This same setup works with sslsplit but not with sslproxy

[amiq96]

• Output of sslproxy -V

SSLproxy v0.9.4-17-g0e8e2c3-dirty (built 2024-01-31)
Copyright (c) 2017-2022, Soner Tari <[email protected]>
https://github.com/sonertari/SSLproxy
Copyright (c) 2009-2019, Daniel Roethlisberger <[email protected]>
https://www.roe.ch/SSLsplit
Build info: V:GIT
Features: -DHAVE_NETFILTER
NAT engines: netfilter* tproxy
netfilter: IP_TRANSPARENT IP6T_SO_ORIGINAL_DST
Local process info support: no
compiled against OpenSSL 1.1.1n  15 Mar 2022 (101010ef)
rtlinked against OpenSSL 1.1.1n  15 Mar 2022 (101010ef)
OpenSSL has support for TLS extensions
TLS Server Name Indication (SNI) supported
OpenSSL is thread-safe with THREADID
OpenSSL has engine support
Using SSL_MODE_RELEASE_BUFFERS
SSL/TLS protocol availability: tls10 tls11 tls12 tls13 
SSL/TLS algorithm availability: !SHA0 RSA DSA ECDSA DH ECDH EC
OpenSSL option availability: SSL_OP_NO_COMPRESSION SSL_OP_NO_TICKET SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION SSL_OP_TLS_ROLLBACK_BUG
compiled against libevent 2.1.12-stable
rtlinked against libevent 2.1.12-stable
compiled against libnet 1.1.6
rtlinked against libnet 1.1.6
compiled against libpcap n/a
rtlinked against libpcap 1.10.0 (with TPACKET_V3)
compiled against sqlite 3.34.1
rtlinked against sqlite 3.34.1
4 CPU cores detected

• Output of uname -a

Linux debian 5.10.158 #5 SMP Tue Jan 3 20:42:05 IST 2023 x86_64 GNU/Linux

• Exact command line arguments used to run sslproxy

./src/sslproxy -D -p /var/run/sslproxy.pid  -j /tmp/sslproxy -k /etc/ssl-certs/private/default-ca.key -c /etc/ssl-certs/cadir/default-ca.crt https 0.0.0.0 18443 http 0.0.0.0 18442 -e tproxy

• Relevant part of debug mode (-D) output, if applicable

SNI peek: [github.com] [complete], fd=42
Connecting to [20.207.73.82]:443
Client-side BEV_EVENT_ERROR
Error from bufferevent: 0:- 337047686:134:certificate verify failed:20:SSL routines:367:tls_process_server_certificate
Additional SSL error: 1:1:-:0:-:0:-
SSL_free() in state 00000004 = 0004 = SSLERR (error) [connect socket]
SNI peek: [github.com] [complete], fd=42
Connecting to [20.207.73.82]:443
Client-side BEV_EVENT_ERROR
Error from bufferevent: 0:- 337047686:134:certificate verify failed:20:SSL routines:367:tls_process_server_certificate
Additional SSL error: 1:1:-:0:-:0:-
SSL_free() in state 00000004 = 0004 = SSLERR (error) [connect socket]
SNI peek: [github.com] [complete], fd=42
Connecting to [20.207.73.82]:443
Client-side BEV_EVENT_ERROR
Error from bufferevent: 0:- 337047686:134:certificate verify failed:20:SSL routines:367:tls_process_server_certificate
Additional SSL error: 1:1:-:0:-:0:-
SSL_free() in state 00000004 = 0004 = SSLERR (error) [connect socket]
SNI peek: [github.com] [complete], fd=42
Connecting to [20.207.73.82]:443

• List of failing unit tests in make test output

./sslproxy.test
Running suite(s): 
 main
 opts
Cannot resolve address '::1' port '10443': Name or service not known
Cannot resolve address '::1' port '10443': Name or service not known
Cannot resolve address '::1' port '10443': Name or service not known
 filter
 filter_struct
 dynbuf
 logbuf
 cert
 cachemgr
 cachefkcrt
 cachetgcrt
 cachedsess
 cachessesa
 ssl
 sys
 base64
 url
 util
 pxythrmgr
 defaults
 proto
98%: Checks: 212, Failures: 3, Errors: 0
opts.t.c:184:F:proxyspec_parse:proxyspec_parse_02:0: not IPv6 listen addr
opts.t.c:409:F:proxyspec_parse:proxyspec_parse_09:0: not IPv6 listen addr
opts.t.c:450:F:proxyspec_parse:proxyspec_parse_10:0: not IPv6 listen addr
make[2]: *** [GNUmakefile:42: test] Error 1
make[2]: Leaving directory '/home/mett/SSLproxy/tests/check'
make[1]: *** [GNUmakefile:17: unittest] Error 2
make[1]: Leaving directory '/home/mett/SSLproxy'
make: *** [GNUmakefile:13: test] Error 2

[sonertari]

Can you make sure your test machine SSLproxy is running on has Internet connection, that SSLproxy can resolve names during tests, and report back please?

[amiq96]

Can you make sure your test machine SSLproxy is running on has Internet connection

Yes, ping is working

that SSLproxy can resolve names during tests, and report back please?

From the debug output above, I think SSLproxy can resolve names

SNI peek: [github.com] [complete], fd=42
Connecting to [20.207.73.82]:443

I am not entirely sure if it can resolve them during tests. But if it couldn't, the tests would have failed, right?
I have included the make test output in the post

[sonertari]

My current theory is that your machine does not have IPv6, for some reason. Can you check if it has an IPv6 address please? (I have never run those tests without IPv6, I can try, but it will take some time.)

Otherwise, I have run the unit tests, make unittest, with the same git version as you have, and all tests pass successfully. Btw, looking at the number of checks, 212, you seem to run the tests as sudo or root.

Also, I think the errors in the debug output you have posted are usually caused if you don't install on your browser (or whatever program you use) the CA cert you pass to SSLproxy.

[amiq96]

I think the errors in the debug output you have posted are usually caused if you don't install on your browser (or whatever program you use) the CA cert you pass to SSLproxy.

I pass these same certificates to sslsplit, and it runs fine.

Can you check if it has an IPv6 address please?

No, there is no ipv6 address. Is that necessary? Should I assign to the interface any local ipv6 address?
Yes, I am running it as root for now.

[sonertari]

I pass these same certificates to sslsplit, and it runs fine.

OK, I think those errors are due to cert verification, not CA cert. SSLproxy verifies certificates by default, but sslsplit does not. That explains the difference. You can disable cert verification by the VerifyPeer option, for example by passing -o VerifyPeer=no to SSLproxy.

No, there is no ipv6 address. Is that necessary? Should I assign to the interface any local ipv6 address?

I think that's why the unit tests fail. Can you enable IPv6 and try again please? (I don't think there is any issue on your setup, you can skip those tests if you want, but please report back if IPv6 fixes the failing tests.)

Yes, I am running it as root for now.

That's fine, two extra tests are enabled if run as root user.

[amiq96]

You can disable cert verification by the VerifyPeer option, for example by passing -o VerifyPeer=no to SSLproxy.

I am getting PR_CONNECT_RESET_ERROR in firefox while using sslproxy. With sslsplit, firefox gives no such error

[amiq96]

Can you enable IPv6 and try again please?

Yes, I assigned an IPv6 address, and no failures now. Although running make test gives:

./sslproxy.test
Running suite(s): 
 main
 opts
 filter
 filter_struct
 dynbuf
 logbuf
 cert
 cachemgr
 cachefkcrt
 cachetgcrt
 cachedsess
 cachessess
 ssl
 sys
 base64
 url
 util
 pxythrmgr
 defaults
 proto
100%: Checks: 212, Failures: 0, Errors: 0
make[2]: Leaving directory '/home/mett/SSLproxy/tests/check'
make[1]: Leaving directory '/home/mett/SSLproxy'
make e2etest
make[1]: Entering directory '/home/mett/SSLproxy'
make -C src
make[2]: Entering directory '/home/mett/SSLproxy/src'
------------------------------------------------------------------------------
SSLproxy v0.9.4-17-g0e8e2c3-dirty
------------------------------------------------------------------------------
Report bugs at https://github.com/sonertari/SSLproxy/issues/new
Please supply this header for diagnostics when reporting build issues
Before reporting bugs, make sure to try the latest develop branch first:
% git clone -b develop https://github.com/sonertari/SSLproxy.git
------------------------------------------------------------------------------
Via pkg-config: openssl libevent libevent_openssl libevent_pthreads libpcap sqlite3 check
LIBNET_BASE:    /usr
Build options:  -DHAVE_NETFILTER
Build info:     V:GIT
uname -a:       Linux debian 5.10.158 #5 SMP Tue Jan 3 20:42:05 IST 2023 x86_64 GNU/Linux
------------------------------------------------------------------------------
cc -c -isystem/usr/include  -D_GNU_SOURCE -D"PKGLABEL=\"SSLproxy\"" -DHAVE_NETFILTER -D"BUILD_PKGNAME=\"sslproxy\"" -D"BUILD_VERSION=\"v0.9.4-17-g0e8e2c3-dirty\"" -D"BUILD_DATE=\"2024-02-08\"" -D"BUILD_INFO=\"V:GIT\"" -D"BUILD_FEATURES=\"-DHAVE_NETFILTER\"" -g -pthread -std=c99 -Wall -Wextra -pedantic -D_FORTIFY_SOURCE=2 -fstack-protector-all -pthread -O2 -o build.o build.c
cc -L/usr/lib  -pthread -o sslproxy base64.o build.o cache.o cachedsess.o cachefkcrt.o cachemgr.o cachessess.o cachetgcrt.o cert.o dynbuf.o filter.o logbuf.o log.o logger.o logpkt.o main.o nat.o opts.o privsep.o proc.o protoautossl.o protohttp.o protopassthrough.o protopop3.o protosmtp.o protossl.o prototcp.o proxy.o pxyconn.o pxythr.o pxythrmgr.o ssl.o sys.o thrqueue.o url.o util.o -lnet -lssl -lcrypto -levent_openssl -levent_pthreads -levent -lpcap -lsqlite3
make[2]: Leaving directory '/home/mett/SSLproxy/src'
make -C tests/testproxy
make[2]: Entering directory '/home/mett/SSLproxy/tests/testproxy'
/bin/sh: 1: /root/.cargo/bin/testproxy: not found
/bin/sh: 1: /root/.cargo/bin/testproxy: not found
GNUmakefile:6: *** Use Testproxy v0.0.5 with this version of SSLproxy, found .  Stop.
make[2]: Leaving directory '/home/mett/SSLproxy/tests/testproxy'
make[1]: *** [GNUmakefile:20: e2etest] Error 2
make[1]: Leaving directory '/home/mett/SSLproxy'
make: *** [GNUmakefile:14: test] Error 2

[sonertari]

I need debug logs for PR_CONNECT_RESET_ERROR, -D4 would be better, but you should rebuild with DEBUG_PROXY for that, and perhaps with other switches, see main.mk.

You need testproxy for e2e tests. If you don't want the e2e tests, just run make unittest instead.

[amiq96]

DEBUG_PROXY feature enabled. Running with -D4 gave:
Lines like: protossl_conn_connect: 1495L are some print statements I added while reading code

Starting main event loop.
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.0 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.0 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.0 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.0 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.0 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50108
[FINEST] [0.0 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [52.94.236.248]:443
[FINEST] [0.0 fd=42 cfd=0] protossl_conn_connect: ENTER
[FINEST] [0.0 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.0 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.0 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: MISS
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.0 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.0 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.0 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.0 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.0 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.0 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.0 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.0 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.0 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.1 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.1 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.1 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.1 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.1 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50598
[FINEST] [0.1 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [205.251.242.103]:443
[FINEST] [0.1 fd=42 cfd=0] protossl_conn_connect: ENTER
[FINEST] [0.1 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.1 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.1 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.1 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.1 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.1 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.1 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.1 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.1 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.1 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.1 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.1 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.2 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.2 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.2 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.2 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.2 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50450
[FINEST] [0.2 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [52.94.236.248]:443
[FINEST] [0.2 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.2 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.2 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.2 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.2 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.2 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.2 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.2 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.2 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.2 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.2 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.2 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.2 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.3 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.3 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.3 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.3 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.3 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50342
[FINEST] [0.3 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [54.239.28.85]:443
[FINEST] [0.3 fd=42 cfd=0] protossl_conn_connect: ENTER
[FINEST] [0.3 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.3 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.3 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.3 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.3 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.3 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.3 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.3 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.3 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.3 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.3 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.3 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.4 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.4 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.4 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.4 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.4 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:57910
[FINEST] [0.4 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [205.251.242.103]:443
[FINEST] [0.4 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.4 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.4 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.4 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.4 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.4 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.4 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.4 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.4 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.4 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.4 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.4 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.4 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.5 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.5 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.5 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.5 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.5 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50466
[FINEST] [0.5 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [52.94.236.248]:443
[FINEST] [0.5 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.5 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.5 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.5 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.5 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.5 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.5 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.5 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.5 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.5 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.5 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.5 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.5 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.6 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.6 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.6 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.6 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.6 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50352
[FINEST] [0.6 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [54.239.28.85]:443
[FINEST] [0.6 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.6 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.6 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.6 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.6 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.6 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.6 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.6 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.6 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.6 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.6 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.6 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.6 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.7 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.7 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.7 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.7 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.7 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:57916
[FINEST] [0.7 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [205.251.242.103]:443
[FINEST] [0.7 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.7 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.7 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.7 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.7 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.7 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.7 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.7 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.7 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.7 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.7 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.7 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.7 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.8 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.8 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.8 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.8 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.8 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50482
[FINEST] [0.8 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [52.94.236.248]:443
[FINEST] [0.8 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.8 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.8 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.8 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.8 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.8 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.8 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.8 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.8 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.8 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.8 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.8 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.8 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] proxy_listener_acceptcb: ENTER, fd=42
[FINEST] proxy_conn_ctx_new: ENTER, fd=42
[FINEST] [0.9 fd=42 cfd=0] proxy_conn_ctx_new: Created new conn
[FINEST] [0.9 fd=42 cfd=0] pxy_thrmgr_assign_thr: ENTER
[FINEST] [0.9 fd=42 cfd=0] protossl_init_conn: ENTER
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_init: ENTER
[FINEST] [0.9 fd=42 cfd=0] pxy_thr_attach: Adding conn
[FINER] [0.9 fd=42 cfd=0] check_fd_usage: descriptor_table_size=640000, dtablecount=0, reserve=10
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_init: srcaddr= [172.17.16.42]:50366
[FINEST] [0.9 fd=42 cfd=0] protossl_fd_readcb: ENTER
SNI peek: [amazon.com] [complete], fd=42
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_connect: ENTER
Connecting to [54.239.28.85]:443
[FINEST] [0.9 fd=42 cfd=0] protossl_conn_connect: ENTER
Attempt reuse dst SSL session
[FINEST] [0.9 fd=42 cfd=0] protossl_bufferevent_setup: ENTER, fd=-1
[FINEST] [0.9 fd=42 cfd=0] protossl_bufferevent_setup: bufferevent_openssl_set_allow_dirty_shutdown, fd=-1
protossl_conn_connect: 1495L
[FINEST] [0.9 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: ENTER
===> Original server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: E6:0B:E0:59:BC:69:08:68:66:C764:50:86:27:B1:1F:B1:86:BA:62
Certificate cache: HIT
===> Forged server certificate:
Subject DN: /CN=*.peg.a2z.com
Common Names: *.peg.a2z.com/amazon.co.uk/uedata.amazon.co.uk/www.amazon.co.uk/origin-www.amazon.co.uk/*.peg.a2z.com/amazon.com/amzn.com/uedata.amazon.com/us.amazon.com/www.amazon.com/www.amzn.com/corporate.amazon.com/buybox.amazon.com/iphone.amazon.com/yp.amazon.com/home.amazon.com/origin-www.amazon.com/origin2-www.amazon.com/buckeye-retail-website.amazon.com/huddles.amazon.com/amazon.de/www.amazon.de/origin-www.amazon.de/amazon.co.jp/amazon.jp/www.amazon.jp/www.amazon.co.jp/origin-www.amazon.co.jp/*.aa.peg.a2z.com/*.ab.peg.a2z.com/*.ac.peg.a2z.com/origin-www.amazon.com.au/www.amazon.com.au/*.bz.peg.a2z.com/amazon.com.au/origin2-www.amazon.co.jp/edgeflow.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow.aero.04f01a85e-frontier.amazon.com.au/edgeflow.aero.47cf2c8c9-frontier.amazon.com/edgeflow.aero.abe2c2f23-frontier.amazon.de/edgeflow.aero.bfbdc3ca1-frontier.amazon.co.uk/edgeflow-dp.aero.4d5ad1d2b-frontier.amazon.co.jp/edgeflow-dp.aero.04f01a85e-frontier.amazon.com.au/edgeflow-dp.aero.47cf2c8c9-frontier.amazon.com
Fingerprint: 6E:CF:53:1B:57:FC:8E:3C:C5:8F1A:F5:E8:59:3C:4B:F7:21:1C:0A
[FINEST] [0.9 fd=42 cfd=0] prototcp_bufferevent_setup: ENTER, fd=-1
protossl_bev_eventcb_connected_srvdst: 1693L
[FINE] [0.9 fd=42 cfd=0] protossl_bev_eventcb_connected_srvdst: FAILED bufferevent_socket_connect for divert addr
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_term: ENTER
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_free: ENTER
[FINE] [0.9 fd=42 cfd=0] pxy_conn_free: evutil_closesocket on NULL src.bev
[FINER] [0.9 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: in=0, out=0, fd=43
SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.9 fd=42 cfd=0] protossl_bufferevent_free_and_close_fd: fd=43, SSL_free() in state 00000001 = 0001 = SSLOK  (SSL negotiation finished successfully) [connect socket]
[FINER] [0.9 fd=42 cfd=0] prototcp_bufferevent_free_and_close_fd: in=0, out=0, fd=-1
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_free_children: ENTER
[FINEST] [0.9 fd=42 cfd=0] pxy_conn_ctx_free: ENTER
[FINEST] [0.9 fd=42 cfd=0] pxy_thr_detach: Removing conn
[FINEST] [0.9 fd=42 cfd=0] pxy_thr_detach: Cannot find conn in thr conns, empty
[FINEST] pxy_thr_timer_cb: thr=1, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=5, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=2, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=6, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=7, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=4, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=3, load=0, to=0
[FINEST] pxy_thr_timer_cb: thr=0, load=0, to=0
^CReceived signal 2
Main event loop stopped (reason=2).
[FINEST] main: EXIT closing privsep clisock=9
Received privsep req type 00 sz 1 on srvsock 8
Child pid 99413 exited with status 0

[sonertari]

You did not provide the command line you start sslproxy with, but looking at the debug logs I think you did not pass the -n option to sslproxy. If you want sslsplit-like behavior, you need -n. If not, you need a listening program. The default behavior is Divert. (In the logs, sslproxy is trying to divert packets to a listening program, but you don't have a listening program running there.)