major / icanhaz Goto Github PK

View Code? Open in Web Editor NEW

748.0 748.0 102.0 38 KB

The code behind icanhaz 2.0

License: Apache License 2.0

Python 100.00%

icanhaz's Introduction

Howdy! 🤠

icanhaz's People

Stargazers

Watchers

Forkers

bitland lyoshenka supine andyfox2013 ahmdsmir andrewspiers eckeman tonyskapunk xxdesmus xenoxaos willk maddie wikijm jmktx isaac-friedman realinternetbox cooltrane calebsullivan maniacs-ops jatinmistry13 morrislaptop alzeih rbgit errzey bean6754 undertowtool666 conrad784 wanjarus liweitianux rm3l alexanderneilson affluseo gregswift morevolk-latei deubledee gabeio nonbeing protez chaithanya77 lykinsbd stuartwesterman lifuwen 0xgsmart appatalks praggie johndoex1 minblock giang12 slmingol alexey-voren brentley hl46000 itlearn360 dev-erikm heylon2015 mohatb altoplano atchinnachot everydaynerd alexdelorenzo zaemliss genothomas firdausramlan chussenot sriganesh mtbentley cyberjames tony-minh code-watch stallr stephenbrown2 alfian878787 blackthornyugen fluxiums socomsystems vladislav91 spellingb viruchith raceland-automacao-lda datnm2 wsh5485 rastkov nightcrawlerproject luanet gleidsonh zhengkejun markhorsfield yrcjaya abdrmlr dviros kennethlaskoski joshfng misterjmw fogmoon dinamoxp dave4272-office rlbehzadan webdienste msimcox2 atomasking

icanhaz's Issues

IPv6 retrieval does not work by any obvious method

$ host icanhazip.com
icanhazip.com has address 172.67.9.138
icanhazip.com has address 104.22.19.188
icanhazip.com has address 104.22.18.188
icanhazip.com has IPv6 address 2606:4700:10::6816:12bc
icanhazip.com has IPv6 address 2606:4700:10::ac43:98a
icanhazip.com has IPv6 address 2606:4700:10::6816:13bc
$ curl ipv6.icanhazip.com
94.194.199.6
$ curl -6 icanhazip.com
curl: (7) Couldn't connect to server

icanhazepoch reports time in milliseconds

Hi! Thanks for originally providing these services.

$ curl https://icanhazepoch.com
1624878309939
$ python3 -c "import time; print(int(time.time()))"
1624878335

I think this change happened at some point between September of last year and February of this year; used it occasionally for naming manually-created archives (Windows machine 😅).

False positives ? really ?

so this domain will be blacklisted for ever, for simple reason that hackers use this to get the reverse or ip of the device they are hacking, i see you asked in a few forums to REMOVE this from that, but to be honest, its not a good idea.
You need to add API to identify WHO is using your service to do this, not doing so is not only dangerous, but puts everyone at risk.

personnally we block this and will forever since theres always a chance its from a ransomware or other malware asking for ip.
the fact we don't know WHAT asked for it, makes it impossible to get details.

at least if we could poll your site to ?debug=on, and would show last requests from what calling app or device on the IP that pulls the request, that would be better.

icanhazip.com/?debug=1

would return
IP, DATE, AGENT, PARAMS or PUBLIC API KEY

this way you could #1... be on top of your game, #2 protect the innocent.

blocked by Sky Broadband

Major, for some reason, as I discovered icanhazip.com is blocked by Sky Broadcasting, an ISP in the UK

LetsEncrypt certificate not issued for each domain icanhazip responds to

The certificate issued covers the following domains:

icanhazip.com
4.icanhazip.com
6.icanhazip.com
ipv4.icanhazip.com
ipv6.icanhazip.com

The service also responds to the v4 and v6 subdomains which is not reflected by the certificate, causing browsers to flag these subdomains as insecure.

icanhazptr.com returns Content-Type: application/json, despite the payload not being JSON

This is breaking Firefox, which is attempting to parse the body as JSON. I can workaround this by selecting "Raw Data", but this is not ideal.

ipv4.icanhazip.com timing out a lot

For the last few hours pings to ipv4.icanhazip.com has started timing out.

ipv6/ipv4 aliases?

Not all tools provide a convenient way to switch ipv4 and ipv6 on at the client-software level. (For example: browsers don't.)

It would be cool if there were DNS records (ipv4.icanhazip.com and ipv6.icanhazip.com) that allowed for selection at the URL level.

Thanks!

http://ipv4.icanhazip.com/ returns ipv6

The title says it - I am receiving an ipv6 adress and not my ipv4 while calling http://ipv4.icanhazip.com/

ipv4.icanhazip.com just started returning ipv6 addresses

$ curl https://ipv4.icanhazip.com/
2604:5500:0020:....

That is not an IPv4 address.

Traffic stats?

I just read this article: https://major.io/2021/06/06/a-new-future-for-icanhazip/

Are the numbers for real? -- just for icanhazip.com or also for the other sites you have?

This is insane. :|

ipv6.icanhazip service is down

Cannot get IP v6, the service is down at:
https://ipv6.icanhazip.com/

The browser displays this error:
ipv6.icanhazip.com’s server IP address could not be found.
Seems like the DNS for the "ipv6" subdomain was deleted, maybe by accident.

But the FAQ still references it as if it should be working:
https://major.io/icanhazip-com-faq/#how-do-i-control-whether-i-get-results-based-on-ipv4-or-ipv6

This service is important, it is used by the javascript library public-ip that has over 80,000 downloads per week, and it's api to get the IPv6 is now broken due to this service being down.

Please, can you make it available again?
Thanks!

I get error: error code: 1005

this is my ifconfig.

eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 58.223.209.30 netmask 255.255.255.248 broadcast 58.223.209.31
inet6 fe80::7a2b:cbff:fe64:3a30 prefixlen 64 scopeid 0x20
ether 78:2b:cb:64:3a:30 txqueuelen 1000 (Ethernet)
RX packets 16946384 bytes 14618998916 (14.6 GB)
RX errors 0 dropped 28081 overruns 0 frame 0
TX packets 9935767 bytes 3248018318 (3.2 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eno2: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 78:2b:cb:64:3a:31 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 21847 bytes 2795408 (2.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 21847 bytes 2795408 (2.7 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ipv4.icanhazip.com down

ipv4.icanhazip.com
so slow / down

ipv6.icanhazip.com returns ipv4 addresses

to reproduce: curl https://ipv6.icanhazip.com -4

icanhazip.com no longer has IPv6 addresses

Since today icanhazip.com no longer has AAAA entries in the DNS. Thus IPv6 retrieval via the recommeded method (https://major.io/icanhazip-com-faq/) no longer works:

$ curl -6 icanhazip.com
curl: (6) Could not resolve host: icanhazip.com

headers and trace fail

# curl -I icanhazheaders.com 
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 15 Apr 2016 20:56:28 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 119
Connection: close
X-RTFM: Learn about this site at http://bit.ly/icanhazip-faq and don't abuse the service
X-BECOME-A-RACKER: If you're reading this, apply here: http://rackertalent.com/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET

curl -I icanhaztrace.com
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 15 Apr 2016 20:53:39 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 591
Connection: close
X-RTFM: Learn about this site at http://bit.ly/icanhazip-faq and don't abuse the service
X-BECOME-A-RACKER: If you're reading this, apply here: http://rackertalent.com/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET

Common Name of SSL certificate of ipv6.icanhazip.com is invalid

The SSL certificate for the https://ipv6.icanhazip.com subdomain is not valid:

I know, I can just use https://icanhazip.com instead. But I just wanted to point that out - especially since the certificate of ipv4.icanhazip.com is valid.

icanhazip.com is down

just letting you know. still my favourite website! 🤗

sig :: Code/swarm2/test-storage-incentives 7 » curl https://icanhazip.com
curl: (7) Failed to connect to icanhazip.com port 443: Connection refused
sig :: Code/swarm2/test-storage-incentives 7 » curl icanhazip.com
<html>
<head><title>502 Bad Gateway</title></head>
<body>
<center><h1>502 Bad Gateway</h1></center>
<hr><center>nginx/1.19.9</center>
</body>
</html>

Dependency Dashboard

This issue provides visibility into Renovate updates and their statuses. Learn more

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

Update dependency fedora to v37

Detected dependencies

dockerfile

docker/Dockerfile

fedora 36

Check this box to trigger a request for Renovate to run again on this repository

Favicon redirect is 301

Trying to load icanhazip.com/favicon.ico leads to a 301 redirect to ... icanhazip.com/favicon.ico. This doesn't show up on the terminal, but does slow down the completion of page-loading in web browsers.

sol@atri ~> curl -Lv https://icanhazip.com/favicon.ico
*   Trying 2606:4700:10::6814:10f2...
* TCP_NODELAY set
* Connected to icanhazip.com (2606:4700:10::6814:10f2) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Client hello (1):
* TLSv1.3 (OUT), TLS Unknown, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
*  subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=ssl514403.cloudflaressl.com
*  start date: Aug 24 00:00:00 2019 GMT
*  expire date: Mar  1 23:59:59 2020 GMT
*  subjectAltName: host "icanhazip.com" matched cert's "icanhazip.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* Using Stream ID: 1 (easy handle 0x563ac76fe580)
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> GET /favicon.ico HTTP/2
> Host: icanhazip.com
> User-Agent: curl/7.58.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< HTTP/2 301 
< date: Mon, 20 Jan 2020 18:30:26 GMT
< content-type: text/html
< set-cookie: __cfduid=dc607cb098faacb85c86cacd5562c4cad1579545026; expires=Wed, 19-Feb-20 18:30:26 GMT; path=/; domain=.icanhazip.com; HttpOnly; SameSite=Lax
< location: https://icanhazip.com/favicon.ico
< cache-control: max-age=14400
< cf-cache-status: UPDATING
< age: 1056563
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
< server: cloudflare
< cf-ray: 55831ea14b8fdd0a-SIN
< 
* Ignoring the response-body
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection #0 to host icanhazip.com left intact
* Issue another request to this URL: 'https://icanhazip.com/favicon.ico'
* Found bundle for host icanhazip.com: 0x563ac76fda50 [can multiplex]
* Re-using existing connection! (#0) with host icanhazip.com
* Connected to icanhazip.com (2606:4700:10::6814:10f2) port 443 (#0)
* Using Stream ID: 3 (easy handle 0x563ac76fe580)
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> GET /favicon.ico HTTP/2
> Host: icanhazip.com
> User-Agent: curl/7.58.0
> Accept: */*
> 
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
< HTTP/2 301 
< date: Mon, 20 Jan 2020 18:30:26 GMT
< content-type: text/html
< set-cookie: __cfduid=dc607cb098faacb85c86cacd5562c4cad1579545026; expires=Wed, 19-Feb-20 18:30:26 GMT; path=/; domain=.icanhazip.com; HttpOnly; SameSite=Lax
< location: https://icanhazip.com/favicon.ico
< cache-control: max-age=14400
< cf-cache-status: UPDATING
< age: 1056563
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
< server: cloudflare
< cf-ray: 55831ea18c11dd0a-SIN
< 
* Ignoring the response-body
* TLSv1.3 (IN), TLS Unknown, Unknown (23):
* Connection #0 to host icanhazip.com left intact
* Issue another request to this URL: 'https://icanhazip.com/favicon.ico'
* Found bundle for host icanhazip.com: 0x563ac76fda50 [can multiplex]
* Re-using existing connection! (#0) with host icanhazip.com
* Connected to icanhazip.com (2606:4700:10::6814:10f2) port 443 (#0)
* Using Stream ID: 5 (easy handle 0x563ac76fe580)
* TLSv1.3 (OUT), TLS Unknown, Unknown (23):
> GET /favicon.ico HTTP/2
> Host: icanhazip.com
> User-Agent: curl/7.58.0
> Accept: */*

Add sponsor or donation link

Hey @major, would you consider adding a Github Sponsor page or other form of donation link to this project? I use icanhazip.com more than I care to admit, so I'd like to contribute some money for your time/hosting costs/etc.

ipv4.icanhazip.com returning ipv6 addresses

I have a cron job that hits it every hour, and the first instance I received of this behavior was Sun, 19 Apr 2020 01:59:59 -0000.

Happy to provide more HTTP headers and stuff if that would be helpful.

Unable to consistently reach icanhazip.com

Hi,

I'm having inconsistent results reaching icanhazip.com. In general I cannot reach the site at all, but on some networks Rogers cellular for instance I can, but can't on Bell cellular. Not sure if there is a DNS or routing issue, but is it possible to look into this?

Doing a tracert, the last hop it reaches is "lag49.fr3.dal.llnw.net [68.142.88.141]".

Any help would be appreciated.

Thanks

SSL certificate has expired

It was valid until 2015-02-22

Cloudflare error using ddclient

Hello,
I'm using ddclient and pointed it to ipv4.icanhazip.com and ipv6.icanhazip.com respectively.

For the last few days my ISP did not provide me an IPv6 address but I got it resolved. Now that everything is back online I noticed that my IPv6 address is not being updated anymore.

I turned on verbose mode in ddclient and was greeted with the HTML of a Cloudflare error page (I'm snipping unimportant bits and html where possible):

CONNECT:  ipv6.icanhazip.com
CONNECTED:  using HTTP
SENDING:  GET / HTTP/1.0
SENDING:   Host: ipv6.icanhazip.com
SENDING:   User-Agent: ddclient/3.9.1
SENDING:   Connection: close
SENDING:   
SENDING:   
RECEIVE:  HTTP/1.1 403 Forbidden
RECEIVE:  Date: Tue, 13 Apr 2021 23:33:42 GMT
RECEIVE:  Content-Type: text/html; charset=UTF-8
RECEIVE:  Connection: close
RECEIVE:  Set-Cookie: __cfduid=d6047941b71cd1d97696d094cc529d7071618356822; expires=Thu, 13-May-21 23:33:42 GMT; path=/; domain=.icanhazip.com; HttpOnly; SameSite=Lax
RECEIVE:  Cache-Control: max-age=15
RECEIVE:  Expires: Tue, 13 Apr 2021 23:33:57 GMT
RECEIVE:  X-Frame-Options: SAMEORIGIN
RECEIVE:  cf-request-id: 096f2e7b2200001f2945b95000000001
RECEIVE:  Server: cloudflare
RECEIVE:  CF-RAY: 63f8803e9d281f29-FRA

RECEIVE:      Please enable cookies.
RECEIVE:          Sorry, you have been blocked
RECEIVE:          You are unable to access icanhazip.com

RECEIVE:              Why have I been blocked?
RECEIVE:              This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.

RECEIVE:              What can I do to resolve this?
RECEIVE:              You can email the site owner to let them know you were blocked. Please include what you were doing when this page came up and the Cloudflare Ray ID found at the bottom of this page.
RECEIVE:      Cloudflare Ray ID: 63f8803e9d281f29
RECEIVE:      Your IP: XXX
WARNING:  found neither ipv4 nor ipv6 address
WARNING:  unable to determine IP address

Quite unsure why this is all of a sudden. I'm pretty sure a timeout of 5 minutes between checks is fairly okay and should not be regarded as spam.

Is this something I have to fix on my end? Is maybe my ddclient.conf faulty? All I told it was to go to ipv6.icanhazip.com and to update my DNS entry using the cloudflare protocol using the result of that HTTP result.

Funnily enough I could tell it to parse the error to get the IP it's listing, hah.

Also, quite odd: When I execute curl -6 ipv6.icanhazip.com inside of the docker container running ddclient manually, I get a correct result back, so I'm unsure if this a problem with ddclient, the docker container or icanhazip.com and its usage of Cloudflare.

Certificate Expired

The https cert for https://ipv4.icanhazip.com has expired.