Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.24.4-p
(This TLS-1.3-only server supports: HelloRetryRequest, KeyUpdate, ECDHE, FFDHE, X25519MLKEM768, SecP256r1MLKEM768, X25519Kyber768, ESNI, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0017
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0017 (Secp256r1)
(Handshake level)
Handshake secrets:
Client: 0x85101EA3449EB0D88C5CFF95B5ABF647C85EF2ACF2736C6FA76E6EE59CB79111
Server: 0x482E17D08EB8074164674AB87649423B9DEA6F002CB8BF805B3A769C5981D713
Handshake keys:
Client write: 0x8ACB2C44C0B5B85B37A272D39FB1C1B2
Server write: 0xEC40786B04A8B51F2A3231D3814AF957
Handshake IVs:
Client write (IV): 0x2CA8D41421E333589A7282DC
Server write (IV): 0xE0E928BA4C17D16D71449D87
(Traffic level)
Traffic secrets:
Client: 0x3D70AB99526AEA5FFD33A056B674A9172B5B6B786857C31137AD41F889682D24
Server: 0x590808D7685E2B0DD8433F3A49F23BCD81B2DE7AA1A398D0C9527D8936C3F66F
KeyUpdates log, server:
0: 0x9FFDE43EDAA29A153C06A6F32676AA023809656BF1C95084C15A55E532B3C26B
Traffic keys:
Client write: 0x11B55A6D5434D046BCE5B873BE2F2969
Server write: 0x9BEB7BE10E951FF35C42DA786E82B6A7
KeyUpdates log, server:
0: 0x1648DEB39999690F486C23D16AA74ECA
Traffic base IVs:
Client write (base IV): 0x030A61E15424C54D4CB00F0A
Server write (base IV): 0x68586FCC6E53804FE1858170
KeyUpdates log, server:
0: 0x48CEE515786CD7C4BACEC8F8
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: B6:2B:78:63:96:E2:4E:B8:CD:01:D0:3B:63:A3:DD:67:5D:E2:0B:A1:77:77:A2:66:10:6F:5F:66:6B:4E:B4:17
Client SessionID: 97:8A:54:98:65:77:6A:67:70:D7:28:EB:46:94:3C:9F:54:CA:F8:62:CE:A5:32:A8:08:C8:32:B8:2A:22:BB:42
Extensions:
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0xB9A0272D71A0D25E3880B90791C810C45669493B59D6B290ED4BDB8775614042
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 23 (0x0017); /non-TLS-1.3/
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 35 (0x0023); /non-TLS-1.3/
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: 97:8A:54:98:65:77:6A:67:70:D7:28:EB:46:94:3C:9F:54:CA:F8:62:CE:A5:32:A8:08:C8:32:B8:2A:22:BB:42
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
[Legacy ChangeCipherSpec message present (client)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xC02F
0xCCA8,0x00FF
Client Random: B6:2B:78:63:96:E2:4E:B8:CD:01:D0:3B:63:A3:DD:67:5D:E2:0B:A1:77:77:A2:66:10:6F:5F:66:6B:4E:B4:17
Client SessionID: 97:8A:54:98:65:77:6A:67:70:D7:28:EB:46:94:3C:9F:54:CA:F8:62:CE:A5:32:A8:08:C8:32:B8:2A:22:BB:42
Extensions:
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0x6FE97AE383EE596B194CFA6B82C572424407EF28DDFE9F4AFAA44459426F6B35
y = 0xC565C456035AA6D283C896673383B8EB769A3149DED9F223EC3EDACA7A3E56CB
Type: 16 (0x0010); "application_layer_protocol_negotiation"
68:32 (HTTP/2/TLS)
68:74:74:70:2F:31:2E:31 (HTTP/1.1)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
Type: 23 (0x0017); /non-TLS-1.3/
Type: 13 (0x000D); "signature_algorithms"
0x0503 (ECDSA_SECP384R1_SHA384)
0x0403 (ECDSA_SECP256R1_SHA256)
0x0807 (ED25519)
0x0806 (RSA_PSS_RSAE_SHA512)
0x0805 (RSA_PSS_RSAE_SHA384)
0x0804 (RSA_PSS_RSAE_SHA256)
0x0601 (RSA_PKCS1_SHA512)
0x0501 (RSA_PKCS1_SHA384)
0x0401 (RSA_PKCS1_SHA256)
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 35 (0x0023); /non-TLS-1.3/
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: 97:8A:54:98:65:77:6A:67:70:D7:28:EB:46:94:3C:9F:54:CA:F8:62:CE:A5:32:A8:08:C8:32:B8:2A:22:BB:42
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0x1FADAC79156E08C8532CE88DF887273141ACE16E44E9C268CE496596F41B65FA
y = 0xF82394637B6ACF004AB253F956BD2CD6CA6C9AD8454BF1FBF281A6C54A93D99C
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 3401
[...] /skipped 3401 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 107
05:03:00:67:30:65:02:30:19:42:CD:78:67:18:45:CE:62:15:F9:C0:2D:F7:78:32:31:C4:08:BE:0A:64:2F:B2
95:7D:B7:84:CD:5D:7A:6D:5E:2F:72:01:95:10:0E:91:68:B8:13:6C:F5:33:D8:7D:02:31:00:CC:6D:38:51:1F
D5:3A:02:00:82:64:61:9A:A7:47:48:FD:96:AF:93:68:15:6E:E7:51:0F:20:2E:4B:70:DC:37:27:61:78:78:88
65:D4:DD:2B:DF:F5:AF:F3:FC:80:0C
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
72:07:15:52:71:41:13:0F:B3:07:69:55:6B:D1:46:96:0F:DD:9A:21:5F:AC:DE:41:63:81:C9:F5:DA:24:BD:80
CLIENT_FINISHED (received)
Finished value: 0xA791D078B8A377D132FB9BCF5D090DF276EC612C82971534E8B141CC9B15BD12
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..accept: */*..user-agent: Mozilla/5.0 AppleWebKit
/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebo
t@anthropic.com)..accept-encoding: gzip, br, zstd, deflate..host
: tls13.1d.pw....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.103.72:443; client: 216.73.217.70:37085; timestamp: 1783121722
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 334ms; ServerHello sent: 153ms (including HelloRetryRequest time); TLS connection established: 333ms.