Again, notice that Traceroute will only go so far before something decides that it doesn't want to forward ICMP packets:
traceroute digital.isracard.co.il traceroute to digital.isracard.co.il.cdn.cloudflare.net (192.118.12.104), 64 hops max, 40 byte packets 1 192.168.32.1 (192.168.32.1) 3.622 ms 3.371 ms 2.538 ms 2 <REDACTED> 5.977 ms 5.642 ms 6.083 ms 3 <REDACTED> (45.80.89.177) 5.825 ms * 6.241 ms 4 <REDACTED> (82.102.142.225) 8.577 ms 7.060 ms 5.909 ms 5 212.68.139.25 (212.68.139.25) 8.887 ms 9.314 ms 11.950 ms 6 212.68.139.26 (212.68.139.26) 9.720 ms 9.321 ms 16.892 ms 7 172.18.80.109 (172.18.80.109) 9.310 ms 9.175 ms 16.953 ms 8 172.18.80.113 (172.18.80.113) 8.410 ms 9.501 ms 9.115 ms 9 10.88.192.138 (10.88.192.138) 12.311 ms 11.764 ms 12.262 ms 10 * * * 11 * * * 12 * * * . . . Meanwhile, TCPTraceroute makes it all the way to CloudFlare: tcptraceroute digital.isracard.co.il Selected device en0, address 192.168.33.135, port 53568 for outgoing packets Tracing the path to digital.isracard.co.il (192.118.12.104) on TCP port 80 (http), 30 hops max 1 192.168.32.1 7.913 ms 2.666 ms 2.091 ms 2 <REDACTED> 5.718 ms 5.807 ms 5.347 ms 3 <REDACTED> 5.453 ms 6.793 ms 9.184 ms 4 <REDACTED> 5.451 ms 5.664 ms 5.330 ms 5 212.68.139.25 9.101 ms 8.580 ms 8.278 ms 6 212.68.139.26 9.326 ms 8.641 ms 8.412 ms 7 172.18.80.109 8.544 ms 8.313 ms 8.733 ms 8 172.18.80.113 8.874 ms 9.004 ms 9.591 ms 9 10.88.192.138 12.118 ms 11.818 ms 11.854 ms 10 192.118.12.9 14.237 ms 11.852 ms 11.419 ms 11 192.168.100.246 12.564 ms 22.025 ms 12.236 ms 12 192.118.12.104 [open] 11.632 ms 12.071 ms 12.289 ms 192.118.12.104 == digital.isracard.co.il.cdn.cloudflare.net On Tue, May 13, 2025 at 3:42 PM Shlomo Solomon <[email protected]> wrote: > You are absolutely right. > After several hours on the Isracard Whatsapp, they asked for my public > IP and were able to allow me access. > Obviously I do not know why I was blocked or how they un-blocked me, > but all is well now. > > I asked for an explanation of what was the cause, but I doubt that they > will answer me. > > > On Tue, 13 May 2025 15:29:24 +0300 > Michael Tewner <[email protected]> wrote: > > > You're reaching CloudFlare because Isracard uses the CloudFlare CDN in > > order to cache and secure the website. I assume they're specifically > > using CloudFlare's Web Application Firewall service to block unwanted > > requests at the perimeter instead of allowing unwanted traffic to > > make it to their servers. > > > > As such, digital.isracard.co.il is resolving (using CNAME records) to > > CloudFlare's service. > > > > Keep in mind that "ping" and "traceroute" aren't proper tests for > > connectivity to HTTP and HTTPS services. Most platforms, including > > CloudFlare, will block these requests (both are based on ICMP > > packets, not TCP). A better check would be something like > > tcptraceroute, but even those may be blocked by Web Application > > Firewalls (WAF) for a multitude of reasons, including identifying the > > request as a "scan" due to its low TCP TTL values. > > > > Anyways, the reason you're not getting through seems to be that > > CloudFlare thinks you're a risk for some reason. > > > > -Mike > > > > > > On Tue, May 13, 2025 at 3:16 PM Dotan Shavit <[email protected]> > > wrote: > > > > > > > > > > > בברכה, > > > דותן שביט, > > > 0544-456656 > > > > > > > > > On Tue, 13 May 2025 at 14:36, Shlomo Solomon > > > <[email protected]> wrote: > > > > > >> nslookup verifies that you are right: > > >> > > >> nslookup digital.isracard.co.il > > >> Server: 127.0.0.53 > > >> Address: 127.0.0.53#53 > > >> > > >> Non-authoritative answer: > > >> digital.isracard.co.il canonical name = > > >> digital.isracard.co.il.cdn.cloudflare.net. Name: > > >> digital.isracard.co.il.cdn.cloudflare.net Address: 192.118.12.104 > > >> > > >> > > >> I don't see anything unusual in cat /etc/resolv.conf > > >> nameserver 127.0.0.53 > > >> options edns0 trust-ad > > >> search Dlink > > >> > > >> > > >> Changing the nameserver to 8.8.8.8 did not help. nslookup now shows > > >> that 8.8.8.8 is providing the DNS: > > >> > > >> nslookup digital.isracard.co.il > > >> Server: 8.8.8.8 > > >> Address: 8.8.8.8#53 > > >> > > >> Non-authoritative answer: > > >> digital.isracard.co.il canonical name = > > >> digital.isracard.co.il.cdn.cloudflare.net. Name: > > >> digital.isracard.co.il.cdn.cloudflare.net Address: 192.118.12.104 > > >> > > >> > > >> But still no response from ping and I still cannot access the web > > >> site. > > >> > > >> I also tried traceroute but the destination is not reached > > > > > > traceroute will show you the network components it reaches. check > > > the last one to understand if for example you are blocked within > > > your local network. > > > > > >> > > >> > > >> > > >> > > >> On Tue, 13 May 2025 14:05:54 +0300 > > >> Gal Gur-Arie <[email protected]> wrote: > > >> > > >> > CloudFlare are giving a DDOS protection services for various > > >> > hosts, including the one that you're trying to reach. > > >> > What is the output of: > > >> > nslookup digital.isracard.co.il > > >> > > > >> > What is the output of: cat /etc/resolv.conf > > >> > ? > > >> > maybe, try to modify the name servers just for the test to: > > >> > nameserver 1.1.1.1 > > >> > nameserver 8.8.8.8 > > >> > > > >> > > > >> > On Tue, May 13, 2025 at 1:58 PM Shlomo Solomon > > >> > <[email protected]> wrote: > > >> > > > >> > > I am not able to reach Isracard at digital.isracard.co.il. > > >> > > The browser times out and reports ERR_CONNECTION_TIMED_OUT. > > >> > > > > >> > > Customer support says there is no problem. > > >> > > https://downforeveryoneorjustme.com/ also says the site is up. > > >> > > > > >> > > I tried ping digital.isracard.co.il and got no result. > > >> > > Then I noticed that ping is trying to test a different address. > > >> > > > > >> > > ping digital.isracard.co.il > > >> > > PING digital.isracard.co.il.cdn.cloudflare.net (192.118.12.104) > > >> > > 56(84) bytes of data. > > >> > > > > >> > > So why is my ping being sent to cloudflare.net and not > > >> > > isracard.co.il? > > >> > > > > >> > > I should add that I do have a domain name registered at > > >> > > cloudflare, but I don't see any reason for the strange ping > > >> > > behaviour or the fact that I cannot reach the Isracard site. > > >> > > > > >> > > And I will also add that I have no problem with other web > > >> > > sites. > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > > > >> > > -- > > >> > > Shlomo Solomon > > >> > > http://the-solomons.net > > >> > > Claws Mail 4.0.0 - KDE Plasma 5.24.7 - Kubuntu 22.04 > > >> > > _______________________________________________ > > >> > > Linux-il mailing list -- [email protected] > > >> > > To unsubscribe send an email to [email protected] > > >> > > > > >> > > >> > > >> > > >> -- > > >> Shlomo Solomon > > >> http://the-solomons.net > > >> Claws Mail 4.0.0 - KDE Plasma 5.24.7 - Kubuntu 22.04 > > >> _______________________________________________ > > >> Linux-il mailing list -- [email protected] > > >> To unsubscribe send an email to [email protected] > > >> > > > _______________________________________________ > > > Linux-il mailing list -- [email protected] > > > To unsubscribe send an email to [email protected] > > > > > > > -- > Shlomo Solomon > http://the-solomons.net > Claws Mail 4.0.0 - KDE Plasma 5.24.7 - Kubuntu 22.04 >
_______________________________________________ Linux-il mailing list -- [email protected] To unsubscribe send an email to [email protected]
