Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0101
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0101 (ffdhe3072)
(Handshake level)
Handshake secrets:
Client: 0x067F1FD6E2A029EF6CDCFBF7E14570842E3F7AD29F5DC86E2F0D8263F48B608B
Server: 0x560BD98675A18AD5078CBE33C854687DC340032B41FE0312BAE9C337D6443FBA
Handshake keys:
Client write: 0x5508EEC267F0D6167B2F39E3825F6307
Server write: 0x9378521D42030BDF38635E0CEA281EA2
Handshake IVs:
Client write (IV): 0xCB582922915DF7DE90AA4E24
Server write (IV): 0xB00EE7B645971D60E8D08899
(Traffic level)
Traffic secrets:
Client: 0xEE1653D3E3E068D0022C4172F5F221C860FD25ADEA50C2E1FF0647898D7D7F09
Server: 0x5E0840A3A81D434E1573302E89FEB593DACEC8805CDEE377A0D1BF3B412DE3D3
KeyUpdates log, server:
0: 0x447E7A8298C74362975CC4CA726C6FF399B6E7283E3034ED995307C665C8BF8E
Traffic keys:
Client write: 0x986DB420922138CF97815B98ABA15EE0
Server write: 0x2DD0E45461162486D075C5CEAF45B990
KeyUpdates log, server:
0: 0xD992B9029C63BB1110053317E9455189
Traffic base IVs:
Client write (base IV): 0x0D6C6453F7742C6C3F632888
Server write (base IV): 0x998753F6AA551FBD4B216760
KeyUpdates log, server:
0: 0xB5F1675BBB8757E85FA37A59
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1301,0x1302,0x1303,0xC02B,0xC02F,0xC02C,0xC030,0xCCA9
0xCCA8,0xC013,0xC014
Client Random: 3D:C2:FD:A3:BC:F2:11:FB:84:CA:CB:00:A1:45:47:6F:0E:6A:EF:C4:B8:18:CC:F4:41:C0:1E:F4:0D:A8:53:B8
Client SessionID: D3:61:DC:94:14:A5:DD:4F:65:1A:75:E6:35:A7:62:65:05:87:9A:6E:8C:38:EA:25:11:D6:95:1E:F0:91:46:F6
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
0x0403 (ECDSA_SECP256R1_SHA256)
0x0503 (ECDSA_SECP384R1_SHA384)
0x0603 (ECDSA_SECP521R1_SHA512)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0809 (RSA_PSS_PSS_SHA256)
0x080A (RSA_PSS_PSS_SHA384)
0x080B (RSA_PSS_PSS_SHA512)
0x0401 (RSA_PKCS1_SHA256)
0x0501 (RSA_PKCS1_SHA384)
0x0601 (RSA_PKCS1_SHA512)
0x0402 _unknown_
0x0303 _unknown_
0x0301 _unknown_
0x0302 _unknown_
0x0203 (ECDSA_SHA1)
0x0201 (RSA_PKCS1_SHA1)
0x0202 _unknown_
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0x06435B6058CBCB3EF748F4223D828F9648824E2DA097BF08CFDA0242B0BC2471
Type: 65281 (0xFF01); /non-TLS-1.3/
00
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: D3:61:DC:94:14:A5:DD:4F:65:1A:75:E6:35:A7:62:65:05:87:9A:6E:8C:38:EA:25:11:D6:95:1E:F0:91:46:F6
Extensions:
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1301,0x1302,0x1303,0xC02B,0xC02F,0xC02C,0xC030,0xCCA9
0xCCA8,0xC013,0xC014
Client Random: 3D:C2:FD:A3:BC:F2:11:FB:84:CA:CB:00:A1:45:47:6F:0E:6A:EF:C4:B8:18:CC:F4:41:C0:1E:F4:0D:A8:53:B8
Client SessionID: D3:61:DC:94:14:A5:DD:4F:65:1A:75:E6:35:A7:62:65:05:87:9A:6E:8C:38:EA:25:11:D6:95:1E:F0:91:46:F6
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
0x0403 (ECDSA_SECP256R1_SHA256)
0x0503 (ECDSA_SECP384R1_SHA384)
0x0603 (ECDSA_SECP521R1_SHA512)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0809 (RSA_PSS_PSS_SHA256)
0x080A (RSA_PSS_PSS_SHA384)
0x080B (RSA_PSS_PSS_SHA512)
0x0401 (RSA_PKCS1_SHA256)
0x0501 (RSA_PKCS1_SHA384)
0x0601 (RSA_PKCS1_SHA512)
0x0402 _unknown_
0x0303 _unknown_
0x0301 _unknown_
0x0302 _unknown_
0x0203 (ECDSA_SHA1)
0x0201 (RSA_PKCS1_SHA1)
0x0202 _unknown_
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Len (octets, dec.): 384
Key:
33:A4:A6:38:33:B3:C1:72:2D:DB:30:8C:CF:99:86:5B:D8:AD:4B:83:55:91:84:08:1C:B6:40:9C:EC:EB:84:CB:88
39:5D:4C:73:1E:53:00:71:9E:29:82:07:B7:95:C0:8E:A0:0B:05:46:34:3F:D3:02:DB:84:54:C5:11:EA:1C:78:3A
19:31:79:14:27:BB:5A:BD:CE:FD:BC:97:F3:80:9C:6F:57:BE:61:32:89:FD:78:56:04:F0:2F:4E:85:45:5F:BC:30
C3:D4:46:AB:6C:89:17:71:DC:96:82:2A:4B:56:92:51:20:3F:DD:01:67:CA:CD:5D:BD:11:89:1C:5D:B7:C6:A6:F8
E5:CA:84:45:25:AB:A8:52:39:9E:46:D1:B4:AA:1A:47:D0:B4:AD:AD:21:1F:25:83:4C:33:87:C4:93:BE:49:7A:D9
4C:14:B4:B9:14:EA:BB:C1:07:B2:DA:ED:A6:CF:05:7F:62:6A:E3:05:81:E6:80:BE:3E:6F:EF:2A:3B:64:C4:A3:49
52:73:0F:5C:B1:5F:B1:AE:31:6F:B6:5D:29:0E:44:AD:30:B3:81:F5:D3:33:D8:0C:12:54:F3:2E:5C:6E:3A:82:DB
47:F0:F7:B1:C4:84:E8:56:82:2C:7D:CF:8C:73:44:BF:8A:D7:E7:6E:CC:74:A8:D1:71:B9:41:15:5F:31:C3:78:43
7E:68:9C:04:9F:91:FB:CD:70:65:1D:43:88:9A:AE:71:62:61:31:1C:63:EF:A5:34:DD:4D:59:BB:90:AF:6F:AD:79
BE:43:C7:0F:31:79:56:7D:5D:34:81:A0:55:0A:1B:B1:0D:DE:9F:EF:42:89:D7:12:23:A4:5A:23:32:3C:CC:94:97
B3:62:9C:EE:06:F9:02:50:16:5B:18:46:B9:B7:01:7F:CC:BB:96:49:90:49:85:40:F2:7B:21:8F:C0:A4:33:03:4F
AE:CC:C7:96:CA:58:34:34:A8:63:9D:25:35:6F:D4:9D:0C:1E:DB:1B:98
Type: 65281 (0xFF01); /non-TLS-1.3/
00
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: D3:61:DC:94:14:A5:DD:4F:65:1A:75:E6:35:A7:62:65:05:87:9A:6E:8C:38:EA:25:11:D6:95:1E:F0:91:46:F6
Extensions:
Type: 51 (0x0033); "key_share"
ffdhe3072 (0x0101)
Len (octets, dec.): 384
Key:
4F:24:C0:64:3B:37:B7:7A:0F:14:C1:75:0F:2D:31:D1:3E:83:1B:36:AC:D4:A5:0D:3C:99:A8:57:23:D6:4F:1D:60
D0:1F:7E:C7:57:E3:E0:AC:FA:C6:7B:0E:47:D7:9B:37:63:CC:D8:9A:96:72:5A:6B:C0:50:5E:F7:60:52:42:69:06
E7:93:D0:1B:07:8E:0C:23:E5:78:B9:6B:AA:F7:19:B1:AB:9D:F3:C2:56:0C:F6:9C:11:BC:A1:48:7E:1D:3A:CF:3B
0C:15:32:25:23:69:BF:DA:74:31:3F:7E:4C:78:F8:31:90:E7:30:6F:6E:FC:D4:CA:B8:52:A6:A0:59:16:9D:67:7E
17:F5:09:83:E4:70:05:0B:E5:9E:9E:01:C7:B6:A1:A1:A7:33:50:8D:1E:06:63:2C:51:84:37:94:97:7F:BD:D8:1F
DD:81:B5:53:A5:BB:F8:0F:7F:56:FC:8D:1E:7C:EC:E1:2A:6F:EB:8E:A8:CF:50:0D:47:9F:FE:69:89:D5:79:8B:5F
5B:8D:BE:A5:01:20:8F:BD:22:96:E6:23:FC:6D:2D:55:CD:83:B7:1C:D8:92:09:40:83:9F:18:70:30:15:9E:96:76
BE:92:C2:36:A9:2F:07:9E:9A:36:5C:15:04:0B:58:64:C9:27:F3:E2:EA:C6:FF:2C:D8:07:81:8C:5C:97:38:AD:E6
83:4B:47:C8:5B:0A:31:45:7D:A1:48:13:2C:23:81:F3:A9:B1:16:65:84:66:93:72:81:09:9E:2E:D9:5F:55:F5:DC
E1:CD:09:24:86:C2:BE:69:C6:78:3F:B4:5A:B7:46:6A:44:E4:0D:0F:F4:FD:29:11:A6:7A:D5:4A:44:B0:80:BC:8B
7C:9F:50:75:C7:51:5E:88:C8:65:D0:C5:A1:02:AF:C4:D5:1B:2C:AE:2A:E3:A8:E8:51:EC:CD:8F:63:1E:3B:38:D1
D3:8B:ED:28:8C:FB:15:5A:D3:0E:9A:85:80:3C:FC:C2:24:46:89:03:87
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3864
[...] /skipped 3864 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 107
05:03:00:67:30:65:02:31:00:D7:46:72:E9:7C:ED:A5:97:CB:92:FE:40:CB:7E:31:60:DF:F3:37:17:D4:7A:73
9F:13:5C:80:3C:A4:4E:08:F9:BA:7F:46:F0:7C:F5:CB:42:AA:E2:BA:A9:44:0D:89:0C:02:30:63:21:DE:34:35
42:9F:83:BF:89:0F:0C:75:C2:D8:42:3D:54:13:64:4B:5E:D6:F7:EA:42:04:22:3A:00:45:D8:3E:B4:F9:BA:6A
82:68:35:F8:45:3C:78:3C:92:CC:BC
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
4E:32:2F:1A:62:B7:75:F1:36:C4:30:A8:7E:1D:5D:9A:28:0A:3B:DF:A2:72:2F:F2:0A:34:58:37:97:12:A8:9F
[Legacy ChangeCipherSpec message present (client)]
CLIENT_FINISHED (received)
Finished value: 0x268D310CDCA1390496AF11D3985D4F10ECE81F3E94D71DCBACC497DBB3DEDA06
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..User-Agent: CCBot/2.0 (https://commoncrawl.org/f
aq/)..Accept: text/html,application/xhtml+xml,application/xml;q=
0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..Accept-Encoding:
zstd, br, gzip..Host: tls13.1d.pw..Connection: Keep-Alive....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 18.97.14.86:57644; timestamp: 1772887607
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 429ms; ServerHello sent: 135ms (including HelloRetryRequest time); TLS connection established: 428ms.