Amazon.com

Very weird. I cannot access the website from this computer. It’s not a route issue, because I can get to it from her Windows machine, but on my Linux machine, it times out. Traceroute output is:

$ traceroute amazon.com
traceroute to amazon.com (176.32.98.166), 30 hops max, 60 byte packets
1 * * *
2 81.d6.9bc0.ip4.static.sl-reverse.com (192.155.214.129) 17.514 ms 17.540 ms 17.560 ms
3 ae22.dar01.sjc01.networklayer.com (50.23.118.158) 19.775 ms 17.523 ms 19.857 ms
4 ae9.bbr02.eq01.sjc02.networklayer.com (50.97.19.166) 19.543 ms 19.665 ms 19.535 ms
5 ae6.cbs02.eq01.sjc02.networklayer.com (50.97.17.78) 20.183 ms * *
6 ae0.cbs02.cs01.lax01.networklayer.com (50.97.17.86) 26.906 ms 27.243 ms 27.196 ms
7 * * *
8 * * *
9 ae2.dar01.dal13.networklayer.com (169.45.18.37) 57.537 ms 54.337 ms 55.683 ms
10 * ae16.cbs02.eq01.dal03.networklayer.com (169.45.18.90) 54.432 ms 57.155 ms
11 ae0.cbs01.tl01.atl01.networklayer.com (50.97.17.163) 82.146 ms 84.211 ms 85.019 ms
12 ae8.bbr01.tl01.atl01.networklayer.com (50.97.17.155) 72.644 ms 74.857 ms 72.502 ms
13 amazon.tieatl.telxgroup.net (198.32.132.95) 77.715 ms 74.947 ms 74.869 ms
14 * * *
15 * * *
16 * * *
17 178.236.3.31 (178.236.3.31) 88.314 ms 54.240.229.187 (54.240.229.187) 90.802 ms 54.240.229.217 (54.240.229.217) 84.928 ms
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *

When I ping it, I get this:

$ ping amazon.com
PING amazon.com (176.32.103.205) 56(84) bytes of data.
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=1 ttl=233 time=79.8 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=2 ttl=233 time=80.7 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=3 ttl=233 time=79.8 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=4 ttl=233 time=82.8 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=5 ttl=233 time=79.7 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=6 ttl=233 time=78.7 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=7 ttl=233 time=79.2 ms
^C
— amazon.com ping statistics —
7 packets transmitted, 7 received, 0% packet loss, time 6005ms
rtt min/avg/max/mdev = 78.697/80.101/82.796/1.235 ms

When I try to browse to that IP address, I get this:

Your connection is not private

Attackers might be trying to steal your information from 176.32.103.205 (for example, passwords, messages, or credit cards). Learn more

NET::ERR_CERT_COMMON_NAME_INVALID

This server could not prove that it is 176.32.103.205; its security certificate is from *.peg.a2z.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

**************************************************************

Anyone have any idea what might be going on? This only started in the past day or so.

Note: I have the same problem on my virtual Windows machine. I simply cannot access Amazon from this hardware.

[Update a while later]

None of the proferred explanations so far explain why it’s only (AFAIK) amazon.com.

[Afternoon update]

OK, the problem is with ExpressVPN. When I disconnect it, and put Google’s nameserver in /etc/resolv.conf, it works. So I guess I need to talk to them.

[Late afternoon update]

OK, the problem seemed to be the San Francisco VPN server (the default). When I connected to LA instead, the problem went away.

11 thoughts on “Amazon.com”

  1. Who is handling your DNS? It looks like they might be compromised. I suspect that the Windows computer is using a different DNS controller hence the different results. You can try manually setting your DNS to the Google public ones (at least temporarily) and see if it fixes the issue.

    8.8.8.8
    8.8.4.4

    1. Interesting. It just occurs to me that I did set her computer to those a few weeks ago when she was having DNS problems. According to /etc/resolv.conf, the nameserver being used is ExpressVPN’s.

      # cat /etc/resolv.conf
      # Generated by expressvpn
      search expressvpn
      nameserver 10.148.0.1

      Not sure what will happen to the VPN if I override it.

  2. I think your name server is working, otherwise you would not be able to ping amazon.com, as opposed to having to put in an actual IP address. It looks like you are having problems with certificates that are out of date. This can sometimes be caused by not having your clock set correctly, but I’m not an expert on this. Anyway, it would make sense to look into fixing certificate issues. I’s also suggest clearing caches and trying alternative browsers.

    1. I’ve tried every browser I have: Brave, Chrome, Firefox. No joy with any of them. And though I can ping amazon.com, the IP address it gives me returns that error.

  3. The certificate issue is because SSL cert validation checks the domain name. Since you’re hitting the IP directly, it’s complaining that the name on the cert is not the IP address. This is not the issue.

    You mentioned a VPN. Perhaps try disabling it temporarily, or re=installing?

  4. 176.32.103.205 is one of the three IP’s to which amazon.com resolves, so the DNS is fine, at least from bash.

    What is puzzling to me is that you are able to connect via the IP address, but are unable to connect via the domain. We know that you successfully connected when using the IP, as you successfully received the certificate, which you browser then rejected. Normally I would then suspect that the browser is somehow caching an invalid DNS entry, but you say that you have attempted with multiple browsers.

    Perhaps try with curl -vvv and see if that gives anything useful.

    1. curl -vvv amazon.com
      * Trying 176.32.98.166:80…
      * Connected to amazon.com (176.32.98.166) port 80 (#0)
      > GET / HTTP/1.1
      > Host: amazon.com
      > User-Agent: curl/7.69.1
      > Accept: */*
      >
      * Mark bundle as not supporting multiuse
      < HTTP/1.1 301 Moved Permanently < Server: Server < Date: Mon, 16 Nov 2020 20:56:03 GMT < Content-Type: text/html < Content-Length: 179 < Connection: keep-alive < Location: https://amazon.com/
      <
      301 Moved Permanently

      301 Moved Permanently


      Server

      * Connection #0 to host amazon.com left intact

      1. Ok, next try curl -vvv https://amazon.com, and keep following and 301 or 302 redirects until you get something else.

        I can see Amazon.com from my PC just fine, but when I fired up Ubuntu 20 in WSL2 I got “could not resolve host”. Same thing with google.com, but I can ping 8.8.8.8, so I have no idea what’s going on there.

        Maybe an issue with Amazon, of all things?

Comments are closed.