Cannot reach certain websites

I might as well note that the error I'm getting on the websites that I cannot reach is ERR_CONNECTION_TIMED_OUT

... whois.ripe.net tells me 62.115.54.21 is located in Sweden(?) ...

That IP is assigned to Telia in Sweden, but it's fairly common for ISPs to assign IPs to equipment operating in distant location. Also, it simply isn't possible to send a trace packet to Europe and get a response back in the indicated 21 milliseconds.

I can reach xwavesoft.com, although it's response is very sluggish. When one customer cannot reach a site but others can, it can mean the site or its webhost is blocking that customer's public Comcast IP. You can look up your IP at https://www.google.com/search?q=what+is+my+IP. You may need to ask the site's admins for help with this.

My trace to xwavesoft.com looks like:

C>tracert -4 xwavesoft.com
Tracing route to xwavesoft.com [69.195.98.233] over a maximum of 30 hops:
  1     1 ms     1 ms     9 ms  router1 [192.168.1.1]
  2     8 ms     9 ms     9 ms  96.120.9.181
  3     9 ms    37 ms     9 ms  24.124.216.181
  4     8 ms     8 ms     8 ms  96.110.24.214
  5     9 ms     8 ms     9 ms  96.110.25.65
  6    17 ms    17 ms    19 ms  be-34-ar01.mckeesport.pa.pitt.comcast.net [69.139.168.141]
  7    19 ms    18 ms    21 ms  ae-7.bar1.Pittsburgh3.Level3.net [4.68.106.85]
  8    75 ms    59 ms     *     ae2.3602.edge8.Denver1.level3.net [4.69.219.74]
  9     *        *        *     Request timed out.
 10    63 ms    69 ms    64 ms  69-195-64-113.unifiedlayer.com [69.195.64.113]
 11    62 ms    64 ms    63 ms  po99.prv-leaf6b.net.unifiedlayer.com [162.144.240.23]
 12    63 ms    64 ms    62 ms  69-195-98-233.unifiedlayer.com [69.195.98.233]
Trace complete.

Please be aware that there are 2 kinds of responses in this Forum: Replies and Comments. When you Comment on a post by scrolling down to "Comment on this post here...", I am notified of your response. But if you select Reply, I am NOT notified and may not be aware of your response.

Bruce, I read your blurb under your post and saw you do not get notifications via replies to your posts. Rather, you suggested this method (straight up comment). So here you go. 

... you suggested this method (straight up comment). So here you go. 

Thanks for that!

When you access the site using a VPN or a cell network the IP the site sees your connection coming from is different than when you are trying to reach it on your Comcast connection. Your best bet is to contact the admins for the site's webhost. Either they are blocking your Comcast IP, or the network they are using is.

Good luck!

Hey Bruce. The problem is, i could get to two of the three sites for many, many years just via regular Comcast connections, not VPN/cell. never tried the xwavesoft one before. 

 The odds that all three sites suddenly start blocking Comcast is low, especially considering xwavesoft sells an app that uses their domain to sync their iOS app to their Mac app (which is how I found out there was a problem in the first place…no syncing was occurring). 

it simply wouldn’t be in their interest to block a giant American internet provider. 

... i could get to two of the three sites for many, many years just via regular Comcast connections ...

Things change? I don't know what those sites are, and even if I did, likely all I could do is refer you to their admins. I see no evidence that Comcast is blocking the sites.

Since I can't help you further, I'll again suggest that you contact those who may be able to, and again wish you good luck.

If you wish you are welcome to send me a DM with the sites you are concerned about and I'll see if I can be more helpful. Note that I am not Comcast, just another customer trying to help out.

Bruce, thank you for your offer and suggestions, and I’ll reach out to see if the site admins are blocking Comcast. Might take you up on your offer, but first I’m asking friends in this geographic area and on Comcast to test those sites too. 

Question: does the router get its DNS info from Comcast (as I assume)?

Comcast locks down even non-Comcast routers and I cannot change anything via the admin panel except reset or adjust frequency (haven’t done either…the factory reset is next on my list if nothing else works). As mentioned I have non-Comcast equipment (modem is on approved list and has worked fine since 2017).

... Question: does the router get its DNS info from Comcast (as I assume)? ... Comcast locks down even non-Comcast routers ...

That's true for Comcast gateways and maybe even customer owned gateways, but since you have a standalone modem and router you should be able to set the DNS servers to anything you want. I've never found much value in that, but you should be able to do it unless the Gryphon doesn't have that option (I'm not familiar with their gear so I don't know).

The plot thickens…

I have discovered that both my domains AND xwavesoft.com are ALL hosted on bluehost.com resolving to the same physical address, but are hosted by bluehost.com (my domains) and hostmonster (xwavesoft). A quick glance at social media reveals extensive issues at bluehost.

it is still odd that I cannot reach them while on my home Comcast cable network. I had a friend who lives close by also try. He is also on Comcast, but he could reach all three domains with no problem. Here his traceroute to xwavesoft.com.

traceroute to xwavesoft.com (69.195.98.233), 64 hops max, 52 byte packets

1  10.0.0.1 (10.0.0.1)  4.255 ms  2.410 ms  2.190 ms

2  100.93.141.66 (100.93.141.66)  11.189 ms

    100.93.141.67 (100.93.141.67)  12.380 ms

    100.93.141.66 (100.93.141.66)  13.647 ms

3  po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89)  8.246 ms

    po-309-345-rur301.roseville.mn.minn.comcast.net (24.124.173.81)  11.288 ms

    po-309-346-rur302.roseville.mn.minn.comcast.net (24.124.173.89)  12.025 ms

4  68.87.174.105 (68.87.174.105)  11.431 ms

    po-2-rur301.roseville.mn.minn.comcast.net (68.87.174.157)  11.711 ms

    68.87.174.105 (68.87.174.105)  13.142 ms

5  68.87.174.105 (68.87.174.105)  12.983 ms

    68.87.174.241 (68.87.174.241)  12.870 ms

    68.87.174.105 (68.87.174.105)  14.192 ms

6  69.139.176.209 (69.139.176.209)  14.946 ms

    68.87.174.241 (68.87.174.241)  14.709 ms

    96.108.52.9 (96.108.52.9)  16.628 ms

7  69.139.176.209 (69.139.176.209)  17.489 ms

    be-39841-cs04.1601milehigh.co.ibone.comcast.net (96.110.40.109)  30.018 ms

    68.87.174.237 (68.87.174.237)  17.628 ms

8  be-1313-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.106)  29.748 ms

    be-39821-cs02.1601milehigh.co.ibone.comcast.net (96.110.40.101)  29.905 ms

    be-1413-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.110)  31.150 ms

9  be-1113-cr13.1601milehigh.co.ibone.comcast.net (96.110.39.98)  31.996 ms

    be-302-cr13.champa.co.ibone.comcast.net (96.110.36.197)  29.540 ms

    be-1414-cr14.1601milehigh.co.ibone.comcast.net (96.110.39.126)  31.270 ms

10  be-1414-cs04.champa.co.ibone.comcast.net (96.110.37.253)  30.193 ms

    be-302-cr14.champa.co.ibone.comcast.net (96.110.39.5)  30.223 ms

    be-1213-cs02.champa.co.ibone.comcast.net (96.110.37.229)  35.754 ms

11  be-1314-cs03.champa.co.ibone.comcast.net (96.110.37.249)  30.902 ms

    be-36711-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.226)  41.067 ms

    be-1114-cs01.champa.co.ibone.comcast.net (96.110.37.241)  30.355 ms

12  96.216.180.114 (96.216.180.114)  42.147 ms

    be-36741-ar01.saltlakecity.ut.utah.comcast.net (96.110.43.238)  41.409 ms

    96.216.180.114 (96.216.180.114)  41.657 ms

13  96.216.180.114 (96.216.180.114)  43.479 ms *  43.171 ms

14  69-195-64-113.unifiedlayer.com (69.195.64.113)  42.493 ms *

    69-195-64-111.unifiedlayer.com (69.195.64.111)  43.183 ms

15  69-195-64-111.unifiedlayer.com (69.195.64.111)  41.157 ms

    po97.prv-leaf6a.net.unifiedlayer.com (162.144.240.11)  42.240 ms

    69-195-64-113.unifiedlayer.com (69.195.64.113)  42.858 ms

16  69-195-98-233.unifiedlayer.com (69.195.98.233)  42.081 ms

    po97.prv-leaf6a.net.unifiedlayer.com (162.144.240.11)  42.330 ms

    69-195-98-233.unifiedlayer.com (69.195.98.233)  42.397 ms

I am going to contact bluehost now.

Well, I've chatted for quite some time with Bluehost, and they don't seen any problems on their end. They are not blocking my IP.

So what next? I dread calling 800-934-6489 for xfinity customer service, as they were of no help last time. Is there any way to actually get ahold of someone that knows a thing or two about their network?

... they don't seen any problems on their end. They are not blocking my IP. ...

If your router has a "clone MAC" or "use this MAC" feature, use it to change its WAN MAC address. Then reboot the modem and, after it has stabilized, reboot the router. That should cause Comcast's DHCP server to assign an different public IP.

Or switch to a different router if you have one.

Or, if your Mac has an Ethernet port, for a test connect it directly to the modem. Then, as above, reboot the modem and when it has stabilized, reboot the computer.

After doing one of the above see if you can connect to the troublesome sites.

Ok Bruce, I used my son's gaming PC. Nothing worked at first, but a reboot of the modem fixed that. I can indeed get to those three pesky sites via a direct plugin to the modem. 

Does this mean the fault likely lies with the Gryphon router?

... Does this mean the fault likely lies with the Gryphon router?

My best guess is it means that, despite their denials, Bluehost (or its network, or one of the other companies involved here) was blocking your original public Comcast IP. Changing the device directly connected to the modem caused your public IP to change, and Bluehost is not (yet!) blocking the new IP. The systems that block IPs are often not well understood by webhost staff. They may not even be aware that such systems exist.

Comcast can't help you here. Most of their staff won't know what we're talking about. You could give contacting Unified Layer a try since Bluehost doesn't seem to know what they are doing.

Another turn of events: on a hunch I contacted the Gryphon router people (the nicest people ever, btw) and after updating the router with the newest firmware (not even pushed out yet, fresh!) we discovered that somehow a bunch of sites like bing, Disney, my sites, xwavesoft etc were blocked on everyone else’s account, but get this, NOT ON MINE! BTW Gryphon is an phone app-based parental control type of router.

Not only are the permissions wacky, but somehow the software is corrupted and permissions are bleeding over onto my account. Permissions are obv wacky too (stuff I never set). 

Of course I had checked MY user account multiple times for just this scenario! But I was outfoxed by janky software! Gaaaahh!

I left it as is for the second level engineers to sort through, but I am sure a router reset to defaults is next. 

Bruce, if you never hear from me again, then that means the router is indeed the culprit. I really appreciated the support, man. Wasted 1.5 work days on this.