Один человек(теле2, московский ip)прислал такое:
:~$ curl -i ‘https://dns.google/resolve?name=yandex.ru&type=a&do=1’
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to dns.google:443
Но при этом с подменой sni (видно, что сервер присылает сертификат)
curl --connect-to tspu.goodday:443:dns.google:443 https://tspu.goodday
curl: (60) SSL: no alternative certificate subject name matches target host name ‘tspu.goodday’
More details here: curl - SSL CA Certificates
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.