Blacklisted IPs used by Freedome?

Spikoss
Spikoss Posts: 5 New Member

Hi all,

It has been a few weeks since I started experiencing problems with the IP addresses of Freedome. I use my VPN all the time, am based in Switzerland, thus my VPN goes through some IP range in Zurich. Certain web sites would refuse my connections based on "excessive activity" coming from my IP address. They meant, the IP address from the VPN endpoint in Zurich. Today, I wanted to connect to various airlines to book plane tickets for fall and winter 2020, and systematically I got rejected. So I switched to endpoint Falkenstein (Germany) and got plenty of CAPTCHA challenges and other stuff to keep me away from those sites (see pics).

I certainly don't do multiple connections to web sites, I don't try to spider them, I don't do anything that is not entirely normal for a human user, so I don't think it is my web surfing that is causing problems. I use Firefox 80.0 on Win10 and I do use a few plugins, but I had them installed long before such problems appeared.

From the banning pages I surmise someone has been abusing the Freedome VPN so massively that all Freedome IP ranges are now blacklisted as belonging to spammers or bots.

Can F-Secure please look into that? As for now, I am turning my VPN off.

Cheers,


Pico


Answers

  • Hi @Spikoss

    Did you tried check with different browsers? i.e Edge or Chromium

    If yes, you are facing the same with other browsers. We typically suggests the following steps that should fix the issue related to Freedome IP's blocking issue.

    Open the command prompt as an administrator. Click the Windows start button > Type "cmd" > Right-click Command Prompt > Click Run as Administrator.

    In the Command prompt, type the command below. After each command, press Enter to execute.

    ipconfig /flushdns

    netsh winsock reset

    netsh int ipv6 reset

    After that, you can now clear the browser data on your browser and reboot your home router and your machine and check again.

  • Spikoss
    Spikoss Posts: 5 New Member

    Hi Sethu,

    Many thanks for your answer. It provided me with fresh hypotheses to test.

    I decided to use Falkenstein for these tests. Short story: there is an issue with the IP addresses of those VPN endpoints.

    I set my VPN to end in Falkenstein, Germany.

    I first tried with FFX 80.

    Brussels Airlines: no issues. Swiss.com rejected me with a challenge:

    I tried MS Edge.

    Brussels Airlines: no issues. Swiss.com rejected me with the same challenge:

    I then flushed the dns and followed your commands here above, as administrator. I rebooted my PC.

    I tried again with FFX 80. Brussels Airlines: no issues. Swiss.com rejected me with the same challenge:


    Same results with MS Edge:


    As I wondered if any cookie was playing a role in this, I cleared all cookies and temp files from MS Edge, restarted it, and tried again. Same results. Brussels Airlines: no problem. Swiss.com: rejected again.

    I almost always use FFX except when I did the tests, when I also used Edge. My FFX has a list of plugins, while Edge is pretty much in its pristine state since I installed Win10.

    My hunch is that the messages from swiss.com do really point to an IP address issue, and to nothing else. The IP 88.99.10.33 of the server F-Secure uses does show up on certain IP black lists:

    The other IP address 88.99.10.34 shows up in fewer black lists:

    I also checked with my random swiss VPN endpoint's IP address, and yes indeed, its IP address (178.255.153.166) showed up on two black lists:

    Could it be time to change VPN tunnel endpoint IP addresses in some places like Germany and Switzerland? Or talk to the black lists directly? Any ideas?


    Spikoss

  • Hi @Spikoss

    Thanks for trying out the given steps and the screen shot of testing result, Please allow me sometime to check this with our Freedome development team and will sure update here.

  • [Deleted User]
    [Deleted User] Posts: 0
    edited September 2020

    Hi @Spikoss

    Please find below the response to your query from our Freedome team

    We are now able to reproduce the Swiss Airlines issue with most of our German IPs, but it doesn't happen each time - or it might be so that after we completed their CAPTCHA a couple of times, they started to trust the browser we are using. Their CAPTCHA check is annoying but it can be completed (unlike some Google CAPTCHAs we've seen in the past), and once you've completed, the site seems to be usable.

  • VPN88
    VPN88 Posts: 2 New Member

    Same problem here with some IPs from the VPN servers from Spain.


    Some IPs are blacklisted.

    It's obvious that some users of freedome are using this service for illegal-malicious purposes and we got the consequences.

    Solve this f-secure.

  • Spikoss
    Spikoss Posts: 5 New Member

    Hi Sethu,

    I did their CAPTCHAs multiple times over many weeks, and still, almost every time I connect through Falkenstein, I get the same message and yet another CAPTCHA. Zurich VPN endpoint seems to be fine again. Not sure the swiss.com blacklist filter learns to trust banned IPs so quickly... A bit like VPN88 said, I am also under the impression someone abused F-Secure's VPN and tarnished everybody's reputation.

  • Hi @Spikoss

    Thanks for trying out the suggested steps and I will certainly forward your feedback to our Freedome development team to see what happened so we can fix this. I will get back to you as soon as I know what happened.

  • Hi @Spikoss

    Would it be possible for you to check and collect the following information for further investigation?

    • Check your public IP( with Freedome ON) when the problem occurs (e.g. https://www.whatismyip.com/)
    • And provide me the exact URL was visited when captcha was shown
    • Name of the browser and version was used (test with more mainstream browsers, we don't even recognize what browser is shown in screenshots in the community thread)
    • Check if there is some privacy related browser plugin in use which could also affect to this.
  • Spikoss
    Spikoss Posts: 5 New Member

    Sure. Here is the data.

    I am on the Germany, Falkenstein, VPN endpoint in Freedome. My public IP, as according to whatismyip.com, is:

    • My Public IPv4 is: 144.76.253.137
    • My Public IPv6 is: 2a01:4f8:241:58a5::fed0:137
    • Location: Nuremberg, BY DE
    • ISP: Hetzner Online AG

    I use Firefox 80.0.1

    I do use certain privacy plugins: Adblock, F-Secure browsing protection, cookie autodelete, deactivation of Google analytics, Facebook container, LinkedIn container, Twitter container, Google container, Firefox Multi-Account Containers, Unpaywall, and Zotero connector.

    Exact URL: https://www.swiss.com/ (nothing more, nothing less)

    I was redirected to the usual CAPTCHA page (cf. previous posts)

    I also use Microsoft Edge v85.0.564.51

    On Edge I do have two plugins: Zotero connector and F-Secure browsing protection. Both are *deactivated*.

    I also went to https://www.swiss.com/

    I received the same CAPTCHA challenge as per Firefox.

    Everything runs on Windows 10. I am not aware of any other program running that might affect the way the swiss.com server would process my requests.

    Interestingly, whatismyip.com also challenged me:

    When I switched the VPN endpoint back to Zurich, all problems vanished, and on both browsers. That is: neither swiss.com nor whatismyip.com challenged me, no matter which browser I use.

  • Thanks @Spikoss ,

    Let me share this to our backend team and update you here further.

  • [Deleted User]
    [Deleted User] Posts: 0
    edited September 2020

    Hi @Spikoss

    Our Freedome team is unable to reproduce the same behavior and recommends the following steps.

    Try disabling all the plugins in the browser and restart the browser. Once the browser has restarted, you will then check the website again with Freedome ON to see if that solve the issue.

    Please try and let us know if it helps

  • Spikoss
    Spikoss Posts: 5 New Member

    Hi Sethu,

    I did what your team recommended, and got the same results again.

    In detail...

    I turned all modules off, including browsing protection from F-Secure:

    Then I set my VPN to Falkenstein. I visited whatismyip.com and swiss.com, and...

    whatismyip:

    swiss:

    The same web sites, when visited through the Zurich endpoint, work a-ok:

    and also:


    Yesterday, I was exploring Google's advanced search, and it banned my IP (Zurich endpoint), while today I have zero issues with the same stuff. Yesterday on Google:

    Today, no issue whatsoever on Google, neither from Falkenstein nor from Zurich.

    I still see that the Zurich endpoint is listed in some blacklists, according to https://whatismyipaddress.com/blacklist-check but this time around not Falkenstein. However, https://www.whatismyip.com/ still challenges me when I use the Falkenstein endpoint.

    I don't know what to tell you. I suspect different firewalls and load balancers use different databases for deciding which IP address is legitimate, and which one is not. On top of that, there could be delays in how quickly these devices update their rules, perhaps resulting in certain IPs being still banned in some places while already cleared from the originating black lists.

    I will go back to my collection of plugins and turn them back on :/

  • Hi @Spikoss

    Thank you for the screen shot and performed the given steps, however, we need to analysis the diagnostic logfiles to find the root causes. So please reach our F-Secure support team for further investigation.

This discussion has been closed.
Feedback on New Design