"bad record mac" with SSL connection to Cloudflare on Arch Linux

I have a simple Erlang program trying to do HTTPS GET. However, it does not work with "bad record mac" when it ApiUrl

points to a domain proxied by the cloud veil.

#!/usr/bin/env escript
main([]) -> 
    inets:start(), 
    ssl:start(),
    ApiUrl = "https://remexre.xyz/",
    io:format("ApiUrl = ~p~n", [ApiUrl]),
    Request = {ApiUrl, []},
    SslOpts = [{verify, verify_none}],
    Opts = [{body_format, binary}],
    {ok, {{_, 200, _}, _, Body}} = httpc:request(get, Request, [{ssl, SslOpts}], Opts),
    io:format("~p~n", [Body]).

      

        
        
        
      

    

However, it does work with non-Cloudflare HTTPS domains including example.com and this site.

I checked the tls stream with Wireshark and it seems that the remote (so cloudflare) is sending a "bad mac entry" to the client.

EDIT . This happens on Arch Linux (multiple computers), but not on another Ubuntu computer.

EDIT 2 : Here's a wire dump.

EDIT 3 : I have included: Erlang/OTP 20 [erts-9.0.1] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:10] [hipe] [kernel-poll:false]

which is from the 20.0.1-2

package version erlang

in Arch.