Thank you for the link. My debug level is set to 3. Here is simplified what I'm trying to ask: My perl script is connected to remote https server and doing repeated actions. Response from the server take 1 second. After those messages appears the response from server takes 5 seconds.

It looks like this

- POST to server, server respons in 1 sec
- POST to server,server respons in  1 sec
- POST to server server respons in 1 sec
- debug messages appears
- POST to server server respons in 5 sec 
- POST to server server respons in 5 sec 

Debug messages comes each day in same time. Is this result of Secure Renegotiation or it might be some kind of SSL IDS ?

remote server analyse from ssllabs.com:

Protocol Details
Secure Renegotiation	Supported
Secure Client-Initiated Renegotiation	No
Insecure Client-Initiated Renegotiation	No
BEAST attack	Not mitigated server-side (more info)   SSL 3: 0x39, TLS 1.0: 0x39
POODLE attack	Vulnerable   INSECURE (more info)
Downgrade attack prevention	No, TLS_FALLBACK_SCSV not supported (more info)
TLS compression	No
RC4	No
Heartbeat (extension)	No
Heartbleed (vulnerability)	No (more info)
OpenSSL CCS vuln. (CVE-2014-0224)	No (more info)
Forward Secrecy	With some browsers (more info)
Next Protocol Negotiation	No
Session resumption (caching)	No (IDs assigned but not accepted)
Session resumption (tickets)	Yes
OCSP stapling	No
Strict Transport Security (HSTS)	Yes   max-age=3456000   TOO SHORT (less than 180 days)
Long handshake intolerance	No
TLS extension intolerance	No
TLS version intolerance	TLS 2.98 
SSL 2 handshake compatibility	Yes
 

Protocols
TLS 1.2	No
TLS 1.1	No
TLS 1.0	Yes
SSL 3   INSECURE	Yes
SSL 2	No

Is there anything I can do to prevent this ?