Cannot access hivetool.org

23 posts / 0 new
Last post
Paul
Paul's picture
Cannot access hivetool.org

Two users in the US can't get to hivetool.org

Charles:
"I cannot go to hivetool.org from my home network. I can see it from my cell phone. Is it possible that the server is blocking my ip address. My IP address is 24.211.177.105"
But later:
"I was able to get a different IP address from my internet provider and now I can see hivetool.org."

And Nate:
"Hivetool.org is down for me, I haven't been able to log into it for most of the day."

Nate can hit hivetool.org and net from his home and can only hit hivetool.net from work. His browsers display the image. below.

Any ideas?

The .htaccess file:

deny from 185.53.44
deny from 5.9.151.64-95
# block the AhrefBot
deny from 51.255.65
deny from 183.60.244
#
# uGolden Telecom Ukraine
deny from 46.118.127
deny from 46.118.155
# block by user agent
BrowserMatchNoCase AhrefsBot bad_bot
BrowserMatchNoCase linkdexbot bad_bot
Order Deny,Allow
Deny from env=bad_bot

Image: 
Nate
Nate's picture
Try a system reboot.

Try a system reboot on your modem, computer, and wireless router... or whatever combination you have. I had the same problem,
I rebooted the computer, no help
I rebooted the computer and my wireless router, no help
I rebooted my computer, my wireless router, and my DSL modem... now I can see the .org site again.

Paul
Paul's picture
And the forum is working for you.

I'm pretty sure it was a DNS cache issue that was a result of moving hivetool.org to a new server/IP. Charles said he had to get a new IP for it to work. I think that by rebooting the modem, you may have gotten an new IP. I don't understand why the IP matters. Glad it is working. And the forums, too. Progress!

Charles
I had to fake my MAC address

I had to fake my MAC address of my router to get a new IP address. Reboots of router and modem did not work for me.

Emil
Emil's picture
hivetool.org is blacklisted on barracuda

The hivetool.org is blacklisted on barracuda I don't know why

Image: 
Paul
Paul's picture
Maybe due the prior owner of the IP

My local isp had blocked mail from hivetool.org because it was blacklisted. I think it is due to activities of the prior user of this IP.

Paul
Paul's picture
Submitted form to Barrcuda

I have submitted a request to clear the poor reputation of the IP. It may take up to 12 hours. Thanks for showing me MXtoolbox.

Emil
Emil's picture
dns strange

I get this result in one check on hivetool.org and done the same test in another browser window with same check it seems OK.
Maybe there is some problem at "yourhostingaccount" or "ipage". Check also the NS setup in your DNS setup account

Image: 
Paul
Paul's picture
I will check the DNS setting with the hosting service

None of that looks right. The domain are registered through the first hosting service, netfirms.com
We are using their DNS servers, not ipage.com (which is also owned by the same company that owns netfirms).

I have no idea who yourhostingaccount.com is but it is probably owned by the same company.
I'll check and report back.

Nate
Nate's picture
Update on access

If I go through my DSL supplier, no amount of rebooting my routers,modems,computer seem to restore communications, however by switching to my wifi hotspot (verizon), I can get onto the site... to post this message.

Perhaps more than one provider is blocking the ip address? I use Century Link for DSL which seems to be having trouble serving the pages to me.

Charles
Blocked Again

I got blocked again. This time my IP address was 75.177.165.46. I changed my mac address and got another new address.

Paul
Paul's picture
Can't Access

I'm having troubles today. I have had to reset my modem 3 times. It works for a while, then the ip is not accessable. I don't think this is a website problem. It is running fine. I don't know what the problem is. If someone is blocking ips, it is not the website.

Paul
Paul's picture
Is anyone else having problems?

I'm still fighting this. I have to reset my modem every 30 minutes to an hour. I can't even ping the IP. I spent hours on the phone with my internet provider tech folks yesterday. Got to the second level. They feel certain that it is a NS setting problem. The reason it works for an hour or so is that is the refresh time on the DNS server and it grabs bad info. Then when you
reset the modem it gets a different set. I have tried setting the DNS in the modem to 8..8.8.8 (google) from what has worked for years (166.102.165.11) but that doesn't help.

Anyone know how to fix this?


; <<>> DiG 9.9.3-P2 <<>> hivtool.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62625
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;hivtool.org. IN A
;; ANSWER SECTION:
hivtool.org. 10 IN A 198.105.254.65 <========= WRONG
hivtool.org. 10 IN A 198.105.244.65 <========= WRONG
;; Query time: 73 msec
;; SERVER: 166.102.165.11#53(166.102.165.11)
;; WHEN: Mon Feb 15 18:46:52 EST 2016
;; MSG SIZE rcvd: 61

Emil
Emil's picture
wrong domain lookup hivtool.org

Is the result the same when you write hivetool.org, and not hivtool.org?
I get 162.144.198.156 when using ns1.ipage.com, ns2.ipage.com and 8.8.8.8
Can you ping 162.144.198.156 when you are in a error situation?

pi@emil ~ $ dig @ns1.ipage.com hivetool.org

; <<>> DiG 9.9.5-9+deb8u5-Raspbian <<>> @ns1.ipage.com hivetool.org
; (3 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56295
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
;; QUESTION SECTION:
;hivetool.org. IN A

;; ANSWER SECTION:
hivetool.org. 3600 IN A 162.144.198.156

;; Query time: 148 msec
;; SERVER: 66.96.142.116#53(66.96.142.116)
;; WHEN: Tue Feb 16 18:38:21 CET 2016
;; MSG SIZE rcvd: 57

Paul
Paul's picture
Yes, hivtool.org was my poor

Yes, hivtool.org was my poor typing and eyesight.

When access fails, I cannot ping hivetool.org or the ip. The fact that ping hivetool.org pulls up the correct IP tells me that DNS is ok. And that I can't even ping the IP also tells me that the problem is not in DNS.

bash-4.2# ping hivetool.org
PING hivetool.org (162.144.198.156) 56(84) bytes of data.
^C
--- hivetool.org ping statistics ---
6 packets transmitted, 0 received, 100% packet loss, time 4999ms

bash-4.2# ping 162.144.198.156
PING 162.144.198.156 (162.144.198.156) 56(84) bytes of data.
^C
--- 162.144.198.156 ping statistics ---
15 packets transmitted, 0 received, 100% packet loss, time 13999ms

Thanks for your help.

Emil
Emil's picture
Check also traceroute to see how long into hivetool.org you get

pi@emil ~ $ traceroute www.hivetool.org
traceroute to www.hivetool.org (162.144.198.156), 30 hops max, 60 byte packets
1 192.168.0.1 (192.168.0.1) 1.078 ms 1.775 ms 2.408 ms
2 dsldevice.lan (10.0.0.1) 83.082 ms 82.643 ms 82.349 ms
3 1.84-48-244.nextgentel.com (84.48.244.1) 11.795 ms 12.013 ms 14.363 ms
4 172.16.128.189 (172.16.128.189) 15.595 ms 15.679 ms 15.801 ms
5 * * *
6 34.84-48-3.nextgentel.com (84.48.3.34) 22.297 ms 18.119 ms 17.758 ms
7 213.248.104.117 (213.248.104.117) 16.270 ms 16.284 ms 16.434 ms
8 kbn-bb4-link.telia.net (62.115.135.156) 24.087 ms kbn-bb3-link.telia.net (213.155.131.102) 24.236 ms kbn-bb3-link.telia.net (62.115.135.144) 24.583 ms
9 kbn-b3-link.telia.net (62.115.114.69) 25.857 ms kbn-b3-link.telia.net (213.155.135.179) 25.532 ms 23.857 ms
10 hu0-5-0-0.rcr21.cph01.atlas.cogentco.com (130.117.14.33) 25.343 ms 25.442 ms 25.017 ms
11 be2303.ccr41.ham01.atlas.cogentco.com (130.117.3.161) 29.777 ms be2306.ccr42.ham01.atlas.cogentco.com (130.117.3.237) 28.522 ms be2303.ccr41.ham01.atlas.cogentco.com (130.117.3.161) 28.929 ms
12 be2815.ccr41.ams03.atlas.cogentco.com (154.54.38.205) 37.346 ms 37.698 ms 37.696 ms
13 be2183.ccr22.lpl01.atlas.cogentco.com (154.54.58.69) 143.487 ms 142.387 ms be2182.ccr21.lpl01.atlas.cogentco.com (154.54.77.246) 137.824 ms
14 be2384.ccr21.ymq02.atlas.cogentco.com (154.54.44.137) 141.686 ms be2317.ccr41.jfk02.atlas.cogentco.com (154.54.30.185) 137.404 ms be2385.ccr22.ymq02.atlas.cogentco.com (154.54.44.141) 133.612 ms
15 be2090.ccr21.yyz02.atlas.cogentco.com (154.54.30.205) 133.948 ms be2482.ccr21.cle04.atlas.cogentco.com (154.54.27.157) 131.185 ms be2483.ccr22.cle04.atlas.cogentco.com (154.54.29.201) 134.229 ms
16 be2596.ccr21.cle04.atlas.cogentco.com (154.54.31.53) 138.669 ms 139.957 ms be2597.ccr22.cle04.atlas.cogentco.com (154.54.31.89) 140.147 ms
17 be2831.ccr21.mci01.atlas.cogentco.com (154.54.42.165) 154.623 ms be2718.ccr42.ord01.atlas.cogentco.com (154.54.7.129) 140.285 ms be2717.ccr41.ord01.atlas.cogentco.com (154.54.6.221) 132.515 ms
18 be2831.ccr21.mci01.atlas.cogentco.com (154.54.42.165) 156.435 ms be2130.ccr22.den01.atlas.cogentco.com (154.54.26.121) 156.525 ms be2128.ccr21.den01.atlas.cogentco.com (154.54.25.173) 157.513 ms
19 be2128.ccr21.den01.atlas.cogentco.com (154.54.25.173) 158.860 ms be2126.ccr21.slc01.atlas.cogentco.com (154.54.25.66) 173.882 ms be2128.ccr21.den01.atlas.cogentco.com (154.54.25.173) 157.590 ms
20 be2126.ccr21.slc01.atlas.cogentco.com (154.54.25.66) 173.921 ms be2127.ccr21.slc01.atlas.cogentco.com (154.54.25.70) 167.386 ms 168.450 ms
21 prv-211-1-1-0.unifiedlayer.com (69.27.175.143) 172.392 ms 38.104.174.198 (38.104.174.198) 174.781 ms 174.453 ms
22 prv-211-1-1-0.unifiedlayer.com (69.27.175.143) 179.157 ms prv-211-1-1-2.unifiedlayer.com (69.27.175.147) 168.365 ms 168.400 ms
23 162-144-240-23.unifiedlayer.com (162.144.240.23) 172.987 ms 162-144-240-157.unifiedlayer.com (162.144.240.157) 173.871 ms 162-144-240-13.unifiedlayer.com (162.144.240.13) 169.678 ms
24 * 162-144-240-11.unifiedlayer.com (162.144.240.11) 168.216 ms 162-144-240-21.unifiedlayer.com (162.144.240.21) 167.573 ms
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

Paul
Paul's picture
My trace route (when it is

My trace route (when it is working, obviously)

traceroute to www.hivetool.org (162.144.198.156), 30 hops max, 60 byte packets
1 192.168.0.1 (192.168.0.1) 1.288 ms 1.694 ms 1.983 ms
2 192.168.254.254 (192.168.254.254) 5.753 ms 6.109 ms 6.616 ms
3 172.16.100.1 (172.16.100.1) 21.644 ms 22.583 ms 24.942 ms
4 h75.250.128.40.static.ip.windstream.net (40.128.250.75) 26.405 ms 27.767 ms 28.529 ms
5 et8-0-0-0.pe03.atln01-ga.us.windstream.net (40.132.58.108) 35.367 ms 37.312 ms 39.314 ms
6 et-4-0-0-0.cr01.atln01-ga.us.windstream.net (40.132.58.196) 39.763 ms 25.841 ms 23.858 ms
7 et-10-0-0-0.cr02.chcg01-il.us.windstream.net (40.128.10.136) 45.853 ms 48.287 ms 49.247 ms
8 et5-0-0-0.cr01.chcg01-il.us.windstream.net (40.128.10.144) 51.589 ms 53.924 ms 55.432 ms
9 tg1-2.br01.chcg.acedc.NET (206.223.119.174) 63.490 ms 63.887 ms 64.456 ms
10 ve58.ar04.prov.acedc.net (199.58.196.85) 108.410 ms 110.250 ms 112.414 ms
11 prv-211-1-1-1.unifiedlayer.com (69.27.175.145) 114.187 ms prv-211-1-0-2.unifiedlayer.com (69.27.175.139) 115.112 ms prv-211-1-1-2.unifiedlayer.com (69.27.175.147) 116.938 ms
12 162-144-240-155.unifiedlayer.com (162.144.240.155) 95.979 ms 162-144-240-165.unifiedlayer.com (162.144.240.165) 92.996 ms 92.949 ms
13 162-144-240-15.unifiedlayer.com (162.144.240.15) 97.118 ms 162-144-240-25.unifiedlayer.com (162.144.240.25) 97.811 ms 162-144-240-21.unifiedlayer.com (162.144.240.21) 99.859 ms
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

Paul
Paul's picture
Trace route when down

I don't understand why I can trace the route but can't ping.
From what I can see of the route, it looks the same whether I'm up or down.

bash-4.2# traceroute www.hivetool.org
traceroute to www.hivetool.org (162.144.198.156), 30 hops max, 60 byte packets
1 192.168.0.1 (192.168.0.1) 2.998 ms 3.414 ms 3.483 ms
2 192.168.254.254 (192.168.254.254) 5.968 ms 6.195 ms 6.680 ms
3 172.16.100.1 (172.16.100.1) 20.169 ms 22.136 ms 24.062 ms
4 h75.250.128.40.static.ip.windstream.net (40.128.250.75) 24.997 ms 25.977 ms 27.876 ms
5 et8-0-0-0.pe03.atln01-ga.us.windstream.net (40.132.58.108) 34.789 ms 36.730 ms 37.738 ms
6 et-4-0-0-0.cr01.atln01-ga.us.windstream.net (40.132.58.196) 40.697 ms 21.921 ms 24.818 ms
7 et-10-0-0-0.cr02.chcg01-il.us.windstream.net (40.128.10.136) 46.866 ms 48.725 ms 50.005 ms
8 et5-0-0-0.cr01.chcg01-il.us.windstream.net (40.128.10.144) 51.379 ms 53.320 ms 55.236 ms
9 tg1-2.br01.chcg.acedc.NET (206.223.119.174) 91.295 ms 93.265 ms 95.199 ms
10 ve58.ar04.prov.acedc.net (199.58.196.85) 109.205 ms 110.140 ms 112.081 ms
11 prv-211-1-0-3.unifiedlayer.com (69.27.175.141) 114.030 ms prv-211-1-1-1.unifiedlayer.com (69.27.175.145) 115.943 ms prv-211-1-0-3.unifiedlayer.com (69.27.175.141) 116.803 ms
12 162-144-240-165.unifiedlayer.com (162.144.240.165) 95.042 ms 162-144-240-163.unifiedlayer.com (162.144.240.163) 92.824 ms 162-144-240-155.unifiedlayer.com (162.144.240.155) 93.864 ms
13 162-144-240-13.unifiedlayer.com (162.144.240.13) 97.734 ms 162-144-240-15.unifiedlayer.com (162.144.240.15) 99.725 ms 162-144-240-23.unifiedlayer.com (162.144.240.23) 99.030 ms
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
bash-4.2# ping 162.144.198.156
PING 162.144.198.156 (162.144.198.156) 56(84) bytes of data.
^C
--- 162.144.198.156 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 8999ms

Paul
Paul's picture
iptables

I am pretty sure my problem is with iptables.

These two lines are one of my prior IP addresses:
DROP all -- h244.210.20.98.dynamic.ip.windstream.net anywhere
LOGDROPOUT all -- anywhere h244.210.20.98.dynamic.ip.windstream.net

I have asked VPS support what is generating these rules.

I don't know if I should be proud that I figured it out. or embarrassed that it took so long. It seems pretty obvious now that if someone is being blocked, the first place to check is iptables.

The file hivetool_ip_tables.txt is the output of iptables -L

Does anyone who has been having trouble recognize their ip/provider in the list?

Emil
Emil's picture
Correct blacklist in iptables

For me it seems that the iptables are correct. Most of the adresses (have tested about 10) are blacklisted on different systems, tested with www.mxtoolbox.com "blacklist check".

Paul
Paul's picture
Solved!

We are running csf, see:
http://letushare.com/csf-iptables-cheatsheet/

I had a hive computer set to ftp a jpg captured from the video stream every 5 minutes. I forgot about it and didn't change the ftp passwd when we moved servers. It would cause 12 ftp login failures per hour which exceeds the csf limit of 10. About once an hour my ip address was dropped by iptables.

So simple. But no one could figure it out! Thanks for your help. I probably need to increase the limit to 15 so a hive won't get blacklisted.

Charles
Still blocked

One of my ip addresses is listed 75.177.165.46. I got a new ip 75.177.170.58 and still can not access the website. What do I need to do.

Paul
Paul's picture
Looks similar to my problem

There were 5 failed login attempts during 5 minutes:

75.177.170.58 # lfd: (htpasswd) Failed web page login from 75.177.170.58 (US/United States/cpe-75-177-170-58.nc.res.rr.com): 5 in the last 3600 secs - Sat Feb 20 01:20:09 2016

I'm thinking these bad logins may be coming from your hive computer, if you have one running.

So, take your hive computer off-line for now (unplug ethernet cable or wifi adapter).

Log in to post comments