They blanket blocked connections to port 443 for an hour. There was no protocol sniffing.