Prefixes seem to really help.
Using POST%20
, almost all connections succeeded. Tele2 was completely successful. Megafon had only one HTTP timeout with DigitalOcean 443. On MTS, HTTP and HTTPS timed out with DigitalOcean 443. On Bee Line HTTP and HTTP timed out on Hetzner.
This reinforces that the blocking is based on random-looking traffic.
Results, sorted by ISP, server network and port:
socks_port client_isp url server_net port exit_code ok output
33333 MTS PJSC http://ipinfo.io/org Digital Ocean 443 28 ❌ curl: (28) Operation timed out after 10006 milliseconds with 0 bytes received
33333 MTS PJSC https://ipinfo.io/org Digital Ocean 443 28 ❌ curl: (28) Connection timed out after 10005 milliseconds
33333 MTS PJSC http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33333 MTS PJSC https://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33333 MTS PJSC http://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33333 MTS PJSC https://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33333 MTS PJSC http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33333 MTS PJSC https://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33334 PJSC MegaFon http://ipinfo.io/org Digital Ocean 443 28 ❌ curl: (28) Operation timed out after 10003 milliseconds with 0 bytes received
33334 PJSC MegaFon https://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33334 PJSC MegaFon http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33334 PJSC MegaFon https://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33334 PJSC MegaFon http://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33334 PJSC MegaFon https://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33334 PJSC MegaFon http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33334 PJSC MegaFon https://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33335 Tele2 Russia http://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33335 Tele2 Russia https://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33335 Tele2 Russia http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33335 Tele2 Russia https://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33335 Tele2 Russia http://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33335 Tele2 Russia https://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33335 Tele2 Russia http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33335 Tele2 Russia https://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33336 Bee Line Cable http://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable https://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable https://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable http://ipinfo.io/org Hetzner Online 58987 28 ❌ curl: (28) Operation timed out after 10003 milliseconds with 0 bytes received
33336 Bee Line Cable https://ipinfo.io/org Hetzner Online 58987 28 ❌ curl: (28) Connection timed out after 10003 milliseconds
33336 Bee Line Cable http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33336 Bee Line Cable https://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
I got the exact same results when using a TLS prefix that looks like a fragmented record ( %16%03%01%00%C2%A8%01%01
).
When using the DNS over TCP prefix (%05%C3%9C_%C3%A0%01%20
), the results were worse, but still better than no prefix. It seems it triggered the HTTPS blocking in some cases, but not all cases. This can help figure out the detection rules.
Results:
socks_port client_isp url server_net port exit_code ok output
33333 MTS PJSC http://ipinfo.io/org Digital Ocean 443 28 ❌ curl: (28) Operation timed out after 10005 milliseconds with 0 bytes received
33333 MTS PJSC https://ipinfo.io/org Digital Ocean 443 28 ❌ curl: (28) Connection timed out after 10004 milliseconds
33333 MTS PJSC http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33333 MTS PJSC https://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33333 MTS PJSC http://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33333 MTS PJSC https://ipinfo.io/org Hetzner Online 58987 56 ❌ curl: (56) Failure when receiving data from the peer
33333 MTS PJSC http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33333 MTS PJSC https://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33334 PJSC MegaFon http://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33334 PJSC MegaFon https://ipinfo.io/org Digital Ocean 443 56 ❌ curl: (56) Failure when receiving data from the peer
33334 PJSC MegaFon http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33334 PJSC MegaFon https://ipinfo.io/org Digital Ocean 5555 56 ❌ curl: (56) Recv failure: Connection reset by peer
33334 PJSC MegaFon http://ipinfo.io/org Hetzner Online 58987 52 ❌ curl: (52) Empty reply from server
33334 PJSC MegaFon https://ipinfo.io/org Hetzner Online 58987 35 ❌ curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to ipinfo.io:443
33334 PJSC MegaFon http://ipinfo.io/org Vultr 20888 52 ❌ curl: (52) Empty reply from server
33334 PJSC MegaFon https://ipinfo.io/org Vultr 20888 35 ❌ curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to ipinfo.io:443
33335 Tele2 Russia http://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33335 Tele2 Russia https://ipinfo.io/org Digital Ocean 443 56 ❌ curl: (56) Failure when receiving data from the peer
33335 Tele2 Russia http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33335 Tele2 Russia https://ipinfo.io/org Digital Ocean 5555 56 ❌ curl: (56) Failure when receiving data from the peer
33335 Tele2 Russia http://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33335 Tele2 Russia https://ipinfo.io/org Hetzner Online 58987 0 ✅ AS24940 Hetzner Online GmbH
33335 Tele2 Russia http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33335 Tele2 Russia https://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33336 Bee Line Cable http://ipinfo.io/org Digital Ocean 443 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable https://ipinfo.io/org Digital Ocean 443 56 ❌ curl: (56) Failure when receiving data from the peer
33336 Bee Line Cable http://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable https://ipinfo.io/org Digital Ocean 5555 0 ✅ AS14061 DigitalOcean, LLC
33336 Bee Line Cable http://ipinfo.io/org Hetzner Online 58987 28 ❌ curl: (28) Operation timed out after 10001 milliseconds with 0 bytes received
33336 Bee Line Cable https://ipinfo.io/org Hetzner Online 58987 28 ❌ curl: (28) Connection timed out after 10002 milliseconds
33336 Bee Line Cable http://ipinfo.io/org Vultr 20888 0 ✅ AS20473 The Constant Company, LLC
33336 Bee Line Cable https://ipinfo.io/org Vultr 20888 56 ❌ curl: (56) Failure when receiving data from the peer