@carlsbad2 @tonix
Here's a pcap show you are 100% wrong:
09:35:23.282276 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [P.], seq 606480072:606480227, ack 1691056063, win 2070, options [nop,nop,TS val 4083356658 ecr 4217534470], length 155
09:35:23.282300 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [P.], seq 155:201, ack 1, win 2070, options [nop,nop,TS val 4083356658 ecr 4217534470], length 46
09:35:23.410880 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [.], ack 201, win 189, options [nop,nop,TS val 4217560179 ecr 4083356658], length 0
09:35:23.411236 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [P.], seq 1:47, ack 201, win 189, options [nop,nop,TS val 4217560179 ecr 4083356658], length 46
09:35:23.411250 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [.], ack 47, win 2069, options [nop,nop,TS val 4083356786 ecr 4217560179], length 0
09:35:23.525859 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [P.], seq 47:964, ack 201, win 189, options [nop,nop,TS val 4217560295 ecr 4083356658], length 917
09:35:23.525862 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [P.], seq 964:1002, ack 201, win 189, options [nop,nop,TS val 4217560295 ecr 4083356658], length 38
09:35:23.525884 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [.], ack 964, win 2056, options [nop,nop,TS val 4083356901 ecr 4217560295], length 0
09:35:23.525893 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [.], ack 1002, win 2055, options [nop,nop,TS val 4083356901 ecr 4217560295], length 0
09:35:23.531732 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [P.], seq 201:305, ack 1002, win 2070, options [nop,nop,TS val 4083356907 ecr 4217560295], length 104
09:35:23.691822 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [.], ack 305, win 189, options [nop,nop,TS val 4217560462 ecr 4083356907], length 0
09:35:23.752906 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [.], seq 1002:2450, ack 305, win 189, options [nop,nop,TS val 4217560523 ecr 4083356907], length 1448
09:35:23.752921 IP 10.255.255.126.52413 > ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https: Flags [.], ack 2450, win 2048, options [nop,nop,TS val 4083357128 ecr 4217560523], length 0
09:35:23.752951 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [.], seq 2450:3898, ack 305, win 189, options [nop,nop,TS val 4217560523 ecr 4083356907], length 1448
09:35:23.752953 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [.], seq 3898:5346, ack 305, win 189, options [nop,nop,TS val 4217560523 ecr 4083356907], length 1448
09:35:23.752954 IP ec2-63-34-141-147.eu-west-1.compute.amazonaws.com.https > 10.255.255.126.52413: Flags [.], seq 5346:6794, ack 305, win 189, options [nop,nop,TS val 4217560523 ecr 4083356907], length 1448
Log from my firewall:
Destination
|
63.34.141.147
|
Description
|
OCSP: could not connect to server. Make sure the server is up and running.
Certificate DN: 'qobuz.com' Requested Server Name: www.qobuz.com. See sk159872
|