Computer networks

What happens to TCP traffic?

I'm trying to set up a proxy on a DigitalOcean droplet. I put tinyproxy there, I run it on port 8888 after adding my IP to the Allow list in the tinyproxy.conf configuration file.
But wget hangs

(env) [email protected]:~$ echo $http_proxy
http://167.99.210.194:8888/
(env) [email protected]:~$ wget http://htmlbook.ru/
--2019-01-08 22:59:02--  http://htmlbook.ru/
Connecting to 167.99.210.194:8888...

We look at tcpdump on the proxy server (swim - hostname of the proxy server)

20:00:08.617784 IP 109.169.224.50.58228 > swim.8888: Flags [S], seq 3109435511, win 29200, options [mss 1440,sackOK,TS val 2620793101 ecr 0,nop,wscale 7], length 0
20:00:08.617825 IP swim.8888 > 109.169.224.50.58228: Flags [S.], seq 3059977929, ack 3109435512, win 28960, options [mss 1460,sackOK,TS val 3111902230 ecr 2620793101,nop,wscale 7], length 0
20:00:08.683538 IP 109.169.224.50.58228 > swim.8888: Flags [R], seq 3109435512, win 0, length 0

It can be seen that from the point of view of the proxy server, the following happens: the client sends SYN to us, we answer it with SYNACK, the client sends RST.
However, from the client's point of view, the opposite happens. Here is the result of tcpdump on the client:

23:02:19.656811 IP 192.168.1.181.58234 > swim.8888: Flags [S], seq 349766605, win 29200, options [mss 1460,sackOK,TS val 2620924171 ecr 0,nop,wscale 7], length 0
23:02:19.659450 IP swim.8888 > 192.168.1.181.58234: Flags [R], seq 0, win 29200, length 0

We send a SYN to the server, to which it immediately answers us with RST.
It looks like NAT is interfering somehow. Tell me, please, where to dig?