Successfully connected
TLS 1.3 OK; HelloRetryRequest used; server-initiated key update accomplished;
Detailed description:
v.0.23.2-n
(This TLS-1.3-only server supports ESNI, HelloRetryRequest, KeyUpdate, X25519Kyber768/draft0, ECDHE, FFDHE, etc.)
HelloRetryRequest used to (re)negotiate DH group
First ClientHello, key shares: 0x001D
Second ClientHello, key shares: 0x0017
CRYPTO_CONTEXT
Protocol version: 0x0304
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Key exchange: 0x0017 (Secp256r1)
(Handshake level)
Handshake secrets:
Client: 0xC90AA059C34CE68AC169FA9EE392640839442634603BC8D805B4EC7D171640A5
Server: 0x690EE27DFADF7DB0E0598ECDBB2EC85B14BA301C45EC4995D2C8D884A4C87470
Handshake keys:
Client write: 0x7609AD11BF7D38F8C0756E968AC26B4F
Server write: 0x96EB58ABA0022867ADE7ABEBCDA7837C
Handshake IVs:
Client write (IV): 0x964F3851E0D2E3263FC1CA2F
Server write (IV): 0x92F7F95DCF139101585FC67D
(Traffic level)
Traffic secrets:
Client: 0x40B7694D759217C86A4379719F1C1701197FCE22D3348BAA269E8CD8C3FE5C1D
Server: 0xC46B7966D7DD48A7485513F08884158451C91219D7148FA3C67C6E8A3E972CEF
KeyUpdates log, server:
0: 0x25A78764C7DED0605E442280640477D04802D11E3A9668C01F1E791F6F0C02E2
Traffic keys:
Client write: 0xA3EA07FD3CF3440C3690DCBE09EA8337
Server write: 0xC0590685F829461A81E2E044F14F2363
KeyUpdates log, server:
0: 0x6C43A218063F568CCCFAD280EE267BF0
Traffic base IVs:
Client write (base IV): 0xBAE979EEB9995014E2723DDE
Server write (base IV): 0x8C49F01092E742C34B7C16B6
KeyUpdates log, server:
0: 0x7F0AC972711EAB7E80BCF972
--- Messages ---
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xCCA8
0xC02F,0xC014,0xC013,0x009D,0x009C,0x0035,0x002F
Client Random: 8D:BE:3F:F4:A9:82:2E:EF:FF:9C:EC:55:68:A3:5C:D1:11:7A:0D:74:F0:BD:6F:4C:52:4A:54:A8:4D:09:59:D4
Client SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
00:09:08:68:74:74:70:2F:31:2E:31
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
X25519 (0x001D)
x = 0x92165175548FD77501CE627FC021D3148A7541F408AE7690C7F74EF1CE8B3217
Type: 65281 (0xFF01); /non-TLS-1.3/
00
HELLO_RETRY_REQUEST (sent, server)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
HelloRetryRequest (Server Random): CF:21:AD:74:E5:9A:61:11:BE:1D:8C:02:1E:65:B8:91:C2:A2:11:16:7A:BB:8C:5E:07:9E:09:E2:C8:A8:33:9C
SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
CLIENT_HELLO (recieved)
Version: 0x0303
Cipher suites:
0x1302,0x1301,0x1303,0xC02C,0xC02B,0xCCA9,0xC030,0xCCA8
0xC02F,0xC014,0xC013,0x009D,0x009C,0x0035,0x002F
Client Random: 8D:BE:3F:F4:A9:82:2E:EF:FF:9C:EC:55:68:A3:5C:D1:11:7A:0D:74:F0:BD:6F:4C:52:4A:54:A8:4D:09:59:D4
Client SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A
Extensions:
Type: 00 (0x0000); "server_name"
00:00:0E:00:00:0B:74:6C:73:31:33:2E:31:64:2E:70:77
hostname: tls13.1d.pw
Type: 05 (0x0005); "status_request"
01:00:00:00:00
Type: 10 (0x000A); "supported_groups"
0x001D (X25519)
0x0017 (Secp256r1)
0x0018 (Secp384r1)
0x0019 (Secp521r1)
0x001E (X448)
0x0100 (ffdhe2048)
0x0101 (ffdhe3072)
0x0102 (ffdhe4096)
0x0103 (ffdhe6144)
0x0104 (ffdhe8192)
Type: 11 (0x000B); /non-TLS-1.3/
01:00
Type: 13 (0x000D); "signature_algorithms"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 50 (0x0032); "signature_algorithms_cert"
00:26:04:03:05:03:06:03:08:04:08:05:08:06:08:09
08:0A:08:0B:04:01:05:01:06:01:04:02:03:03:03:01
03:02:02:03:02:01:02:02
Type: 16 (0x0010); "application_layer_protocol_negotiation"
00:09:08:68:74:74:70:2F:31:2E:31
Type: 17 (0x0011); /non-TLS-1.3/
00:07:02:00:04:00:00:00:00
Type: 23 (0x0017); /non-TLS-1.3/
Type: 43 (0x002B); "supported_versions"
0x0304 (TLS 1.3)
0x0303 (TLS 1.2)
Type: 44 (0x002C); "cookie"
00:08:0C:00:FE:E1:C0:DE:FA:57
Type: 45 (0x002D); "psk_key_exchange_modes"
01:01
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0x8AA9E99DB0D2B9E08E743A06B5754A6D9992D157184ED62DBCE3CC6A66B396EE
y = 0xEBE87D25C697B80FE307AE28CAC08F85F68E56DBC704D3126D2F5B85CBCB74E4
Type: 65281 (0xFF01); /non-TLS-1.3/
00
SERVER_HELLO (sent)
Legacy Version: 0x0303
Cipher suite: 0x1301 (TLS_AES_128_GCM_SHA256)
Server Random: DE:AD:DE:AD:DE:AD:C0:DE:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
SessionID: AE:05:F3:32:67:91:8E:B8:22:E2:53:60:92:91:34:86:82:5E:CD:99:FC:F0:E6:E0:F4:41:F4:3B:73:5C:F4:9A
Extensions:
Type: 51 (0x0033); "key_share"
Secp256r1 (0x0017)
x = 0x1FADAC79156E08C8532CE88DF887273141ACE16E44E9C268CE496596F41B65FA
y = 0xF82394637B6ACF004AB253F956BD2CD6CA6C9AD8454BF1FBF281A6C54A93D99C
Type: 43 (0x002B); "supported_versions"
0x0304
[Legacy ChangeCipherSpec message sent (server)]
SERVER_HANDSHAKE_MESSAGES (sent)
Type: 8 (0x08) - "encrypted_extensions"
Length (octets, dec.): 2
00:00
Type: 11 (0x0B) - "certificate"
Length (octets, dec.): 4196
[...] /skipped 4196 data octets/
Type: 15 (0x0F) - "certificate_verify"
Length (octets, dec.): 108
05:03:00:68:30:66:02:31:00:C3:72:C7:F8:91:D2:EC:56:B3:C6:65:6E:29:7F:46:39:4E:06:4D:98:74:F7:15
EF:57:23:36:38:2A:48:8D:28:3F:36:0D:1E:0B:98:1A:AC:5E:AF:4C:12:A7:3F:46:05:02:31:00:BB:BB:87:99
33:B7:5B:7D:E9:A0:B4:A1:61:F0:5E:3A:48:E9:2E:29:20:7C:5F:50:8C:C1:E3:B2:BA:52:FE:66:06:E2:6F:72
51:55:75:6A:AF:33:B1:55:D4:48:8D:5F
Type: 20 (0x14) - "finished"
Length (octets, dec.): 32
10:2D:5E:D8:33:73:DB:2A:52:16:F1:53:0D:24:B2:3D:3B:24:D9:46:E6:03:B9:E5:EF:F1:7A:0C:EB:43:30:FA
[Legacy ChangeCipherSpec message present (client)]
CLIENT_FINISHED (received)
Finished value: 0xF0AD0FE362495CB04A957B6D154FCA0279D73028F61218904FE46893B6C99A39
Client Finished status: OK
CLIENT_APPLICATION_DATA (recieved)
ASCII dump (filtered):
GET / HTTP/1.1..User-Agent: CCBot/2.0 (https://commoncrawl.org/f
aq/)..Accept: text/html,application/xhtml+xml,application/xml;q=
0.9,*/*;q=0.8..Accept-Language: en-US,en;q=0.5..If-Modified-Sinc
e: Sat, 23 Sep 2023 10:53:00 GMT..Accept-Encoding: br,gzip..Host
: tls13.1d.pw..Connection: Keep-Alive....
[Server KeyUpdate sent /message skipped/]
TCP: server: 194.87.109.56:443; client: 34.229.63.28:57320; timestamp: 1701341515
Contacts: dxdt.ru, alex/()\/abaabb.xyz.
/\_/\
( 0.0 )
= ^ =
/|_|\
(") (")=~
Provide ESNI to get second ASCII cat
Elapsed server side: 330ms; ServerHello sent: 98ms (including HelloRetryRequest time); TLS connection established: 330ms.