2B:D6:D2:D0:6B:AC:59:45
Client SessionID: F1:20:7B:6D:1B:80:A8:9C:43:5C:CA:52:AC:59:14:70:31:6A:E9:F1:00:65:DA:FF:FA:4C:E8:ED:3E:E3:4D:15
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0xDDA2EF0B5CE93BD9EBEBC1ECC88BB6493BD31C66EF5CD686122B8A2EB0D37638
y = 0xEDD57A9F384B9BE947FE0A240419C659B38F7E3BAFE87C5F7B2A3E39509DC40E
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 23 (0x0017); /non-TLS-1.3/
Type: 35 (0x0023); /non-TLS-1.3/
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1302 (TLS_AES_256_GCM_SHA384)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: F1:20:7B:6D:1B:80:A8:9C:43:5C:CA:52:AC:59:14:70:31:6A:E9:F1:00:65:DA:FF:FA:4C:E8:ED:3E:E3:4D:15
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0x1FADAC79156E08C8532CE88DF887273141ACE16E44E9C268CE496596F41B65FA
y = 0xF82394637B6ACF004AB253F956BD2CD6CA6C9AD8454BF1FBF281A6C54A93D99C
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3403
[...] /skipped 3403 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 106
05:03:00:66:30:64:02:30:1C:B4:11:1E:C4:50:43:04:28:77:04:A5:36:F0:AD:0A:B9:04:00:54:E9:6F:9A:90
F3:8C:65:8A:E9:26:12:AF:78:B6:87:41:70:D9:03:2C:4F:3B:A0:BE:91:B3:17:B3:02:30:48:E8:1E:F0:03:C2
79:42:8E:DC:8E:D2:BB:6B:2D:A2:A2:AE:DF:3F:DF:73:FC:F9:06:8A:31:79:0D:A8:CC:30:75:AD:3E:A1:8F:BB
AF:00:F4:42:85:46:B8:71:FF:2A
Type: 20 (0x14) - "finished"
Length (octets, dec.): 48
B5:BB:C4:5C:D0:4E:8A:AA:33:A0:26:30:A7:42:5A:08:8D:84:1E:29:29:B1:3D:8A:2A:3C:FC:40:8C:45:53:BE
D5:D5:18:F0:75:8C:43:2F:DB:97:CB:E7:0F:73:EA:93
CLIENT_FINISHED (received)
Finished value: 0x9D0E8730A4C2C5170BCDB371F357A3FD505CBC3BB97753CC810265FA2814990C0B7E90F8CF9DE7A58DD72373B2159D3B
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..accept: */*..user-agent: Mozilla/5.0 AppleWebKit
/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebo
t@anthropic.com)..accept-encoding: gzip, br, zstd, deflate..host
: tls13.1d.pw....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 216.73.217.127:32302; timestamp: 1779399951
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 309ms; ServerHello sent: 159ms (including HelloRetryRequest time); TLS connection established: 308ms.