thanks Sid! and sorry for the late reply (for some reason i didnt get the notification of ur reply)
i dont know if i triggered something on cloudflare or on TBP directly, but as of today, i'm still blocked :( here is a curl session showing the problem i have (on another machine, which a different ip address, i can connect just fine):
Code:
$ curl --trace-ascii "%" https://thepiratebay.org
== Info: Rebuilt URL to: https://thepiratebay.org/
== Info: Trying 2400:cb00:2048:1::681b:d91c...
== Info: TCP_NODELAY set
== Info: Connected to thepiratebay.org (2400:cb00:2048:1::681b:d91c) port 443 (#0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
== Info: successfully set certificate verify locations:
== Info: CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
== Info: TLSv1.2 (OUT), TLS header, Certificate Status (22):
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: .......p..S.0../.}.Y1QB....H..............0.,.(.$.............k.
0040: j.i.h.9.8.7.6.........2...*.&.......=.5.../.+.'.#.............g.
0080: @.?.>.3.2.1.0.........E.D.C.B.1.-.).%.......<./...A.....G.......
00c0: ..thepiratebay.org........................................... ..
0100: ...................................3t.........h2.http/1.1.......
0140: ................................................................
0180: ................................................................
01c0: ................................................................
<= Recv SSL data, 5 bytes (0x5)
0000: ....d
== Info: TLSv1.2 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 100 bytes (0x64)
0000: ...`..Yf.2^r.8R..."...".j9.|r.......{. .e.."cF....a.o.d.........
0040: N..2g.b.+...................h2......
<= Recv SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 2957 bytes (0xb8d)
0000: ..........0...0..........<..d.V~....-...g0...*.H.=...0..1.0...U.
0040: ...GB1.0...U....Greater Manchester1.0...U....Salford1.0...U....C
0080: OMODO CA Limited1806..U.../COMODO ECC Domain Validation Secure S
00c0: erver CA 20...170323000000Z..180323235959Z0l1!0...U....Domain Co
0100: ntrol Validated1!0...U....PositiveSSL Multi-Domain1$0"..U....ssl
0140: 778319.cloudflaressl.com0Y0...*.H.=....*.H.=....B......c.h......
0180: j.....C..3.."l.......c..?U.[.....W..j.QA..vQ..=.<.A....0...0...U
01c0: .#..0...@.ag...qO...,o..+v=.0...U.........k...3..'...;.M_:.0...U
0200: ...........0...U.......0.0...U.%..0...+.........+.......0O..U. .
0240: H0F0:..+.....1....0+0)..+.........https://secure.comodo.com/CPS0
0280: ...g.....0V..U...O0M0K.I.G.Ehttp://crl.comodoca4.com/COMODOECCDo
02c0: mainValidationSecureServerCA2.crl0....+........|0z0Q..+.....0..E
0300: http://crt.comodoca4.com/COMODOECCDomainValidationSecureServerCA
0340: 2.crt0%..+.....0...http://ocsp.comodoca4.com0L..U...E0C..ssl7783
0380: 19.cloudflaressl.com..*.thepiratebay.org..thepiratebay.org0...*.
03c0: H.=....H.0E. H..uy....h.....X..J...SL....-'"R.!...E.g....g..;..1
0400: ...*.O....k..b.....0...0..%.......[%.i..&Uf.9...T.0...*.H.=...0.
0440: .1.0...U....GB1.0...U....Greater Manchester1.0...U....Salford1.0
0480: ...U....COMODO CA Limited1+0)..U..."COMODO ECC Certification Aut
04c0: hority0...140925000000Z..290924235959Z0..1.0...U....GB1.0...U...
0500: .Greater Manchester1.0...U....Salford1.0...U....COMODO CA Limite
0540: d1806..U.../COMODO ECC Domain Validation Secure Server CA 20Y0..
0580: .*.H.=....*.H.=....B...8..:.i.pY.....0.....y.:%,kA!....>J.3...*C
05c0: ...d...%P.$..I8.%G.H.....f0..b0...U.#..0...uq..H.....AG...Hw..y0
0600: ...U......@.ag...qO...,o..+v=.0...U...........0...U.......0.....
0640: ..0...U.%..0...+.........+.......0...U. ..0.0...U. .0...g.....0L
0680: ..U...E0C0A.?.=.;http://crl.comodoca.com/COMODOECCCertificationA
06c0: uthority.crl0r..+........f0d0;..+.....0../http://crt.comodoca.co
0700: m/COMODOECCAddTrustCA.crt0%..+.....0...http://ocsp.comodoca4.com
0740: 0...*.H.=....h.0e.1..hG%..O.V..7..ZP....a.(...2..q....o.z fk....
0780: C.Ro.0..|..f....E..J0a.I.o..-....j|...0%Y..p4.4.....R...0...0..
07c0: ........CR.?..........DN0...*.H........0o1.0...U....SE1.0...U...
0800: .AddTrust AB1&0$..U....AddTrust External TTP Network1"0 ..U....A
0840: ddTrust External CA Root0...000530104838Z..200530104838Z0..1.0..
0880: .U....GB1.0...U....Greater Manchester1.0...U....Salford1.0...U..
08c0: ..COMODO CA Limited1+0)..U..."COMODO ECC Certification Authority
0900: 0v0...*.H.=....+...".b...G{/u.....u.....b..>R...A....$<....=...
0940: ...u...w.*..`K6..#...q.J.(P....n?l//.Y[.[.3...=..j,........0..0.
0980: ..U.#..0......z4.&...&T....$.T.0...U......uq..H.....AG...Hw..y0.
09c0: ..U...........0...U.......0....0...U. ..0.0...U. .0I..U...B0@0>.
0a00: <.:.8http://crl.trust-provider.com/AddTrustExternalCARoot.crl0:.
0a40: .+.........0,0*..+.....0...http://ocsp.trust-provider.com0...*.H
0a80: .................@.\.K..U6.X.S.=d....8..!;..[.H..C.!lA..-.s.q..!
0ac0: s~.....X....mv..:. .-}......2...e......x..;R...t.....mh....$..'H
0b00: ....?p.A.sQ7)...z.'.$Q..h....6.........m. .5vsB.........".....Qa
0b40: ..&...uQ..../....?z....hy..........E..|.5.!...fu&*..&.f.....A...
0b80: ..........uj.
<= Recv SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (IN), TLS handshake, Server key exchange (12):
<= Recv SSL data, 148 bytes (0x94)
0000: .......A......?Z..[.C.M.\.Dc..S.e&...j/.r...lG..(x2...$:.5.lCw.E
0040: .B.....}....G0E. . ...\v.{.."...K.G..4........+...!..:.....\ApW'
0080: l..~d5......9..[-X..
<= Recv SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (IN), TLS handshake, Server finished (14):
<= Recv SSL data, 4 bytes (0x4)
0000: ....
=> Send SSL data, 5 bytes (0x5)
0000: ....F
== Info: TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
=> Send SSL data, 70 bytes (0x46)
0000: ...BA....`y.>...~.j..G..'h.%.....r.V..<*.G./.{.........;..-.`..%
0040: o..B..
=> Send SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (OUT), TLS change cipher, Client hello (1):
=> Send SSL data, 1 bytes (0x1)
0000: .
=> Send SSL data, 5 bytes (0x5)
0000: ....(
== Info: TLSv1.2 (OUT), TLS handshake, Finished (20):
=> Send SSL data, 16 bytes (0x10)
0000: .....i...p....l.
<= Recv SSL data, 5 bytes (0x5)
0000: .....
== Info: TLSv1.2 (IN), TLS change cipher, Client hello (1):
<= Recv SSL data, 1 bytes (0x1)
0000: .
<= Recv SSL data, 5 bytes (0x5)
0000: ....(
== Info: TLSv1.2 (IN), TLS handshake, Finished (20):
<= Recv SSL data, 16 bytes (0x10)
0000: ....=...1..XM..&
== Info: SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
== Info: ALPN, server accepted to use h2
== Info: Server certificate:
== Info: subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=ssl778319.cloudflaressl.com
== Info: start date: Mar 23 00:00:00 2017 GMT
== Info: expire date: Mar 23 23:59:59 2018 GMT
== Info: subjectAltName: host "thepiratebay.org" matched cert's "thepiratebay.org"
== Info: issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2
== Info: SSL certificate verify ok.
== Info: Using HTTP2, server supports multi-use
== Info: Connection state changed (HTTP/2 confirmed)
== Info: Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
=> Send SSL data, 5 bytes (0x5)
0000: ....0
=> Send SSL data, 5 bytes (0x5)
0000: ....-
=> Send SSL data, 5 bytes (0x5)
0000: ....%
== Info: Using Stream ID: 1 (easy handle 0x5602c4869c00)
=> Send SSL data, 5 bytes (0x5)
0000: ....A
=> Send header, 80 bytes (0x50)
0000: GET / HTTP/1.1
0010: Host: thepiratebay.org
0028: User-Agent: curl/7.52.1
0041: Accept: */*
004e:
<= Recv SSL data, 5 bytes (0x5)
0000: ....@
== Info: Connection state changed (MAX_CONCURRENT_STREAMS updated)!
=> Send SSL data, 5 bytes (0x5)
0000: ....!
<= Recv SSL data, 5 bytes (0x5)
0000: ....!
<= Recv SSL data, 5 bytes (0x5)
0000: .....
<= Recv header, 13 bytes (0xd)
0000: HTTP/2 403
<= Recv header, 37 bytes (0x25)
0000: date: Wed, 12 Jul 2017 23:22:27 GMT
<= Recv header, 25 bytes (0x19)
0000: content-type: text/html
<= Recv header, 147 bytes (0x93)
0000: set-cookie: __cfduid=d4661e2d5088d5dd6c1859ad8f1b5ea681499901746
0040: ; expires=Thu, 12-Jul-18 23:22:26 GMT; path=/; domain=.thepirate
0080: bay.org; HttpOnly
<= Recv header, 23 bytes (0x17)
0000: vary: Accept-Encoding
<= Recv header, 26 bytes (0x1a)
0000: server: cloudflare-nginx
<= Recv header, 30 bytes (0x1e)
0000: cf-ray: 37d7be9dda6421aa-EWR
<= Recv header, 2 bytes (0x2)
0000:
<= Recv data, 169 bytes (0xa9)
0000: <html>
0008: <head><title>403 Forbidden</title></head>
0033: <body bgcolor="white">
004b: <center><h1>403 Forbidden</h1></center>
0074: <hr><center>nginx/1.11.2</center>
0097: </body>
00a0: </html>
<html>
<head><title>403 Forbidden</title></head>
<body bgcolor="white">
<center><h1>403 Forbidden</h1></center>
<hr><center>nginx/1.11.2</center>
</body>
</html>
<= Recv SSL data, 5 bytes (0x5)
0000: ....!
== Info: Curl_http_done: called premature == 0
== Info: Connection #0 to host thepiratebay.org left intact
do you know of any reason why this is still happening? thanks a lot for your help!