How is it possible to receive different SSL certificates while accessing the same resource using different ISPs?

How is it possible to receive different SSL certificates while accessing the same resource using different ISPs?

I'm accessing the same resource (gmail favicon.ico) with Chrome browser. I'm making the requests using two different ISPs. For requests from one ISP, I get an invalid SSL certificate (apache house test certificate). Requests from the other ISP work OK and I get the valid SSL certificate.

How is this possible? Who is sending the Apache House Test Certificate if not the ssl.gstatic.com server?

I've attached two screenshots. Click on the links below to see them.

Invalid SSL certificate, it's the Apache House Test Certificate, while I'm using ISP#1

Valid Google certificate, while I'm using ISP#2

Thank you,

答案1

Yes, it is possible if they are proxying HTTPs traffic. In this case, you will receive the proxy server certificate instead of the original website certificate.

相关内容