Improbable Icon

Cant download or access console.improbable.io


#1

Lately I haven’t been able to download or access console.improbable.io through my Spectrum ISP. I can get to the rest of the improbable sites and can get to console. from my phone (verizon)?

Downloading spatial 64 bit
from 'https://console.improbable.io/toolbelt/download/20170424.160321.db4e581/win
ERROR: The remote file either doesn’t exist, is unauthorized, or is forbidden for url ‘https://console.improbable.io/toolbelt/download/20170424.160321.db4e581/win’. Exception calling “GetResponse” with “0” argument(s): "Unable to connect to the remote server"
The install of spatial was NOT successful.

nslookup console.improbable.io
Server: rns01.charter.com
Address: 71.10.10.10

Non-authoritative answer:
Name: beast-us-east.improbable.io
Address: 35.192.1.255
Aliases: console.improbable.io
beast-redirect-us-east.improbable.io

Pinging beast-us-east.improbable.io [35.192.1.255] with 32 bytes of data:
Reply from 35.192.1.255: bytes=32 time=30ms TTL=44
Reply from 35.192.1.255: bytes=32 time=97ms TTL=44


#3

Months later still unable to access the site, have to tunnel around using softether or update while im at work :frowning: Can access other IPs in that block (35.192.1.x) without issue but not getting a response back via http/https from console.improbable.io.


#4

Hello @jro,

We are actively looking into this issue for you. It is very unfortunate that your first post has not received any response from us, I would like extend our sincere apologies for that. :cry:

Now let’s see how we can get you back into a normal workflow as quickly as possible!

From what we have been able to see from our logs your connections fail during the initial TLS handshake. Could you maybe provide us with some extra information about:

  • Your browser?
  • If this is only on your phone (as that’s where you are sending your logs from)?

Kind regards,
Duco


#5

Hi @dvanamst thanks for following up, I swear I’m not crazy :slight_smile:

-PC1/win10 I’ve tried IE/Chrome/FF
-PC2/win10 I’ve tried IE/Chrome
-iphone8 (on wifi) I’ve tried Safari/Chrome

-PC1 works when tunneling through another network via softether
-iphone8 works when on LTE (verizon)

It’s all devices when nat’ing through my home network so definitely up stream. I’ve tried getting Spectrum to issue a different IP to my modem to ensure it’s not something tied to that IP but they wont.

Only thing left on my end is my modem but doesn’t make sense why it’s just this site. It’s just a standard cable modem/router with nothing fancy.


#6

Hi @jro ,

Sorry to hear about your trouble with this and that you’ve had to do so much troubleshooting!

It looks like something is interrupting/preventing a TLS handshake between your browsers and our servers. From our side, we see your web browsers stop mid-handshake although we can’t see what causes this / why this happens.

As a next step, would you possibly be able to provide us curl output so we can see if there is any more detail about what’s happening during this phase? You sound familiar with networking tools but just in case, you can grab curl here and run curl --verbose https://console.improbable.io/. If you can share this afterwards it should hopefully provide some insight into what’s going on.

Thanks for your patience with this and hopefully this will help us move forward :slight_smile:


#7

C:\curl\src>curl.exe --verbose https://console.improbable.io

C:\curl\src>nslookup console.improbable.io
Server: rns01.charter.com
Address: 71.10.216.1

Non-authoritative answer:
Name: beast-us-east.improbable.io
Address: 35.192.1.255
Aliases: console.improbable.io
beast-redirect-us-east.improbable.io

C:\curl\src>ping console.improbable.io

Pinging beast-us-east.improbable.io [35.192.1.255] with 32 bytes of data:
Reply from 35.192.1.255: bytes=32 time=36ms TTL=42

Ping statistics for 35.192.1.255:
Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 36ms, Average = 36ms

A pcap just shows request out nothing coming back.


#8

Still no luck @ https://console.improbable.io

Tried a few more times between 8:30-8:35PM CST


#9

Hey @jro

Sorry this is ongoing and thanks for your help trying out these debug steps. Would you be able share what you see when you try and connect to our public website:

curl.exe --verbose -s -o nul https://improbable.io/ 

And also what you see when you access the console via its West Coast IP adresses:

curl.exe --verbose -s -o nul --resolve console.improbable.io:443:35.195.42.213 https://console.improbable.io/ 

I’m hopeful the latter will give some signal on whether it’s the specific IP being reached out to that’s problematic.


#10

curl.exe --verbose -s -o nul https://improbable.io/

  • Trying 35.193.224.116…
  • TCP_NODELAY set
  • Connected to improbable.io (35.193.224.116) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
    CAfile: C:\ProgramData\chocolatey\lib\curl\tools\curl_x64\curl-ca-bundle.crt
    CApath: none
    } [5 bytes data]
  • TLSv1.2 (OUT), TLS handshake, Client hello (1):
    } [211 bytes data]
  • TLSv1.2 (IN), TLS handshake, Server hello (2):
    { [58 bytes data]
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
    { [6053 bytes data]
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    { [300 bytes data]
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
    { [4 bytes data]
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    } [37 bytes data]
  • TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    } [1 bytes data]
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
    } [16 bytes data]
  • TLSv1.2 (IN), TLS handshake, Finished (20):
    { [16 bytes data]
  • SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
  • ALPN, server accepted to use h2
  • Server certificate:
  • subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=improbable.io
  • start date: Jun 12 00:00:00 2017 GMT
  • expire date: Sep 10 23:59:59 2018 GMT
  • subjectAltName: host “improbable.io” matched cert’s “improbable.io
  • issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
  • SSL certificate verify ok.
  • Using HTTP2, server supports multi-use
  • Connection state changed (HTTP/2 confirmed)
  • Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
    } [5 bytes data]
  • Using Stream ID: 1 (easy handle 0x2614d5f40e0)
    } [5 bytes data]

GET / HTTP/2
Host: improbable.io
User-Agent: curl/7.59.0
Accept: /

{ [5 bytes data]

  • Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
    } [5 bytes data]
    < HTTP/2 200
    < content-type: text/html; charset=utf-8
    < strict-transport-security: max-age=31536000
    < x-content-type-options: nosniff
    < x-frame-options: SAMEORIGIN
    < x-xss-protection: 1; mode=block
    < date: Fri, 27 Apr 2018 14:27:38 GMT
    <
    { [5 bytes data]
  • Connection #0 to host improbable.io left intact

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

curl.exe --verbose -s -o nul --resolve console.improbable.io:443:35.195.42.213 https://console.improbable.io/

  • Added console.improbable.io:443:35.195.42.213 to DNS cache
  • Hostname console.improbable.io was found in DNS cache
  • Trying 35.195.42.213…
  • TCP_NODELAY set
  • Connected to console.improbable.io (35.195.42.213) port 443 (#0)
  • ALPN, offering h2
  • ALPN, offering http/1.1
  • successfully set certificate verify locations:
    CAfile: C:\ProgramData\chocolatey\lib\curl\tools\curl_x64\curl-ca-bundle.crt
    CApath: none
    } [5 bytes data]
  • TLSv1.2 (OUT), TLS handshake, Client hello (1):
    } [219 bytes data]
  • TLSv1.2 (IN), TLS handshake, Server hello (2):
    { [58 bytes data]
  • TLSv1.2 (IN), TLS handshake, Certificate (11):
    { [6053 bytes data]
  • TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    { [300 bytes data]
  • TLSv1.2 (IN), TLS handshake, Server finished (14):
    { [4 bytes data]
  • TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    } [37 bytes data]
  • TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    } [1 bytes data]
  • TLSv1.2 (OUT), TLS handshake, Finished (20):
    } [16 bytes data]
  • TLSv1.2 (IN), TLS handshake, Finished (20):
    { [16 bytes data]
  • SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
  • ALPN, server accepted to use h2
  • Server certificate:
  • subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=improbable.io
  • start date: Jun 12 00:00:00 2017 GMT
  • expire date: Sep 10 23:59:59 2018 GMT
  • subjectAltName: host “console.improbable.io” matched cert’s “*.improbable.io”
  • issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
  • SSL certificate verify ok.
  • Using HTTP2, server supports multi-use
  • Connection state changed (HTTP/2 confirmed)
  • Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
    } [5 bytes data]
  • Using Stream ID: 1 (easy handle 0x186616a40e0)
    } [5 bytes data]

GET / HTTP/2
Host: console.improbable.io
User-Agent: curl/7.59.0
Accept: /

{ [5 bytes data]

  • Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
    } [5 bytes data]
    < HTTP/2 302
    < content-type: text/html; charset=utf-8
    < location: /projects
    < strict-transport-security: max-age=31536000
    < x-content-type-options: nosniff
    < x-frame-options: SAMEORIGIN
    < x-xss-protection: 1; mode=block
    < content-length: 32
    < date: Fri, 27 Apr 2018 14:27:49 GMT
    <
    { [5 bytes data]
  • Connection #0 to host console.improbable.io left intact

#11

By adding a host entry for console.improbable.io to the west coast IP I am able to access it :slight_smile:

Thanks @seanpowell @dvanamst, now you just have to let me know if the IP ever changes!