--- output from 'nslookup www.cygwin.com', Windows@69.12.250.40 Non-authoritative answer: Server: galadriel.middle-earth.starwolf.com Address: xx.xx.xx.xx Name: www.cygwin.com Address: 209.132.180.131 --- output from 'ping www.cygwin.com', Windows@69.12.250.40 Pinging www.cygwin.com [209.132.180.131] with 32 bytes of data: Reply from 209.132.180.131: bytes=32 time=89ms TTL=49 Reply from 209.132.180.131: bytes=32 time=78ms TTL=49 Reply from 209.132.180.131: bytes=32 time=77ms TTL=49 Reply from 209.132.180.131: bytes=32 time=78ms TTL=49 Ping statistics for 209.132.180.131: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 77ms, Maximum = 89ms, Average = 80ms --- output from 'tracert www.cygwin.com', Windows@69.12.250.40 Tracing route to www.cygwin.com [209.132.180.131] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms smaug.middle-earth.starwolf.com [172.21.12.1] 2 48 ms 49 ms 51 ms 69-12-250-1.static.dsltransport.net [69.12.250.1] 3 48 ms 49 ms 49 ms 109.at-4-0-0.gw3.200p-sf.sonic.net [208.106.28.117] 4 48 ms 49 ms 49 ms 0.ae2.gw.200p-sf.sonic.net [70.36.211.53] 5 49 ms 49 ms 51 ms as0.gw2.200p-sf.sonic.net [208.106.96.250] 6 50 ms 51 ms 51 ms 303.ae4.gw.pao1.sonic.net [69.12.163.217] 7 53 ms 51 ms 53 ms te0-0-0-15.ccr21.sjc04.atlas.cogentco.com [38.104.141.81] 8 52 ms 53 ms 53 ms be2013.ccr41.sjc03.atlas.cogentco.com [154.54.5.105] 9 53 ms 53 ms 53 ms be3144.ccr22.sjc01.atlas.cogentco.com [154.54.5.101] 10 65 ms 65 ms 65 ms be3177.ccr22.lax01.atlas.cogentco.com [154.54.40.145] 11 77 ms 77 ms 75 ms be2932.ccr22.phx02.atlas.cogentco.com [154.54.45.161] 12 77 ms 77 ms 77 ms be2125.agr12.phx02.atlas.cogentco.com [154.54.1.102] 13 77 ms 79 ms 77 ms 154.24.53.154 14 77 ms 77 ms 77 ms 38.88.238.30 15 89 ms 91 ms 93 ms unused [66.187.228.249] 16 89 ms 91 ms 89 ms transit-21-180-132-209.redhat.com [209.132.180.21] 17 77 ms 79 ms 81 ms server1.sourceware.org [209.132.180.131] Trace complete. --- output from 'curl -vso /dev/null https://www.cygwin.com', --- Windows@69.12.250.40 * STATE: INIT => CONNECT handle 0x6000579c0; line 1413 (connection #-5000) * Rebuilt URL to: https://www.cygwin.com/ * Added connection 0. The cache now contains 1 members * Trying 209.132.180.131... * TCP_NODELAY set * STATE: CONNECT => WAITCONNECT handle 0x6000579c0; line 1466 (connection #0) * Connected to www.cygwin.com (209.132.180.131) port 443 (#0) * STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x6000579c0; line 1583 (connection #0) * Marked for [keep alive]: HTTP default * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * TLSv1.2 (OUT), TLS header, Certificate Status (22): } [5 bytes data] * TLSv1.2 (OUT), TLS handshake, Client hello (1): } [512 bytes data] * STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x6000579c0; line 1597 (connection #0) { [5 bytes data] * TLSv1.2 (IN), TLS handshake, Server hello (2): { [98 bytes data] * TLSv1.2 (IN), TLS handshake, Certificate (11): { [2519 bytes data] * TLSv1.2 (IN), TLS handshake, Server key exchange (12): { [333 bytes data] * TLSv1.2 (IN), TLS handshake, Server finished (14): { [4 bytes data] * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): } [70 bytes data] * TLSv1.2 (OUT), TLS change cipher, Client hello (1): } [1 bytes data] * TLSv1.2 (OUT), TLS handshake, Finished (20): } [16 bytes data] * TLSv1.2 (IN), TLS change cipher, Client hello (1): { [1 bytes data] * TLSv1.2 (IN), TLS handshake, Finished (20): { [16 bytes data] * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: CN=cygwin.com * start date: Mar 1 03:04:00 2017 GMT * expire date: May 30 03:04:00 2017 GMT * subjectAltName: host "www.cygwin.com" matched cert's "www.cygwin.com" * issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3 * SSL certificate verify ok. * STATE: PROTOCONNECT => DO handle 0x6000579c0; line 1618 (connection #0) } [5 bytes data] > GET / HTTP/1.1 > Host: www.cygwin.com > User-Agent: curl/7.52.1 > Accept: */* > * STATE: DO => DO_DONE handle 0x6000579c0; line 1680 (connection #0) * STATE: DO_DONE => WAITPERFORM handle 0x6000579c0; line 1807 (connection #0) * STATE: WAITPERFORM => PERFORM handle 0x6000579c0; line 1817 (connection #0) { [5 bytes data] * HTTP 1.1 or later with persistent connection, pipelining supported < HTTP/1.1 403 Forbidden < Date: Sat, 22 Apr 2017 19:39:30 GMT * Server Apache is not blacklisted < Server: Apache < Vary: Accept-Encoding < Content-Length: 382 < Content-Type: text/html; charset=iso-8859-1 < { [5 bytes data] * STATE: PERFORM => DONE handle 0x6000579c0; line 1981 (connection #0) * multi_done * Curl_http_done: called premature == 0 * Connection #0 to host www.cygwin.com left intact --- output from 'openssl s_client -connect www.cygwin.com:443', Windows@69.12.250.40 --- - [input: HEAD / HTTP/1.1\nHost: defender.starwolf.com\n\n] CONNECTED(00000003) depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = cygwin.com verify return:1 --- Certificate chain 0 s:/CN=cygwin.com i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 i:/O=Digital Signature Trust Co./CN=DST Root CA X3 --- Server certificate -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAwwDovAR//+tUdLl4uqOp2efMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xNzAzMDEwMzA0MDBaFw0x NzA1MzAwMzA0MDBaMBUxEzARBgNVBAMTCmN5Z3dpbi5jb20wggEiMA0GCSqGSIb3 DQEBAQUAA4IBDwAwggEKAoIBAQDJCwkeLVu0Da5KV3ZJptJrWGwWEkDJni2arI3D jKuKrNodipFu0YWH973s9KGFvrsEy1i5q/pSA6av+LnGJW2VSdOXFdtKYVadfIjG UMoosTGDaMArrjjDprG6hvX9vbdHHPoK4/+9I+hWtCUMAVtHrkW5oyKTI8XDj/oV FVm7o2WZnBz8LZCMScY1X+nU3Of++MwLJdh76pBDtaPi/4d2mgChegsscZ7AWUW3 UyAoOcvCRUoyKqLtF1T06vauLDXa9rpNrd8yf8VFigOn5dHQUvwpqCbo28j9+5U5 bR8yjVEdamSfyh/BVfK2pjFcYFGg/o5tmKuhxZJR+/G71gSVAgMBAAGjggJDMIIC PzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC MAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFItTa1Nhu2F1NsYVV3FxTjvZPMwbMB8G A1UdIwQYMBaAFKhKamMEfd265tE5t6ZFZe/zqOyhMHAGCCsGAQUFBwEBBGQwYjAv BggrBgEFBQcwAYYjaHR0cDovL29jc3AuaW50LXgzLmxldHNlbmNyeXB0Lm9yZy8w LwYIKwYBBQUHMAKGI2h0dHA6Ly9jZXJ0LmludC14My5sZXRzZW5jcnlwdC5vcmcv ME0GA1UdEQRGMESCCmN5Z3dpbi5jb22CCmN5Z3dpbi5uZXSCCmN5Z3dpbi5vcmeC DmZ0cC5jeWd3aW4uY29tgg53d3cuY3lnd2luLmNvbTCB/gYDVR0gBIH2MIHzMAgG BmeBDAECATCB5gYLKwYBBAGC3xMBAQEwgdYwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j cHMubGV0c2VuY3J5cHQub3JnMIGrBggrBgEFBQcCAjCBngyBm1RoaXMgQ2VydGlm aWNhdGUgbWF5IG9ubHkgYmUgcmVsaWVkIHVwb24gYnkgUmVseWluZyBQYXJ0aWVz IGFuZCBvbmx5IGluIGFjY29yZGFuY2Ugd2l0aCB0aGUgQ2VydGlmaWNhdGUgUG9s aWN5IGZvdW5kIGF0IGh0dHBzOi8vbGV0c2VuY3J5cHQub3JnL3JlcG9zaXRvcnkv MA0GCSqGSIb3DQEBCwUAA4IBAQB1X6TaJfYTWzETbPofnhqS2aF8M1qOSeCr72wN TTJcM2n7DwfRAH6WR1OV9UMAvBYXy0TxbuAlMBbLJmIe09ybvqkDbiixvQxAk8xv 96Ik8Xyyl0cJLubKf8xnO39XQddvXKlhW/X8m3cFoVSf5VkF58HPGMPX60mgoO1c hyg0cBeJsVGDA2RAp+TBPkr4HVTiJsUFDIsU1JIpbMnYqegmGKJD61j6e6FwVxug AIhOV1GIE0XXhHH7dgANEknmKZaLjozhYJoIIokxkTcnzCEavbudpXZ1j9ilg1uz 31NkBdc3FQRfjI0BQMbUWwjEe2ngtVxGaLuSFtQopQiBYfY4 -----END CERTIFICATE----- subject=/CN=cygwin.com issuer=/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3200 bytes and written 434 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-GCM-SHA384 Session-ID: E6B555893E514447A292ADA81A59729C74D28EA6675D26FF9E1FEBA011449206 Session-ID-ctx: Master-Key: 396E35A0B888D9727A8D9A173F4FF55C65939F6000CA67AB2D1924EBCA86DE91DC51ADD014528C75F91257A3AEFAE29E Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 4b d7 3d 66 d5 fa 75 69-5d 05 c8 04 4b 88 56 fe K.=f..ui]...K.V. 0010 - b6 77 b6 37 11 4a df 00-31 4d a1 09 72 d1 1b c5 .w.7.J..1M..r... 0020 - 91 d5 1b f7 29 43 88 57-84 f1 a9 4d 66 a2 f5 56 ....)C.W...Mf..V 0030 - fc 1c 5d 60 57 e0 09 00-ae b5 b1 73 2b 81 29 ae ..]`W......s+.). 0040 - d9 19 32 fd 07 d6 e6 81-20 c8 1b f6 42 b6 d3 85 ..2..... ...B... 0050 - d1 95 61 7f 98 d6 bb d0-fe 4c 07 95 c7 c2 a7 7c ..a......L.....| 0060 - f4 8e db b4 72 e6 50 74-f7 b8 a9 5f b4 73 71 5c ....r.Pt..._.sq\ 0070 - 01 ce 93 1d 22 94 66 f2-21 e5 a7 6f c0 ab 50 96 ....".f.!..o..P. 0080 - a6 11 88 78 8f 33 1a 11-11 1a 01 39 a9 ec 51 08 ...x.3.....9..Q. 0090 - af f1 16 93 6b 42 18 5d-ad ea 25 e6 62 be 77 1a ....kB.]..%.b.w. 00a0 - b0 c0 35 0f d9 c2 f2 0b-21 72 2a 3d d0 df 66 07 ..5.....!r*=..f. 00b0 - c5 03 19 70 a5 a7 19 2e-ac 4f b7 42 79 51 80 82 ...p.....O.ByQ.. Start Time: 1492891391 Timeout : 300 (sec) Verify return code: 0 (ok) --- HEAD / HTTP/1.1 Host: defender.starwolf.com HTTP/1.1 403 Forbidden Date: Sat, 22 Apr 2017 20:03:15 GMT Server: Apache Vary: Accept-Encoding Content-Type: text/html; charset=iso-8859-1 DONE