[anaphor]

It appears that you might be right, from the RFC:

"However, a HeartbeatRequest message SHOULD NOT be sent during handshakes. If a handshake is initiated while a HeartbeatRequest is still in flight, the sending peer MUST stop the DTLS retransmission timer for it. The receiving peer SHOULD discard the message silently, if it arrives during the handshake. In case of DTLS, HeartbeatRequest messages from older epochs SHOULD be discarded."

But that doesn't make sense to me because the PoC code didn't complete the handshake did it?

Edit: according to Google the reason is that OpenSSL does not honour the "SHOULD" part of the spec :/