--- output from 'host www.cygwin.com', NetBSD@69.12.250.42 ---
www.cygwin.com has address 209.132.180.131

--- output from 'ping -c 4 www.cygwin.com', NetBSD@69.12.250.42 ---
PING www.cygwin.com (209.132.180.131): 56 data bytes
64 bytes from 209.132.180.131: icmp_seq=0 ttl=49 time=79.846013 ms
64 bytes from 209.132.180.131: icmp_seq=1 ttl=49 time=77.474827 ms
64 bytes from 209.132.180.131: icmp_seq=2 ttl=49 time=79.351679 ms
64 bytes from 209.132.180.131: icmp_seq=3 ttl=49 time=78.905822 ms

----www.cygwin.com PING Statistics----
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 77.474827/78.894585/79.846013/1.021435 ms


--- output from 'traceroute www.cygwin.com', NetBSD@69.12.250.42 ---
traceroute to www.cygwin.com (209.132.180.131), 64 hops max, 40 byte packets
 1  smaug (172.21.12.1)  0.624 ms  0.729 ms  0.742 ms
 2  stupidhead (69.12.250.1)  48.060 ms  48.074 ms  48.085 ms
 3  109.at-4-0-0.gw3.200p-sf.sonic.net (208.106.28.117)  49.581 ms  49.895 ms  48.096 ms
 4  0.ae2.gw.200p-sf.sonic.net (70.36.211.53)  48.048 ms  47.990 ms  47.695 ms
 5  as0.gw2.200p-sf.sonic.net (208.106.96.250)  49.986 ms  47.981 ms  48.082 ms
 6  303.ae4.gw.pao1.sonic.net (69.12.163.217)  51.906 ms  49.904 ms  51.928 ms
 7  te0-0-0-15.ccr21.sjc04.atlas.cogentco.com (38.104.141.81)  51.911 ms  51.831 ms  51.931 ms
 8  be2013.ccr41.sjc03.atlas.cogentco.com (154.54.5.105)  53.835 ms  52.215 ms  51.935 ms
 9  be3144.ccr22.sjc01.atlas.cogentco.com (154.54.5.101)  53.817 ms  51.847 ms
    be3142.ccr21.sjc01.atlas.cogentco.com (154.54.1.193)  51.932 ms
10  be3176.ccr21.lax01.atlas.cogentco.com (154.54.31.189)  64.101 ms  65.688 ms
    be3177.ccr22.lax01.atlas.cogentco.com (154.54.40.145)  65.787 ms
11  be2931.ccr21.phx02.atlas.cogentco.com (154.54.44.85)  76.030 ms  75.695 ms  76.179 ms
12  te0-0-1-0.agr13.phx02.atlas.cogentco.com (154.54.46.190)  75.759 ms
    be2125.agr12.phx02.atlas.cogentco.com (154.54.1.102)  78.004 ms  75.669 ms
13  154.24.53.154 (154.24.53.154)  78.072 ms  78.042 ms
    154.24.53.150 (154.24.53.150)  77.717 ms
14  38.88.238.30 (38.88.238.30)  89.966 ms  75.754 ms
    38.122.88.218 (38.122.88.218)  75.790 ms
15  unused (66.187.228.248)  81.882 ms
    unused (66.187.228.249)  93.647 ms  79.893 ms
16  transit-21-180-132-209.redhat.com (209.132.180.21)  100.019 ms  91.844 ms  93.896 ms
17  server1.sourceware.org (209.132.180.131)  76.150 ms !<10>  75.697 ms !<10>  80.028 ms !<10>


--- output from 'curl -vsko /dev/null https://www.cygwin.com',
--- NetBSD@69.12.250.42
[ -k because for some reason I don't have any SSL certs on the box
[ other than the ssh host key.
* Rebuilt URL to: https://www.cygwin.com/
*   Trying 209.132.180.131...
* Connected to www.cygwin.com (209.132.180.131) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/openssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
* TLSv1.2 (IN), TLS handshake, Server hello (2):
{ [98 bytes data]
* TLSv1.2 (IN), TLS handshake, Certificate (11):
{ [2519 bytes data]
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
{ [333 bytes data]
* TLSv1.2 (IN), TLS handshake, Server finished (14):
{ [4 bytes data]
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
} [70 bytes data]
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
} [1 bytes data]
* TLSv1.2 (OUT), TLS handshake, Finished (20):
} [16 bytes data]
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
{ [1 bytes data]
* TLSv1.2 (IN), TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* Server certificate:
* 	 subject: CN=cygwin.com
* 	 start date: Mar  1 03:04:00 2017 GMT
* 	 expire date: May 30 03:04:00 2017 GMT
* 	 issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* 	 SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> GET / HTTP/1.1
> Host: www.cygwin.com
> User-Agent: curl/7.45.0
> Accept: */*
> 
< HTTP/1.1 403 Forbidden
< Date: Sat, 22 Apr 2017 19:54:49 GMT
< Server: Apache
< Vary: Accept-Encoding
< Content-Length: 382
< Content-Type: text/html; charset=iso-8859-1
< 
{ [382 bytes data]
* Connection #0 to host www.cygwin.com left intact

--- output from 'openssl s_client -connect www.cygwin.com:443', NetBSD@69.12.250.42
-- Input: "HEAD / HTTP/1.0\nHost: eddie.starwolf.com\n\n"
: eddie; openssl s_client -connect www.cygwin.com:443
CONNECTED(00000004)
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:/CN=cygwin.com
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
   i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAwwDovAR//+tUdLl4uqOp2efMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMDEwMzA0MDBaFw0x
NzA1MzAwMzA0MDBaMBUxEzARBgNVBAMTCmN5Z3dpbi5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDJCwkeLVu0Da5KV3ZJptJrWGwWEkDJni2arI3D
jKuKrNodipFu0YWH973s9KGFvrsEy1i5q/pSA6av+LnGJW2VSdOXFdtKYVadfIjG
UMoosTGDaMArrjjDprG6hvX9vbdHHPoK4/+9I+hWtCUMAVtHrkW5oyKTI8XDj/oV
FVm7o2WZnBz8LZCMScY1X+nU3Of++MwLJdh76pBDtaPi/4d2mgChegsscZ7AWUW3
UyAoOcvCRUoyKqLtF1T06vauLDXa9rpNrd8yf8VFigOn5dHQUvwpqCbo28j9+5U5
bR8yjVEdamSfyh/BVfK2pjFcYFGg/o5tmKuhxZJR+/G71gSVAgMBAAGjggJDMIIC
PzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFItTa1Nhu2F1NsYVV3FxTjvZPMwbMB8G
A1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEBBGQwYjAv
BggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w
LwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcv
ME0GA1UdEQRGMESCCmN5Z3dpbi5jb22CCmN5Z3dpbi5uZXSCCmN5Z3dpbi5vcmeC
DmZ0cC5jeWd3aW4uY29tgg53d3cuY3lnd2luLmNvbTCB/gYDVR0gBIH2MIHzMAgG
BmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j
cHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlm
aWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVz
IGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9s
aWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkv
MA0GCSqGSIb3DQEBCwUAA4IBAQB1X6TaJfYTWzETbPofnhqS2aF8M1qOSeCr72wN
TTJcM2n7DwfRAH6WR1OV9UMAvBYXy0TxbuAlMBbLJmIe09ybvqkDbiixvQxAk8xv
96Ik8Xyyl0cJLubKf8xnO39XQddvXKlhW/X8m3cFoVSf5VkF58HPGMPX60mgoO1c
hyg0cBeJsVGDA2RAp+TBPkr4HVTiJsUFDIsU1JIpbMnYqegmGKJD61j6e6FwVxug
AIhOV1GIE0XXhHH7dgANEknmKZaLjozhYJoIIokxkTcnzCEavbudpXZ1j9ilg1uz
31NkBdc3FQRfjI0BQMbUWwjEe2ngtVxGaLuSFtQopQiBYfY4
-----END CERTIFICATE-----
subject=/CN=cygwin.com
issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
---
No client certificate CA names sent
---
SSL handshake has read 3200 bytes and written 423 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-GCM-SHA384
    Session-ID: 630FE678D129F49799C155C4858C3D78529545B0F16A0D910627AFD8082E4EBC
    Session-ID-ctx: 
    Master-Key: 5B9F5F86A167EB804A43D0A25608655FA1C09B7D454A886154861A57F7CC507F539A8F0B2F91BA3F0C7FF33D08651068
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 300 (seconds)
    TLS session ticket:
    0000 - 4b d7 3d 66 d5 fa 75 69-5d 05 c8 04 4b 88 56 fe   K.=f..ui]...K.V.
    0010 - ea 1b 31 8a 0f 6e a9 ad-f7 c3 78 40 49 26 b9 16   ..1..n....x@I&..
    0020 - 25 d4 35 55 4f 49 cf 11-bd a8 38 1e f6 4d e6 a2   %.5UOI....8..M..
    0030 - 38 ae b5 b4 29 18 38 f0-b9 2b 9c bf c8 68 18 7a   8...).8..+...h.z
    0040 - 2a 34 b7 40 52 8e f5 65-d2 4b b6 d0 67 7f 34 69   *4.@R..e.K..g.4i
    0050 - 63 a1 6d eb 2c c9 cd fe-4d 21 e4 85 4a 70 be 59   c.m.,...M!..Jp.Y
    0060 - f6 84 5c ba 2a ad a8 1e-cb f8 7d 8c 7d 14 f1 c1   ..\.*.....}.}...
    0070 - 03 45 7f e0 24 ca 58 12-99 d8 c0 9e d9 03 ab d3   .E..$.X.........
    0080 - 5c 36 64 30 b0 7f da 95-2d 3a 83 94 61 8d 8f 70   \6d0....-:..a..p
    0090 - 5c 9e 0e 1d 28 bb ef 80-2b 93 3c 20 89 19 e0 a5   \...(...+.< ....
    00a0 - d6 e0 a0 c7 ec 28 0a 9c-d5 3c f7 8b 0e 02 b5 63   .....(...<.....c
    00b0 - 5d 60 d8 56 1d e5 b7 fd-6a ae 19 d7 07 3d 08 bc   ]`.V....j....=..

    Start Time: 1492891084
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---
HEAD / HTTP/1.1
Host: eddie.starwolf.com

HTTP/1.1 403 Forbidden
Date: Sat, 22 Apr 2017 19:58:12 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

DONE