Jump to content

Help Troubleshooting for Xfinity Service Call


Recommended Posts

Posted (edited)

Okay, here's my issue.  We just got Xfinity internet.  Maybe not great, but it was definitely better than the alternative.  We started with everything on default, which means the Advanced Security on the xFi app is on.  My desktop PC, which is mostly just hosting Emby at the moment, keeps popping up with Unauthorized Access Attempts around the same time every night.  Since Emby is pretty much the only thing running (alongside IRC), I go ahead and check the logs and, sure enough, I see the following:

2020-08-07 01:05:40.935 Info HttpServer: HTTP GET http://xx.xxx.xx.x:8096/. UserAgent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0
2020-08-07 01:05:40.937 Info HttpServer: HTTP Response 302 to 69.4.234.31. Time: 2ms. http://xx.xxx.xx.x:8096/
2020-08-07 01:05:41.454 Info HttpServer: HTTP GET http://xx.xxx.xx.x:8096/web/touchicon114.png. UserAgent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0
2020-08-07 01:05:41.500 Info HttpServer: HTTP Response 200 to 69.4.234.31. Time: 46ms. http://xx.xxx.xx.x:8096/web/touchicon114.png
2020-08-07 01:05:41.523 Info HttpServer: HTTP GET http://xx.xxx.xx.x:8096/web/favicon.ico. UserAgent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0
2020-08-07 01:05:41.546 Info HttpServer: HTTP Response 200 to 69.4.234.31. Time: 23ms. http://xx.xxx.xx.x:8096/web/favicon.ico

One is the WAN IP address, but the other, the 69.etc.etc. is what I'm trying to figure out.  I have no idea what that address is supposed to be and I'd like some kind of idea before getting back on the phone with tech support. 

I did have an error checking for both the server update and the plugin update, but that was three days ago and I've rebooted the server since and it didn't come up with another notification when it finished rebooting, which I assume it would have since it updates when it reboots.

Can anyone give me some help?

 

embyserver-63732365611.txt

Edited by zandroid
Posted

You might not want to show your Public IP for your router.

Posted

The 

69.4.234.31

address in question is used by Cloudflare which is a CDN (content distribution network).

Posted (edited)

What about

http://xx.xx.xx.x:8096/
Edited by ebr
sensitive data
Posted
3 hours ago, Sammy said:

What about


http://xx.xx.xx.x:8096/

Yeah, thanks.  I probably shouldn't have posted this at three in the morning, but that's when I noticed the latest alert from Xfinity.

Posted
4 hours ago, cayars said:

The 


69.4.234.31

address in question is used by Cloudflare which is a CDN (content distribution network).

Any idea what those lines are supposed to be doing?

Posted

From the small log you showed it downloaded a couple of images.

If you're setup behind Cloudflare this is normal.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...