[HN Gopher] Ifconfig.co - Hacker-friendly "What is my IP address"
___________________________________________________________________
Ifconfig.co - Hacker-friendly "What is my IP address"
Author : gurjeet
Score : 197 points
Date : 2021-03-30 08:02 UTC (14 hours ago)
(HTM) web link (ifconfig.co)
(TXT) w3m dump (ifconfig.co)
| mazamats wrote:
| I prefer ipinfo.io
|
| You can even lookup info for other up addresses. E.g.
| https://ipinfo.io/1.1.1.1
| mazamats wrote:
| Plus if you use curl, it will return JSON instead of HtML
| klohto wrote:
| curl ifconfig.co/json
| jodrellblank wrote:
| If you use powershell / invoke-restmethod it will return json
| and get deserialised into a structured object, too.
| PS C:\> irm ipinfo.io PS C:\> $x = irm ipinfo.io
| PS C:\> $x.timezone Europe/London
|
| Personally, I use http://checkip.dyndns.org/ by habit, with
| its one-line return.
| majkinetor wrote:
| No it wont, server need to return JSON format itself.
|
| Your example doesn't work. It needs to be:
| irm ipinfo.io/json
|
| Your other example can be get like this:
| irm http://checkip.dyndns.org | % HTML | % body
| JimDabell wrote:
| It will work. The server will return JSON. The URL
| http://ipinfo.io/ returns HTML if the Accept header
| indicates that you want HTML, and JSON if there is no
| header, a wildcard header, or a header that requests
| JSON. As far as I can see, irm doesn't add an Accept
| header, so the command jodrellblank provided will fetch
| JSON and work correctly.
| majkinetor wrote:
| Doesnt work on Windows 10 using latest pwsh
| jodrellblank wrote:
| Works on Windows 10 using Windows PowerShell. In Pwsh it
| does seem to need /json
| tyingq wrote:
| This one supports other IPs also:
| https://ifconfig.co/?ip=1.2.3.4
|
| And JSON: https://ifconfig.co/json?ip=1.2.3.4
| mazamats wrote:
| The URL is cleaner with ipinfo.io, don't have to specify GET
| parameters with it.
| crazybigdan wrote:
| For what it is worth, I have found that the STUN protocol is also
| an option for discovering this sort of information. There are
| lists of public stun servers out there [0]. Finding a client is a
| little more difficult than just using curl, I grant, but not
| impossible.
|
| [0]: https://gist.github.com/mondain/b0ec1cf5f60ae726202e
| nerdponx wrote:
| It's great to have services like this.
|
| For the benefit of anyone interested: for a "self-hosted"
| solution, you can do this entirely within Nginx. Here's an
| example config: server { listen 80
| default_server; listen [::]:80 default_server;
| listen 443 default_server; listen [::]:443
| default_server; # Use Letsencrypt for SSL. This
| part will depend on your own setup. ssl_certificate
| /etc/letsencrypt/live/<my domain>/fullchain.pem;
| ssl_certificate_key /etc/letsencrypt/live/<my
| domain>/privkey.pem; server_name <my domain>;
| # Deny all access at all paths; useful if you're hosting other
| stuff behind # the same Nginx server (e.g. reverse
| proxy) location / { deny all; }
| # At /ip, return 200 with the client IP address in the body
| location = /ip { default_type text/plain;
| return 200 '$remote_addr'; } }
| rogerdonut wrote:
| This can also be done with HAProxy listen
| whatismyip bind :::80 # listen on ipv4/ipv6
| bind :::443 ssl crt /etc/haproxy/ssl/fullchain.pem
| mode http http-request return status 200
| content-type "text/plain" lf-string "%[src]" if { path /ip }
| http-request return status 200 content-type "application/json"
| lf-string "{\"ip\":\"%[src]\"}" if { path /json_ip }
| http-request deny
| banana_giraffe wrote:
| Along the same lines, if you want to make your own AWS Lambda
| /API Gateway version of this: def
| lambda_handler(event, context): return {
| 'statusCode': '200', 'headers': None,
| 'body': event.get('requestContext', {}).get('identity',
| {}).get('sourceIp', 'unknown') }
|
| I do this, though my lambda is a bit more complex in practice,
| since I have some triggers that say "if this thing reports a
| new IP, do something".
|
| Of course, AWS provides this basic service as
| checkip.amazonaws.com
| anonymouse008 wrote:
| That's a brilliant way of adding and removing SSH security
| group rules for digital nomads
| banana_giraffe wrote:
| That's exactly what I use it for. I have a small program on
| my laptop that makes a request of my lambda every now and
| then (and if it senses a change of the network). It
| triggers a change in the firewall rules for a SSH server.
|
| Between that and Mosh, I barely even notice when I change
| networks.
| haik90 wrote:
| been using this for few years. As far as I know, can't return
| IPv4/IPv6 only from nginx without using separate server block
| to enforce one of them
| [deleted]
| 0xbkt wrote:
| It is even easier with Caddy's `respond` directive[0],
| placeholders[1], and automatic HTTPS.
|
| Caddyfile: example.com { respond
| "{remote_host}" }
|
| [0] https://caddyserver.com/docs/caddyfile/directives/respond
|
| [1]
| https://caddyserver.com/docs/caddyfile/concepts#placeholders
| enz wrote:
| You can even have the JSON version: location
| /json_ip { default_type application/json;
| return 200 "{\"ip\":\"$remote_addr\"}"; }
| VWWHFSfQ wrote:
| this service does a lot more than just return your remote_ip,
| which wont work behind a load-balancer or other proxy unless
| you configure realip module. and also need to add geoip module
| to do all the location stuff
| nerdponx wrote:
| Good points both.
|
| That said, do you know of any software library that exposes
| the Geoip database (or at least Geoip Lite which you one
| easily obtain for free) in a nice API? Like how a lot of
| programming languages have tzinfo/tzdata libraries for
| querying the Tz database.
| banana_giraffe wrote:
| MaxMind offers a small version of their database API for
| free:
|
| https://dev.maxmind.com/geoip/geoip2/geolite2/
|
| In practice it's good enough for many purposes. It's
| actually the version of the database that ifconfig.co uses.
| cryvate1284 wrote:
| Maxmind do APIs for a bunch of language. I've used the
| python one and it works well (with Lite), but see here
| their list:
|
| https://dev.maxmind.com/geoip/geoip2/web-services/
| nerdponx wrote:
| I should clarify that I was looking for an "offline"
| API/library that I can use against a local copy of the
| Lite database, but this is great stuff too.
| luhn wrote:
| Not sure what language you're looking for, but those
| exist too. Here's a Python one:
| https://maxminddb.readthedocs.io/en/latest/
| cryvate1284 wrote:
| If you click through one of the links (e.g. Python) you
| will see it does allow you to do so!
|
| https://pypi.org/project/geoip2/
| arikaun wrote:
| I run eth0.me - a similar service. This might be the IP lookup
| service with the shortest URL, which is the reason why I run it.
|
| Some anecdotes:
|
| -At the moment the service has 10 GiB of traffic/day. In
| February, there were 295 476 879 requests.
|
| -Because the service returns only the IP address and nothing
| else, the requests are larger than the replies.
|
| -At some point a russian ISP began querying eth0.me from
| (apparently) all of their eyeball routers. Thousands of devices
| from their address space would query this service every second,
| which resulted in many Terabytes of traffic monthly. I decided to
| block their address space.
|
| This service was run by somebody else up until a few years ago.
| It became more and more unreliable and went offline. At some
| point I noticed that the domain had expired. I decided to buy it
| and run it myself.
| ChrisArchitect wrote:
| See also
|
| ifconfig.io https://news.ycombinator.com/item?id=17168415
|
| ifconfig.in https://news.ycombinator.com/item?id=4070133
|
| ifconfig.me https://news.ycombinator.com/item?id=6429921
|
| ipinfo.io https://news.ycombinator.com/item?id=5604476
| rnhmjoj wrote:
| I wonder how much more it will take before the answer to "What is
| my IP address?" will simply be "Look in the settings" or "Just
| type ip addr in the terminal".
|
| We are so used to NAT that we don't realize how crazy it is that
| you essentially have to ask a stranger what's your address. It's
| really difficult to explain this to someone with no networking
| knowledge. Nothing else works this way: phone numbers, emails or
| postal addresses.
| teawrecks wrote:
| Phone numbers, emails, and postal addresses all still route
| through multiple mediaries between source and dest, and neither
| end ever know what path it took. In other words, they are
| MITMed by design. And for these mediums of communication, you
| want it this way for everyone's safety and sanity.
|
| The only way this works securely with internet packets would be
| tor.
| marcosscriven wrote:
| You don't really have to ask a stranger - you can ask your
| router, in a similar way you can check the door number on your
| street.
| remram wrote:
| Ask your router? Is there a generic way to do this, or do you
| mean "look into its vendor-specific management interface"?
| the8472 wrote:
| NAT-PMP, UPnP-IGD or PCP can be used for that. Home routers
| usually support at least one of those, but you may have to
| explicitly enable it.
| remram wrote:
| 3 competing techs... Of course this doesn't suffice in a
| variety of situations which is why STUN is a thing:
| https://tools.ietf.org/html/rfc3489
| tenacious_tuna wrote:
| I'm NAT'd, though with an external IP, so the IP my router
| sees is not the same as what the world sees--while my ISP did
| provide me this information in an email, it's much faster for
| me to ask Google or whatnot than to dig the email up.
| asymptosis wrote:
| Assumes:
|
| * You have login access to the router * Your router is
| directly exposed to the internet * You're not using a VPN
| knorker wrote:
| Phone numbers do work that way.
| teawrecks wrote:
| Are you referring to country code prefixes?
|
| Their point is that you can always give your number to anyone
| and they can directly use it to contact you. It's never
| unclear what number to give someone so they can reach you.
| Yeah calls have to be routed, but routes are implicit, not
| something you have to worry about as src or dest.
| knorker wrote:
| I'm referring to the fact that people don't know their own
| phone numbers, and instead of reading it, they'll call you
| and the receiver sees the number.
| rchard2scout wrote:
| No, your own phone number.
|
| Say you're at home, you have a landline, and you don't know
| what your own phone number is. How do you get it? You call
| someone with caller ID, and ask them to tell you what
| number you called from.
| cestith wrote:
| There are numbers one can call for ANI / ANAC info from a
| landline. They vary by carrier and sometimes region. MCI
| has a well-known line that reads back your number.
|
| Of course, I haven't had a land line in years and my cell
| phones tell me their numbers in the settings.
| knorker wrote:
| They don't always. Sometimes you have to use one of those
| pound sign codes, but even that sometimes comes up empty.
|
| So like I said, you call someone to get your number. Like
| how you google what your ip address is.
| elcomet wrote:
| Yeah that's exactly asking a stranger to tell you your
| address
| [deleted]
| jfk13 wrote:
| I don't know where this is pulling data from, but:
|
| > Country United Kingdom
|
| > Country (ISO code) GB
|
| > In EU? true
|
| Well, that's inaccurate for a start.
| gspr wrote:
| Presuming that the "in-EU" is actually meant to refer to
| "subject to most EU legislation, and in particular the GDPR",
| then it's incorrect in the opposite way for Norway: it shows
| false.
| Jonnax wrote:
| I presume the reason is GDPR checking.
|
| Has the UK data protection law deviated significantly from
| GDPR?
| jfk13 wrote:
| AFAIK data protection law has not (yet, at least) deviated
| significantly in the UK vs GDPR.
|
| But if that's the reason, it should be labelled as such:
| "GDPR applies" or something.
| gspr wrote:
| If that is the case, then it's incorrectly showing false for
| Norway, who as an EEA member is subject to the GDPR.
| drdec wrote:
| It is a GitHub project, there's already an issue for the
| UK:
|
| https://github.com/mpolden/echoip/issues/130
|
| Perhaps you ought to open one for Norway? (I don't think it
| would be appropriate for me to do it because I am not
| seeing the issue, not being in Norway.)
| gspr wrote:
| Done, thanks
| kuroguro wrote:
| > I don't know where this is pulling data from
|
| Free version of MaxMind's GeoIP - a lot of services use them
| but the free version is the most inaccurate. That being said,
| not sure it's a mistake on the EU thing?
| jfk13 wrote:
| The UK has unquestionably left the EU.
| kuroguro wrote:
| Thought the underlying API may mean something else more
| generic, but no - just running an outdated version
| https://dev.maxmind.com/release-note/united-kingdom-will-
| no-...
|
| The free DB has to be re-downloaded monthly IIRC.
| PhillyG wrote:
| Still uses GDPR though, so perhaps the label really refers
| to using EU data law save and they've not updated it to
| reflect this technicality.
| pluc wrote:
| You can also hit v4.ifconfig.co to force ipv4
| als0 wrote:
| curl v4.ifconfig.co gives me an ipv6 address
| pluc wrote:
| it does for me too... maybe they've changed it or maybe we
| just don't have a v4 equivalency?
| plattyp wrote:
| I just use the maxmind API directly, which is super cheap and has
| no rate limit to my knowledge. This site is using the maxmind
| dataset anyways.
|
| https://dev.maxmind.com/geoip/geoip2/web-services/
| kps wrote:
| I wish sites would prefer browser-provided location to services
| like these. I'm constantly being placed in some random city
| five or six hundred km away, where my ISP also happens to have
| customers, even though I have Firefox configured to report
| accurately (geo.provider.network.url = data:application/json,{"
| location":{"lat":43.5,"lng":-80.5},"accuracy":1000}).
| desktopninja wrote:
| My 2cents: http://checkip.amazonaws.com/
| http://whatismyip.akamai.com/ dig +short
| myip.opendns.com @resolver1.opendns.com
| hk1337 wrote:
| Both good options but neither does IPv6 AFAIK.
|
| There used to be one at ifconfig.dev but I don't know what
| happened to it
| daper wrote:
| IPv6: curl http://ipv6.whatismyip.akamai.com curl
| http://ipv6.whatismyip.akamai.com/advanced
|
| IPv4: curl http://whatismyip.akamai.com curl
| http://whatismyip.akamai.com/advanced
|
| Both hosts are distributed around the world using the Akamai
| platform and should be fast for everyone.
| [deleted]
| psychometry wrote:
| Not sure I'd trust the expertise of someone who doesn't know how
| to redirect to https...
| kalleboo wrote:
| It's not as if your IP address is private information, it's
| right there in the headers...
| GoblinSlayer wrote:
| Isn't it the user agent's job to support your preferences?
| ktpsns wrote:
| For a service like this one, it is essential _not_ to
| automatically redirect to https, because many simple and /or
| command line clients do not automatically follow (resolve) a
| HTTP redirect answer.
|
| This service also works perfectly fine with
| https://ifconfig.co/
| madhato wrote:
| Similar service but with a frontend web development focus:
| https://whatsmybrowser.info/
| iso8859-1 wrote:
| There are a billion hacker-friendly ways to do this:
| https://unix.stackexchange.com/q/22615/14305
| INTPenis wrote:
| I know a guy who owns the domain ipa.sh that he intended to use
| as a replacement for ifconfig.me because it was slow and
| unavailable a lot.
|
| Referring of course to the new Linux commands "ip a sh". :)
|
| I hope he gets around to deploying it properly some day.
| Snawoot wrote:
| I had some auto-tests for VPN app which were relying on similar
| web-service to check own IP address. One day service become
| unavailable and autotests got broken. IIRC it was
| (https://canihazip.com/s)
|
| I decided to solve this task in a fast and reliable fashion, so I
| made a tool which discovers own IP address using major public
| STUN servers: https://github.com/Snawoot/myip
|
| Program issues parallel queries to public STUN servers to
| determine public IP address and returns result as soon as quorum
| of matching responses reached.
|
| Works fast and reliable, especially compared to services
| requiring HTTPS: user@dt1:~> time curl
| https://api.ipify.org 45.152.165.44 real 0m2,515s
| user 0m0,030s sys 0m0,019s user@dt1:~>
| time curl ifconfig.co/ 45.152.165.44 real
| 0m0,131s user 0m0,011s sys 0m0,008s
| user@dt1:~> time myip 45.152.165.44 real
| 0m0,084s user 0m0,012s sys 0m0,012s
| hankchinaski wrote:
| is the "Is EU?" flag up-to-date? a UK Ip address yields true,
| Switzerland one yields false
| mrlonglong wrote:
| It incorrectly reports the UK is in the EU!
| teekert wrote:
| Nice, I'm gonna miss the chicken [0] though... or not, the IP
| chicken is very easy to remember.
|
| [0] https://ipchicken.com/
| bombcar wrote:
| I prefer the kitten: https://ipkitten.com
|
| (And this ifconfig.co doesn't seem to actually, you know, work
| which is a big hindrance)
| yakubin wrote:
| It's very good that it doesn't redirect to HTTPS. I frequently
| work with little devices which have a curl/wget version that only
| supports very basic HTTP, but no HTTPS. It's always a pain to
| find a website which will work with that.
| steveharman wrote:
| Very sad to say, there is a massive hole in its upkeep with
| recent events.
|
| In EU? true Region England
| achairapart wrote:
| Slightly OT: Some similar services also expose useful data like
| if IP is a VPN, a threat/bot, hosting provider or ISP, or a
| proxy.
|
| I always wondered where this info comes from, looking at the
| similar pattern I presume from the same provider. Is it a premium
| service from MaxMind or what?
| tomcooks wrote:
| Just duck it
|
| https//ddg.gg?q=my+ip
| georgiecasey wrote:
| Looks great but these services have a tendency to come and go.
| Bad actors just end up hammering it. But I've been using
| icanhazip.com for years and it's still going strong.
| curryst wrote:
| I've been using ipecho.net for a while as well. Just
| ipecho.net/plain to get your IP back in plaintext. Not
| affiliated, just what I've been using.
| jachee wrote:
| I've been using ifconfig.me for a decade or more.
| Frost1x wrote:
| I tend not to use these sort of services except for quick hack
| purposes, which I suppose this is exactly designed for.
| Unfortunately, those needs vary so widely I can't try to keep
| track of these sort of services and just Google/DDG for
| something similar when I need it. Unless this pops up on the
| first page of a Google/DDG search, it's unlikely I'll ever use
| it.
|
| If the software behind the service is available and looks like
| it'll be easily usable for years because it has few to no
| dependancies that are likely to deprecated, I might actually
| commit the effort to memory and use it for all similar demands,
| similar to how I keep track of specific CLI *nix tools which I
| can rest assured, even if there are no updates and potential
| security issues, most are going to be usable at some future
| date in a pinch.
| EnigmaCurry wrote:
| DDG will straight up tell you what your ip/geo location is,
| just search "ip address"
| nbk_2000 wrote:
| Searching "ip" is enough on DDG. And for Google "my ip"
| works.
| azinman2 wrote:
| Same with Google "what is my ip"
| saurik wrote:
| I mean, if you really really want my IP, you need to at least be
| asking for microphone or video permissions... otherwise, you are
| only going to get my default route! I work on a VPN product, and
| threw this together to get all my IP addresses, VPN be damned ;P.
| https://rv.saurik.com/wtfip/
| 4mine wrote:
| Here is my favorite. only using DNS:
|
| $ nslookup myip.opendns.com resolver1.opendns.com
| shaicoleman wrote:
| With dig:
|
| $ dig +short @resolver1.opendns.com myip.opendns.com
| yakubin wrote:
| Wow. That's a great idea! nslookup is available on more devices
| than curl/wget.
| john37386 wrote:
| I always like to learn new trick. I'm definitely adding this
| nslookup trick to my IT swiss army knife kit. Thanks
| e12e wrote:
| Put it another way, if you cannot lookup dns, odds are curl
| won't work. Of course, some nets might require the use of
| internal dns servers and block outbound traffic to dns.
| tgsovlerkhgsel wrote:
| I'm happy with https://www.ipify.org/ - supports plaintext and
| JSON, v4 or v6, etc. via changes to the URL, so it works without
| having to set custom headers or telling your client to use one or
| the other.
| SXX wrote:
| If someone want non-rate-limted IP info here is:
|
| https://lumtest.com/myip.json
|
| https://lumtest.com/echo.json
|
| It's powered by largest residential proxy network so they almost
| certainly never gonna ban your IP.
| koolba wrote:
| What is a residential proxy network?
| GoblinSlayer wrote:
| https://en.wikipedia.org/wiki/Luminati
| paxo wrote:
| yeah that seems interesting
| duskwuff wrote:
| A wretched hive of scum and villainy.
|
| But seriously, it's basically a front end to a bunch of
| people who have been incentivized (or fooled) into installing
| a proxy server on their home computers. It's primarily of
| interest as a way to make certain types of fraud (like ad
| fraud and credit card fraud) much harder to detect.
| judge2020 wrote:
| $ whois 52.202.152.73 OrgName: Amazon
| Technologies Inc.
|
| I guess Amazon? Would be funny if this actually ran over
| Amazon Sidewalk but I doubt that.
| weird-eye-issue wrote:
| You are looking at the IP of lumtest.com not the service
| behind it which is what the OP was referring to.
| kalleboo wrote:
| One note is that that one doesn't seem to support ipv6
| ChrisArchitect wrote:
| handy thing yeah - I used this like 6 years ago to write some
| quick bash scripts that would grab dynamic IP changes and send
| them to cloudflare to update a DNS record and create our own
| dynamic DNS service!
| akamhy wrote:
| https://ifconfig.me/
|
| $ curl ifconfig.me
|
| 129.6.255.60
|
| $ curl ifconfig.me/all
|
| ip_addr: 129.6.255.60
|
| remote_host: unavailable
|
| user_agent: curl/7.68.0
|
| port: 52332
| koolba wrote:
| Biggest gripe with ifconfig.me is the default cURL response
| does not include a newline.
| raesene9 wrote:
| http://icanhazip.com/ is my favourite one of these services, for
| simplicity and also as I can always remember the URL :)
| kuroguro wrote:
| I use https://wtfismyip.com/ for similar reasons :)
| masterofmisc wrote:
| just went there.. Oh dear!
| Izkata wrote:
| They keep with the theme even in API requests:
| https://wtfismyip.com/json
| anthropodie wrote:
| The first thing I read was "yourFuckingISP":"BSNL" and I
| was like yup that's right. :D
| kalleboo wrote:
| This one also shows both your IPv6 _and_ your IPv4 at the
| same time, which none of the other ones linked in these
| comments seems to do
| throwaway744678 wrote:
| Pro of icanhazip.com is that you can curl it directly, it
| returns your address and nothing else; you don't have to
| parse the result to get the value, which is a big plus when
| used in a script: curl icanhazip.com
| curl ipv4.icanhazip.com curl ipv6.icanhazip.com
| kalleboo wrote:
| Yeah there are definitely different services for
| different use cases!
| yjftsjthsd-h wrote:
| curl wtfismyip.com/text
|
| curl wtfismyip.com/json
| theblazehen wrote:
| You can curl ifconfig.co as well, uses user agent
| sniffing to just return the IP
| lytedev wrote:
| cURL has flags for this! curl -4
| icanhazip.com curl -6 icanhazip.com
| chrismeller wrote:
| There are other services he runs as well:
| https://major.io/icanhazip-com-faq/
| nubb wrote:
| Curl icanhazip.com has become muscle memory for me.
| spiritplumber wrote:
| http://f3.to/ip/ https://f3.to/ip/
|
| in case you just want to import a string. No headers either. (I'm
| lazy, so this is what I use to get an external IP for my robots)
___________________________________________________________________
(page generated 2021-03-30 23:02 UTC)