ERR_CONNECTION_REFUSED in one ISP but not others and only to one of my domains

Hello,

I have multiple domains configured with Cloudflare to the same VPS and it all works well.

Except one of my domains, lusorobotica.com work in most ISPs but in one ISP I get ERR_CONNECTION_REFUSED

curl -svo /dev/null lusorobotica.com
* Rebuilt URL to: lusorobotica.com/
*   Trying 195.46.39.1...
* TCP_NODELAY set
* Connected to lusorobotica.com (195.46.39.1) port 80 (#0)
> GET / HTTP/1.1
> Host: lusorobotica.com
> User-Agent: curl/7.54.0
> Accept: */*
> 
< HTTP/1.1 403 FORBIDDEN
< Server: nginx/1.10.3
< Date: Wed, 14 Nov 2018 10:35:30 GMT
< Content-Type: text/html; charset=utf-8
< Content-Length: 2729
< Connection: keep-alive
< X-User: 32959
< 
{ [1262 bytes data]
* Connection #0 to host lusorobotica.com left intact

At Cloudflare all configs look ok and equal to the other domains, but for some reason only this domain doesn’t work.

Do you had any experience like this before and know how to point me to the right direction?

Thanks a lot.

Your site generally resolves fine and does connect
http://sitemeer.com/#https://lusorobotica.com/

From your output is seems it is not connecting via Cloudflare though but directly to your server. You might have a stall DNS entry somewhere or a hosts file entry. Also, the output does not suggest a refused connection but an HTTP forbidden response.

The most strange is that that website works fine everywhere else but not in just one ISP that I know of.
But I have other domains configured the same way with sites on same server (similar configs) and not a single one of them have problems except this one.

Any way to force clear default configs on Cloudflare or something like that?

It is not a configuration issue.

Which error do you actually get? You mentioned connection refused but then posted a 403 output.

Sorry for not reply, my outlook sent this email notification to SPAM

I will do more tests and post update when I can fiscally get on that network again. It only happens on a ISP that I don’t contract with but sometimes I got to friends with that ISP.

I have Lusorobotica.com and Tig.pt (and many more) configured the same way in Cloudflare.
I can access this urls normally on most ISPs, but in one of them I can’t access lusorobotica.com while I can access all of other domains.

All of this domains are pointing to a unique VPS in digital ocean running multiple containers but all behind a single nginx proxy.

I don’t know how else to debug this. It looks like it is ISP related and not Cloudflare or even VPS.

what else should I do to find the source of this problem?

On this ISP chrome says

Não é possível aceder a este site

ERR_CONNECTION_REFUSED

In terminal I get this results:

curl -svo /dev/null lusorobotica.com

• Connection #0 to host lusorobotica.com left intact

curl -svo /dev/null tig.pt

• Connection #0 to host tig.pt left intact

traceroute tig.pt
traceroute: Warning: tig.pt has multiple addresses; using 104.27.146.184
traceroute to tig.pt (104.27.146.184), 64 hops max, 52 byte packets
1 ipt001.intern (172.16.0.1) 4.540 ms 1.906 ms 1.613 ms
2 213.58.180.9 (213.58.180.9) 2.759 ms 2.837 ms 3.156 ms
3 213.58.197.237 (213.58.197.237) 10.686 ms 5.851 ms 10.353 ms
4 rc01-12 (195.245.142.166) 8.341 ms 5.435 ms 4.505 ms
5 pa1-84-91-0-13.netvisao.pt (84.91.0.13) 10.264 ms 16.174 ms 12.077 ms
6 pa1-84-91-0-226.netvisao.pt (84.91.0.226) 36.848 ms
pa1-84-91-0-154.netvisao.pt (84.91.0.154) 25.638 ms 12.631 ms
7 ix-ae-12-0.tcore2.pv9-lisbon.as6453.net (80.231.159.45) 10.785 ms 16.122 ms 23.592 ms
8 if-ae-16-2.tcore2.wv6-madrid.as6453.net (80.231.159.53) 55.344 ms
if-ae-16-2.tcore2.wv6-madrid.as6453.net (80.231.159.69) 49.940 ms
if-ae-17-2.tcore2.wv6-madrid.as6453.net (80.231.159.65) 68.957 ms
9 if-ae-11-2.tcore1.wv6-madrid.as6453.net (80.231.91.65) 47.803 ms 45.085 ms 42.814 ms
10 * if-ae-5-2.tcore2.wyn-marseille.as6453.net (80.231.200.5) 88.911 ms 77.079 ms
11 if-ae-2-2.tcore1.wyn-marseille.as6453.net (80.231.217.1) 86.192 ms 112.219 ms 85.286 ms
12 if-ae-8-1600.tcore1.pye-paris.as6453.net (80.231.217.6) 90.037 ms 67.003 ms 80.416 ms
13 80.231.154.14 (80.231.154.14) 68.294 ms 61.843 ms 69.584 ms
14 104.27.146.184 (104.27.146.184) 67.212 ms 66.778 ms 47.822 ms

traceroute lusorobotica.com
traceroute to lusorobotica.com (195.46.39.1), 64 hops max, 52 byte packets
1 ipt001.intern (172.16.0.1) 3.172 ms 1.748 ms 2.493 ms
2 213.58.180.9 (213.58.180.9) 2.733 ms 2.950 ms 2.564 ms
3 213.58.197.237 (213.58.197.237) 4.256 ms 7.115 ms 4.129 ms
4 rc01-12 (195.245.142.166) 3.759 ms 4.255 ms 4.200 ms
5 pa1-84-91-0-13.netvisao.pt (84.91.0.13) 14.879 ms 10.210 ms 13.307 ms
6 pa1-84-91-0-226.netvisao.pt (84.91.0.226) 14.345 ms
pa1-84-91-0-154.netvisao.pt (84.91.0.154) 9.126 ms 9.445 ms
7 ix-ae-12-0.tcore2.pv9-lisbon.as6453.net (80.231.159.45) 10.653 ms 10.469 ms 11.073 ms
8 if-ae-17-2.tcore2.wv6-madrid.as6453.net (80.231.159.65) 22.272 ms * 24.247 ms
9 if-ae-11-2.tcore1.wv6-madrid.as6453.net (80.231.91.65) 19.359 ms 18.168 ms 17.828 ms
10 80.231.91.90 (80.231.91.90) 45.864 ms 22.834 ms 17.897 ms
11 * ae-1-3112.edge6.london1.level3.net (4.69.141.246) 50.241 ms 52.068 ms
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
when traceback it doesn’t stop trying to ping the next jump.

Thanks once again for your attention and help.

It would appear as if your lusorobotica site does not properly resolve. Instead of a Cloudflare address you are getting a 195* address. You are simply contacting the wrong server in this case.

Which DNS service are you using?

I’m letting that for default ISP DNS servers.

Hitting the same domain in my home or office (different ISPs, I get this output)

traceroute lusorobotica.com
traceroute: Warning: lusorobotica.com has multiple addresses; using 104.28.29.112
traceroute to lusorobotica.com (104.28.29.112), 64 hops max, 52 byte packets
1 meo.home (192.168.1.254) 1.637 ms 1.553 ms 1.589 ms
2 10.234.192.1 (10.234.192.1) 4.411 ms 13.037 ms 9.781 ms
3 bl3-77-5.dsl.telepac.pt (213.13.77.5) 3.970 ms 3.890 ms 3.543 ms
4 bl3-77-6.dsl.telepac.pt (213.13.77.6) 4.406 ms 6.026 ms 4.728 ms
5 lis2-cr1-bu10-200.cprm.net (195.8.30.241) 5.813 ms 5.840 ms 7.907 ms
6 frk1-cr1-te2-0-1.cprm.net (195.8.0.234) 48.966 ms 48.139 ms 47.886 ms
7 de-cix-frankfurt.as13335.net (80.81.194.180) 52.825 ms 55.518 ms 54.083 ms
8 104.28.29.112 (104.28.29.112) 47.774 ms 47.971 ms 47.152 ms

Are you saying that something probably something at netvisao.pt (ISP with problems) DNS servers is caching an incorrect A record for that domain?

Thanks for the DNS tip, next time I will be on that network, I will test manually setting DNS to see if it let me resolve correctly.

I am not saying it is the ISP. I am saying you resolve the wrong address and that can be for different reasons. Can you post the output of nslookup lusorobotica.com?

I’m now at home where everything works fine

Address: 104.28.28.112


I will try that again when I drive to the problematic ISP.

You need to run that on the machine where you experience the issue.

Its the same machine (laptop) but on different network now. I will repeat the test on that network once possible.

Thanks a lot @sandro

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.