Akamai IP reputation

Forums › Spark New Zealand (including Skinny and BigPipe) › Akamai IP reputation

Interwebber

5 posts

Wannabe Geek

#295543 5-Apr-2022 19:58

Here's a funny story that I haven't got to the end of yet.

I have been getting "Access Denied" messages on various websites, sites I have previously had no issues getting to but now cannot, for example I can't get to the Steam store anymore I get this instead

Access Denied

You don't have permission to access "http://store.steampowered.com/" on this server.

Reference #18.a4052017.1649144458

I didn't have much luck with google, lots of people claiming it was all caused by Windows proxy settings, but my proxy settings were turned off, others mention clearing caches and cookies etc, but I browse in incognito mode so no help there.

One thing I found that did resolve this was to browse via a VPN, this points to some sort of block affecting my fibre public IP address.

I then found a post in the depths of the net titled "Why is Akamai blocking me" from there I discovered Akamai's IP reputation lookup page (https://www.akamai.com/us/en/clientrep-lookup/) which gave me the following response, and seemingly the reason I was seeing all these access denied messages

Your IPv4 Address 222.153.x.x received a bad risk score.

The IPv4 Address was associated with the following malicious activity:

Scanning Tool
Web Attacker
Web Scraper

I don't have a static IP, just whatever Spark randomly assigned me from it's pool. I thought perhaps I got unlucky and ended up with a bad IP from someone who had been misusing their internet ;-) but no it looks like all addresses in this range have a bad risk score according to Akamai.

It seems quite difficult to get support from Spark these days, I don't feel up to sitting on the phone for an age then trying to explain this issue, and the help from the app let me type a novel before saying its not a human and maybe someone will get time to look at the problem in the next few days...

I'm tempted to ask Spark for a static IP but I don't know what range they would use for that and if I might not be any better off.

Short of VPN'ing the entire households traffic I'm not sure what else can be done.

timmmay

20858 posts

Uber Geek
+1 received by user: 5350

Trusted

Lifetime subscriber

#2897312 5-Apr-2022 20:19

Switch to 2degrees, I've had no issues at all and I've been with them for years. Support is generally good, though at the moment staffing is an issue everywhere.

quickymart

14940 posts

Uber Geek
+1 received by user: 13953

ID Verified

#2897314 5-Apr-2022 20:20

Have you powercycled your router to try and get a different IP address?

I'm on Spark as well btw - just tried that site and it worked for me.

Interwebber

5 posts

Wannabe Geek

#2897322 5-Apr-2022 20:42

Yeah have tried a few modem restarts, ont included.

Are you in the same IP range? 222.153.x.x

quickymart

14940 posts

Uber Geek
+1 received by user: 13953

ID Verified

#2897330 5-Apr-2022 20:48

No, mine is the 122.60 range.

Talkiet

4819 posts

Uber Geek
+1 received by user: 3934

Trusted

#2897355 5-Apr-2022 21:55

I'm looking into this.

Cheers - N

Please note all comments are from my own brain and don't necessarily represent the position or opinions of my employer, previous employers, colleagues, friends or pets.

insane

3324 posts

Uber Geek
+1 received by user: 1006

ID Verified

Trusted

2degrees

Subscriber

#2897356 5-Apr-2022 21:57

You could try reach out to Akamai directly, they are a good bunch.

I *think* Spark use their AnswerX service, but have probably loaded their location / IP ranges in big blocks i.e /16's but fairly confident from past experience with an adjacent service that they only block individual IPs and are very very seldom wrong.

Is there a possibility a device at your home is indeed compromised and phoning home to a botnet or similar?

Also try using 1.1.1.1 or 8.8.8.8 for DNS and see if that makes any difference.

Dell

Shop now for Dell laptops and other devices (affiliate link).

Interwebber

5 posts

Wannabe Geek

#2897361 5-Apr-2022 22:33

I used a couple other reputation lookup webpages and tried a handful of similar address with the same class as mine and got low reputation scores as well.

We are quite a connected household, 4 teenage and older kids, our monthly traffic is heavy with streaming, gaming and the socials ;-)

So not sure the best way to monitor all the outbound traffic, checking the spark smart modem I don't see any connection info other than what's connected to it and not "what is everything connected to".

I guess I could spin up some sort of proxy to get some traffic insight.

Also I'm using pihole with dnssec to cloudflare for DNS lookups

Interwebber

5 posts

Wannabe Geek

#2898179 7-Apr-2022 16:36

Just an update, Spark support advised me to turn ont and modem off overnight as that was the best way to get a new ip address.

That has worked and I now have an ip in the 222.155.x.x range and Akamai are no longer blocking me from a bunch of websites.