Thank you all for taking the time to test this on your connections and for sharing the traceroutes, packet captures and RIPE Atlas measurements.
Since it works for other Swisscom customers (including XGSPON) and also works immediately via Sunrise mobile on my side, we can now clearly narrow it down:
- It does not appear to be a general Swisscom routing or peering issue.
- It is reproducible only from my specific fixed-line connection.
- My previous tests show that all lower layers (DNS, ICMP, traceroute, MTU, TCP handshake) look clean.
- The failure occurs during TLS/application phase.
Given this, the most plausible remaining explanation seems to be something specific to my current public IPv4 (e.g. filtering/rate limiting on the CDN/WAF side).
As possible next steps I could try to obtain a new public IP (router reconnect) and re-test. And if the issue persists, contact the website operator to check whether my IP range is being blocked upstream.
If I learn anything conclusive, I’ll report back here.
Thanks again for helping narrow this down.
