NOTE: I had to replace dots from domain names with underscore (_) characters, otherwise your forum software complains about more than two links for new users.

“download_sublimetext_com” is inaccessible for me, any HTTPS connection is timed out.
But when I connect through Tor network it appears to be working.
So, does “download_sublimetext_com” block certain IP addresses? By country IPs, or by location perhaps?
I’m trying to use SublimeHQ repository to download and install Sublime Text on Debian 13.

Clear Internet:
$ ping download_sublimetext_com
PING download_sublimetext_com (159.203.66.81) 56(84) bytes of data.
64 bytes from 159.203.66.81: icmp_seq=1 ttl=49 time=155 ms
64 bytes from 159.203.66.81: icmp_seq=2 ttl=49 time=155 ms
64 bytes from 159.203.66.81: icmp_seq=3 ttl=49 time=155 ms
64 bytes from 159.203.66.81: icmp_seq=4 ttl=49 time=155 ms
^C
— download_sublimetext_com ping statistics —
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 154.572/154.683/154.802/0.100 ms

$ openssl s_client -showcerts -status -state -connect download_sublimetext_com:443
Connecting to 159.203.66.81
CONNECTED(00000003)  
SSL_connect:before SSL
initialization
SSL_connect:SSLv3/TLS write client hello
*<----- It freezes here*
^C

Through Tor proxy:
$ openssl s_client -proxy myproxyhost:81 -showcerts -status -state -connect download_sublimetext_com:443
Connecting to myproxyhost
CONNECTED(00000003)
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS read server hello
SSL_connect:TLSv1.3 read encrypted extensions
depth=2 C=US, O=Internet Security Research Group, CN=ISRG Root X1
verify return:1
depth=1 C=US, O=Let’s Encrypt, CN=E8
verify return:1
depth=0 CN=download_sublimetext_com
verify return:1
SSL_connect:SSLv3/TLS read server certificate
SSL_connect:TLSv1.3 read server certificate verify
OCSP response: no response sent
SSL_connect:SSLv3/TLS read finished
SSL_connect:SSLv3/TLS write change cipher spec
SSL_connect:SSLv3/TLS write finished
—
Certificate chain
0 s:CN=download_sublimetext_com
i:C=US, O=Let’s Encrypt, CN=E8
a:PKEY: EC, (prime256v1); sigalg: ecdsa-with-SHA384
v:NotBefore: Jan 2 05:15:29 2026 GMT; NotAfter: Apr 2 05:15:28 2026 GMT
-----BEGIN CERTIFICATE-----
<— long output of certificates and the rest informational messages
^C

From your s_client logs it looks like you’re connecting fine but the SSL handshake freezes, so this couldn’t be caused by any IP blocking. Are you able to visit https://download.sublimetext.com/sublimehq-pub.gpg with a different device on your network?

You can’t be sure nowadays. With all the “security measures” against so called “bots” that people implementing, there could be some IDS/IPS and NGFW systems that go haywire, or misconfigured.

Interesting. I was able to visit that link from my PC and from my smartphone around hour ago, “apt update” worked flawlessly, but now I can’t connect again.
The symptoms are the same as before.

I’m asking if you block anything, because otherwise it is possible that my ISP

is enforcing some dubious filters, in the similar fashion as they do to block YouTube and Telegram among many others.
Often it is not a simple drop or rejection of a connection, but a tcp connection interference and disruption.
They hate anything that uses TLS 1.3 with ECH, or Encrypted SNI in particular.

Maybe IP 159.203.66.81 belongs to some CDN or hosting service and the IP ranges of those services were blacklisted in the past.