What is Reddit's opinion of
ipinfo.io?
From 3.5 billion Reddit comments
➔ ipinfo.io website
By popularity on Reddit, this Service is:
100 reviews of this app found across Reddit:
whois -h whois.radb.net '!gas8075'
I'd say that qualifies as a crapton, that's 21 million ips owned by microsoft. Not including any 3rd party CDNs they might be using (akamai etc.)
Note: It is possible to create iptables drop rules using ip ranges. For example, this command alone would prevent 4 million microsoft owned ips from going through your router:
iptables -I FORWARD -s 40.64.0.0/10 -j DROP
/u/newbiepirate this might be a solution for you if you manage your home firewall. But if we're talking about work, going to starbucks or some other crap like that, you're shit out of luck. You also mentioned windows update, i'd think this might also hinder that :P.
Better off running linux either way in my opinion, but that's just me.
Back in the day we would lease a single IP for a dollar a month. We did end up having to give back quite a bit of it though but we were at the time the largest holder of IPs in NJ. At our height we had 1 or 1.5 million.
Mimicking known, popular search engine bots is a great way to get your traffic blocked by sites that use Akamai, Cloudflare, etc. With about 30 seconds worth of effort you can find the AS numbers and netblocks assigned to Google, Microsoft, etc. I know for a fact that Akamai's bot manager is very good at identifying legitimate bot traffic from these companies versus fraudulent bot traffic. It's trivial for them to determine if a Googlebot request came from a Google IP address or some third party IP address. If they see Googlebot crawling a site from some third party non-Google IP address they know it's bogus.
Sometimes I want to get info about my IP address (e.g. if VPN is connected or not) or some other IP.
This function uses request to display infos from ipinfo.io:
(defun ipinfo (ip) "Return ip info from ipinfo.io for IP." (interactive "sEnter IP to query (blank for own IP): ") (request (concat "https://ipinfo.io/" ip) :headers '(("User-Agent" . "Emacs ipinfo.io Client") ("Accept" . "application/json") ("Content-Type" . "application/json;charset=utf-8")) :parser 'json-read :success (cl-function (lambda (&key data &allow-other-keys) (message (mapconcat (lambda (e) (format "%10s: %s" (capitalize (symbol-name (car e))) (cdr e))) data "\n")))) :error (cl-function (lambda (&rest args &key error-thrown &allow-other-keys) (message "Can't receive ipinfo. Error %S " error-thrown)))))
As I like to keep my own init.el clean with use-package here is the same function packaged.
Yes because it isn't his IP.. it's outbound. Resolves to a canada server.. valve does not (to my knowledge) have a canadian routing group/datacenter. However, bottom group of the fonts have a weird aliasing compared to the top part. the top part and the bottom buttons also has carried over the various specs and jpeg artifacts from the original image.. even the "Trial" small letter L's compression artifact and "Trojan" small letter n compression artifact has been carried over.
edit: - > correct directory
dubious. it's conveniently cut out.
- > correct font
covered this, already just going to mention this again that the aliasing of the fonts do not match.
- > IP address
Resolves to a Canada address. I have here the registered IP ranges for Valve. feel free to verify if that outbound connection above matches https://ipinfo.io/AS32590
You can, for example, use IPInfo.io. Right on the landing page it'll tell you your IP address along with geo location, asn, etc.
In the most cases you should be using the ASN of your ISP, which is the one shown on IPInfo :)
Message me if you need any further help with it.
It needs to be a thing because currently anyone can just evade a ban by creating a new account and using a VPN. Since discord doesn't show IPs to server admins theres little admins can do to stop them.
Also its comically easy to detect VPN IPs, a simple reverse DNS lookup can tell you if the IP belongs to a VPN, You can also look at PFS keys, preform whois lookups on the IP or even implement an API like the one provided by ipinfo.io to check.
According to the pricing page they aggregate the data they use from multiple sources, so they have their own database built from what I would hope are sources they have permission to use.
I seriously doubt that. If the DoD were smart enough to develop malware, then they'd be smart enough to use a non-attributable network for managing it. You would not see connections coming from DoD.
(Remember: foreign nations operate Tor nodes. So they are certain to never trust Tor nodes with direct connections from the DoD.)
To find out who's actually doing it, use WHOIS to look up the addresses. Ignore names like "Ft. Huachuca" -- those manage the overall subnets, but not the individual subnets. Instead, look at the "NetName" in the WHOIS reply to identify the actual organization.
A lot of "DoD" subnets are actually associated with non-DoD services. For example, AS257 is part of the DoD (Navy Network Information Center), but the subnets are from a bunch of schools. They include the Naval Postgraduate School and California State University. (https://ipinfo.io/AS257) So if someone is attending CSU and using Tor, then it might look like a DoD subnet if you don't look deep enough.
- Your IP isn't sensitive information. Visit https://ipinfo.io for all the information you can get on an IP
- Run malware bytes, etc
- if you're really paranoid, back up all your data and factory reset your PC
One option is to spin up a box somewhere and use it as your own proxy or VPN.
To take it a step further, it's not out of the question to have something like this run serverless, so the anonymous function fires from different IPs and zones each time it's called. Such solutions could be identified as coming from a hosting company or cloud service (due to the IP block).
The ideal situation, to appear like a regular user, is finding a VPN node or server that isn't identified as such by one of the major databases.
I use ipinfo.io's API, which has a pretty useful object, privacyin the response. It shows how user-originating an IP might be considered.
"privacy": { "vpn": false, "proxy": false, "tor": false, "hosting": false }
If you can get a node to appear as false for all four keys above, it'll be treated like a real user.
> * Note: I haven't used an invisible proxy before, so I don't have good insight into their implementation or efficacy
There are third party APIs that track client IP info. You don't have to use Navigator and you can bypass user permission.
https://ipinfo.io/developers/getting-started
JSON responses will look like this:
{
"ip": "8.8.8.8",
"hostname": "google-public-dns-a.google.com",
"loc": "37.385999999999996,-122.0838",
"org": "AS15169 Google Inc.",
"city": "Mountain View",
"region": "California",
"country": "US",
"phone": 650
}
Tip: Make sure to turn off CodePen's auto-reload feature, which is on by default. Otherwise you'll quickly burn through your daily rate limit.
It's hosted at IBM...
Flip the ftp to http -> http://170.225.15.61/
https://ipinfo.io/AS18703/170.225.15.0/24
Whois Details
NetHandle: NET-170-224-0-0-1
OrgID: IBM-1
Parent: NET-170-0-0-0-0
NetName: IBM-COMMERCIAL
NetRange: 170.224.0.0 - 170.227.255.255
NetType: assignment
RegDate: 1995-04-21
Updated: 2007-01-31
AbuseHandle: ORGAB-ARIN
Source: ARIN
OrgID: IBM-1
OrgName: IBM
CanAllocate:
Street: 3039 Cornwallis Road
City: Research Triangle Park
State/Prov: NC
Country: US
PostalCode: 27709-2195
RegDate: 1992-02-08
Updated: 2017-11-30
OrgTechHandle: RAIN-ARIN
OrgAdminHandle: RAIN-ARIN
OrgAbuseHandle: RAIN-ARIN
Source: ARIN
Options:
1) Assuming your device is encrypted with BitLocker and is checking in to your management system, nuke it from orbit and write it off. A simple script to nuke the System32 directory will do the trick.
2) Contact the police. This has varied levels of success depending where you live, how busy the local PD is, and how tech savvy they are.
In a past life dealing with machines that handled credit cards we were able to contact the FBI and they usually perked up when we told them we had the IP address of the person who stole the device. Had devices successfully recovered.
3) If you are just curious where it is, write a script to get the IP and then you can use curl against ipinfo.io: * On Windows: Invoke-WebRequest ipinfo.io <IP> | ConvertFrom-Json * On Linux: curl ipinfo.io <IP>
And this will kick you back the IP, hostname, city, regioun, and location.
My company went with option 1. When I came on board they were using Computrace. In 5 years they had only recovered 2 devices. Insurance covers stolen devices anyways, so Computrace was just a huge waste of money. If the device was on the Internet we could it it with remote management software.
Things like Kaseya, LANDesk, BMC Client Management, and SCCM can all be setup to check in automatically, securely, over the Internet.
You can't just ask them to move a single /32 IP from one AS to another. Unless they stayed within the same provider and were able to call in a favor and get them to fuck up all of their announcements (extremely unlikely, even for Clintons), the IP must change if they changed location. They probably just edited the MX record.
Thanks for the reply. If its a internal IP that is blocked the webhook will fail due to a 400 response from ipinfo.io. So the goal is to have two webhooks. One that uses ipinfo and for internal address just notify which IP is been blocked.
Let's take Reddit as an example. If I look up their IP address, I get 151.101.1.140. Heading to https://stat.ripe.net/151.101.1.140#tabId=at-a-glance , we see 151.101.0.0/16, which you could read as 151.101.. if you wanted, is routed ("announced by") a company called Fastly.
In particular this is part of 151.101.0.0/22, a sub-block of 151.101.0.0/16, which is the autonomous system AS54113. Here you can see a list of all IP address ranges that autonomous system owns: https://ipinfo.io/AS54113 .
So if we're using the IP address 151.101.1.140, we can consider the network prefix to be 151.101.0.0/16, and the host identifier to be 0.0.1.140. Note that a single IP address can be partitioned in more than one way. Just like in a real life address, you could say (123 John Doe Street), (Some City, Some State, Some Country) is a partition, but so is (123 Joen Doe Street, Some City), (Some State, Some Country). In this case the fact that Fastly has this autonomous system gives us the chance to say that we have a network at 151.101.0.0/22, and a particular host inside it, which is one of reddit.com's IP addresses. When routing a packet to Reddit, this is the first mask our computers will use, because autonomous levels are the top-level networking masks. But of course, AS54113 will have its own internal partitions of its network, in particular we saw that it has 151.101.0.0/22 as a sub-subnet of its 151.101.0.0/16, so if we use that as our network, we have a prefix of 151.101.0.0/22, and a host identifier again of 0.0.1.140. Note that the network prefix is now longer, it has 6 more bits in the address than a /16.
You need to have IP addresses to route traffic on the internet. In general, you only need one IP address, but a DDOS mitigation company needs more because they need to be able to shift traffic using BGP, and you can only do that for large chunks of IP addresses at a time. Here are a list of IP address ranges owned by DDOS guard. 1 2
DDOS Guard registered a company in Belize, and applied for IP addresses that are only available to Belize companies. Allegedly, they have no actual operations in Belize, and that's why the LACNIC is suspending their Belize IP ranges, which will take effect in 1 month.
Although only 2 of their 62 IP ranges are implicated by this action, those ranges are their largest allocations, containing 8k IP addresses.
Made any cool programs recently?
I am going to start a web API learning project this weekend. Not too sure which API to use or what the program should do yet. Might go with these guys https://ipinfo.io/ just because.
I just found this all by watching Nexpo's video. I haven't seen many of them, but I love tugging at threads. I don't know what's going on with the Rebecca thing, or if that's definitely unrelated, but Piansi is Italian for, "crying," but also, if
REBECCA IS AN IP,
R-- E-- B-- E-- C-- C-- A--
18- 5-- 2-- 5-- 3-- 3-- 1--
there are only a few possibilities. One of which
18.52.53.31
leads to a random garage in Seattle.
47.6339,-122.3476
It's located on a dead-end street, which might be apt, but maybe it's a thing worth checking out.
If you open up a terminal on macOS or Linux, you can call curl then pass it a web address as an argument. In this case it returns a dataset with some info on that IP address:
$ curl ipinfo.io/97.88.58.98 { "ip": "97.88.58.98", "hostname": "97-88-58-98.dhcp.roch.mn.charter.com", "city": "Waite Park", "region": "Minnesota", "country": "US", "loc": "45.5572,-94.2242", "org": "AS20115 Charter Communications", "postal": "56387", "timezone": "America/Chicago", "readme": "https://ipinfo.io/missingauth" }
What you have asked for is literally impossible. There are 3rd-party services that attempt to locate the physical location that an IP is located at, but even with relatively easy ones like a residential ISP customers IP you might get poor results.
For something like a globally available webpage good fucking luck.
And that doesn't even get into your question about finding out where the data which is the truly impossible part. Even if you could nail down a location for whatever IP address you are hitting (which again twitter has 41,216 public address (https://ipinfo.io/AS13414)) that is more than likely either going to be the IP address of a CDN or their local POP for that region, while the POP or CDN may have the specific data you requested it is merely a cache the actual backing data could be anywhere and those IP's will not be publicly routable so you could never find them.
Then there is the whole question of where is the data, as we just saw there are multiple layers of caching between you and "twitter" which are all 'data' which one are you interested in? Even then if you say no cache I just want to true backing source, again twitter is global which means they will have datacenters all over the world and will be replicating, backing up, and sharding your data across regions and continents. Sure most of your data will be local to whatever country or region of the country you are in, but I doubt even twitter would be able to accurately determine where exactly every piece of data on a tweet is even stored.
You can get your ip by using the HTTP Request block and sending a get request to https://ipinfo.io/ip, then you can save the response to a variable, wait a couple of minutes and do it again and just compare if they are the same.
Open the QVPN Service app (may need to install), under VPN Client (left), select VPN connection profiles. Click add to add a new profile. This will ask for a file that should be available from your VPN provider. I logged into my provider's site, searched and downloaded it. There are going to be two files needed from your provider (at least if you're using openvpn). Continue filling in the information. Once the profile is added, right click in the list to edit it. Fill in/select more options and sign-in credentials as needed. Test to see if you can connect. (Also be careful because each port will need to be set up independently if memory serves.)
I like to ssh in and use the command line to verify this is all working even if it says connected. I've found this command to work (this should match what is reported in the GUI):
"curl ipinfo.io/ip"
Using this setup and choosing the option to allow other clients on the network to access the VPN, you can point the device at to your qnap server (router/gateway address) and it will get routed via the same VPN connection. I tested this using a raspberry pi and it worked as described.
Anyhow I found it pretty easy to do.
You could try to find a list of IPs for Akamai or use their ASN numbers and create a Permit Outbound rule which will allow access to those IPs before any Block rules can take effect. I don't have a link for the IPs, but a quick google search found the following:
https://security.stackexchange.com/questions/38658/firewall-defined-akamai-ip-range
Keep in mind that Domain Fronting is an issue with CDNs:
https://www.acunetix.com/resources/Poking-A-Hole-In-Firewall-ProofRead-Final.pdf
What is "editing events on a alert site" ?
Invoke-RestMethod is a fairly thin wrapper around sending HTTP(S) requests and responses, the things you'll most likely need to learn are some basics of the HTTP protocol details (GET/POST verbs, headers, bodies), common formats (JSON, XML), often app-specific authentication (login or token formats differ quite a lot), and the specific API of the thing you're using (API details vary enormously between products).
Pick a straightforward site like https://ipinfo.io/json
Run Invoke-RestMethod https://ipinfo.io/json -Verbose and see the output.
Then run Invoke-WebRequest https://ipinfo.io/json -Verbose and compare. The web request version is showing you more of what's happening - you see the HTTP 200 response code, the raw content of the reply including headers and body, the parsed versions of those, and the content in JSON format. All of that is what Invoke-RestMethod wraps and turns the content into a PowerShell object.
The question seems to be a bit of a non-sequitur. The first two octects do not define the ISP. Take a look at Comcast's blocks (https://ipinfo.io/AS7922) : they have 161 blocks, many of which do not share the first two octets as the other allocations, and are large enough that the blocks cover different octets, i.e. larger than a /16. Also, some of their blocks are smaller than a /16 and not adjacent, meaning they share the first two octets with someone else.
Now if the question is "might a customer get an IP address from a different block" while not changing topology, yes that is possible. Sometimes, the CMTS interface facing a customer has multiple blocks on it, like secondary addresses. If you are off-net for a length of time, the block you were on might not have enough addresses to number your device, and it will get assigned an address from a different block.
So the IP in question, from your picture is registered to Google Inc.
Here's the link: IPinfo
Recommendation go to Firefox or Internet explorer. Google Chrome does a ton of background stuff data wise.
Looking at Windscribe's FAQs it states that your exit IP shows as one of theirs. Now, what that means can vary, but a test that should demonstrate this to you is to:
Activate your VPN
Google "what is my IP"
Confirm it's different from your non-VPN IP
Do a whois lookup on the VPN IP to see who it belongs to
My guess is that whois will show it probably belongs to Windscribe, but maybe they're obfuscating or faking it.
"AS397540 Windscribe details - IPinfo.io" https://ipinfo.io/AS397540
I use grep, cut and sort a lot - grep that days logs, cut the IP, sort then uniq -c will give you a sorted list of IP's accessing and number of hits. If you have a couple dominating the rest then look deeper at what those requests are and how legitimate they are. geoip or ipinfo.io to see what that IP is.
Repeat for other fields like request url.
If it's something that keeps cropping up requiring manual bans you can use something like custom fail2ban rules to get those auto blocked in future.
Sure, but on the ASU WiFi everyone gets a different public IP from the IP blocks that ASU has from ARIN. I'm guessing due to this limitation every computer is unable to get a public IP and they seem to have shared IPs disabled.
Here's the list of all CIDR blocks owned by ASU: https://ipinfo.io/AS2900
Again, I'm just saying that for some reason the DHCP takes *ages* to assign an IP to a computer on the network and that's what preventing everyone from connecting. Now the reason why it takes so long, I don't know but this is what my guess would be.
Class B address range from the lowest: 128.0.0.0 to highest 191.255.255.255
You can always just do a test by pinging the IP address to see if it’s alive and you can use an IP look up for information:
Just a heads up you can find lists of IPs used by VPN providers on the internet, as well as data center ip ranges (Here's an example for linode). In theory they could filter out any submissions made over a VPN. You're better off submitting them using your real IP (if you reside in the US), or using some sort of crowd sourced VPN to use residential IPs. I remember using something like HolaVPN years ago to access US Netflix from Canada, I imagine there are other alternatives now
No, it uses the device location as default.
Look at the speedtest OP posted, you can see the external IP his phone was assigned while he did the test. That IP is located in the US.
By your logic it should have defaulted to a server in the US, but instead it used a server in Frankfurt, Germany. Close to OPs device location.
Togotelecom seems to mostly use PPPoE pools, in addition to some static addresses. This is only relevant for your first router though. Does that have internet connectivity via your modem?
Your first router probably gets a WAN IP from Togotelecom's PPPoE pool (196.171.0.0/16 for instance). Your second router's WAN IP will be on your first router's subnet (192.168.1.0/24 most likely). Does your WNDR3700 get connectivity with DD-WRT defaults (so without VPN)?
Furthermore, which version number does your WNDR3700 have? As seen in the OpenWRT Wiki, every version has significantly different specs. None are capable of OpenVPN performance over 20Mbps (v5 performance). v4 should also be okay, but v1-v3 might not be adequate for OpenVPN at all. All WNDR3700 models have relatively weak MIPS processors sadly...
P.S. it might also be worth considering that v1-v5 all support OpenWRT as well as DD-WRT. v3 additionally supports FreshTomato. So if your problems turn out to be DD-WRT specific, you have other options.
Is this compromised router connected directly to your external ISP connection (i.e. it serves as your primary gateway to the internet)?
What version of DD-WRT are you running?
Did you modify the default configuration? Specifically, are you running any extra services like
UPnP, printer daemons, etc.?Did you disable access via root password login and require login via a 4096 bit RSA key? If you're allowing login via password, are you using a strong, unique password?
Do you have the web-UI exposed to the WAN?
What makes you think that the attacker is domestic? The potential intruder's IP address, 47.101.149.57, is listed on many malware address lists as a malicious domain, and its ISP is located in Beijing.
Well that is up to the individual content provider and how they set up their geoblocking.
While those subnets are registered to Canada, currently the geolocation of each individual IP still refers to the US. For example if you take the 143.131.2.0/24 network, it's country code is CA, but if you run geolocation on any of the IPs it still tells you it's located in Seatlle (as the subnet name is "STARLINK-CANADA-MC-SEA1).
So I sadly don't really know how a geoblock would react to that as I haven't seen or heard of situation like this yet. Though I am pretty sure Starlinks network engineers are testing stuff like this before they start in Canada.
While connected to your wifi network, go to ipinfo.io, what data do you see returned on your right panel?
(You can DM me if you like, or just give some anonymous information, like excluding the last part of your IP address)
first I pinged the server in CMD to get the IPV4
Step 1: Type "ping mc.rteenagers.com" into CMD and the IP should show up
Step 2: Type the IP into here
Step 3: Enjoy i guess
Ahaha I wasn't expecting to have it picked apart on reddit :P
This is a project I threw together in 3 hours yesterday with a ruby scraping script, it doesn't even have a readme yet :) It was to my surprise to find it on the front page of netsec with 50 people ripping it apart and 500 upvotes :D
​
I certainly would like to hear the criticism's some of your half-finished projects that you accidentally got a lot of attention on :)
​
I'll definitely take this feedback onboard though :D This was never meant to be anything special, definitely rely on the official data sources, if you do however like the data set at ipinfo.io/countries/ then this project is just a txt file version, it was only really meant for me and I didn't expect it to be helpful/useful for anybody else :P
That's why I share despite the risk of getting called a skid on reddit.
(PS, as per commit timestamps, I migrated my server from US to a UK server and left the label as EST).
I looked up the IP address and found there are a bunch more domains pointing to it.
One of the domains is frcooper.com and has a link to a linkedin page. There it says they are a Consultant for Arboc Consulting.
I don't think this is an ARG but probably just an abandoned project. They have the .net and .org versions of the domain and they're hosting other personal projects on the same server.
Should add a fallback if someone doesn't share their location or their location isn't found. Could also do this based on IP using something like https://ipinfo.io then you don't need to fully rely on someone's exact location.
Sweet, looks like you're off to a good start!
You know that the IP prefix 172.168.X.X/16 is globally routable right? Looks like it's owned by Verizon. I'm suprised that hasn't caused you any problems yet.
The range reserved for private use is between 172.16.0.0 and 172.31.255.255.
Hey mate, just had a look over the Whirlpool post. The IP you used for the trace (119.81.82.168) falls in the 119.81.64.0/18 range which is SoftLayer not AWS.
https://ipinfo.io/AS36351/119.81.64.0/18
I did the same thing when first looking into all this as I assumed PUBG was all AWS (which they kind of told us it was...).
So I don't think the request AussieBB have in with AWS will fix this issue.
As John Alexander mentions they could do a manual fix on their end but there is a possibility of it affecting other services. For all we know SoftLayer have a good reason for advertising their prefixes this way.
So AussieBB (who are in imo the best Aussie ISP going atm) and other ISP's can band-aid a fix or someone with a big fat SoftLayer account (PUBG :-)) can put the pressure on SoftLayer to fix it for everyone.
Alias Name: Netflix
List Description: Netflix IP Ranges
Format: ASN
State: Flex
Source: AS2906 [ AS-SSI - Netflix Streaming Services Inc., US ]
Header/Label: AS2906
List Action: Permit Outbound
Update Frequency: Weekly
-> Save <-
​
Correct? When typing "AS2906" the remainder "AS-SSI - Netflix Streaming Services Inc., US" generated itself
You can scan the internet in what, 8 minutes? Also, being in a cloud environment where the IPs are known as being owned by Amazon makes it an even bigger target. (Scripts looking for vulnerabilities)
For example, looking up Google's ASN lists every IP block they own: https://ipinfo.io/AS15169
Here you go. Yeah IP addresses can be geolocated. It’s simple as taking your IP and looking it up. But infestructure that holds the internet together is physically and things can see its path. Mine does not go to the right city but it’s in the ballpark.
Apparently CoreLink Global Communications is a Japanese IP range, which might be from the Japanese Showa Station.
Scanning the whole range 5 IPs are up.
The prompt depends though, you can get a pretty accurate location from the IP, which does not require any prompt, like so for example (using ipinfo.io):
$.get("https://ipinfo.io", function(response) { console.dir(response); }, "jsonp");
If OP wants news targeting based on the user's office ( eg. New York/Tokyo/Paris), that should be sufficient in most cases.
Some people say the earth is flat.
Not only is PIA like $40 a year (also up to 5 devices!!) (which is better than some competitors at $60/yr and -->3 devices...), if you use it on all of your devices, then your ISP can't sell your metadata to advertisement companies (because everything is wrapped up in the VPN tunnel, they can't peer inside the encrypted connection).
So now your ISP can't say, oh hey, this guy likes Asians, since we see he connects to juicyasianbimbos.xxx every night. Lets sell his dirty habit to an ad company that can innocuously slip Asian chicks in product ads, to sell some bullshit to this guy.
You should read on how they catch people torrenting (search this subreddit). Oftentimes it's totally automated -- if you go to TPB, grab a magnet link, pop it in the torrent client, your IP shows up in the pool, there's an automated MPAA-DCMA takedown bot hanging out in the pool that sends a form whenever a new IP joins the pool -- $user at $ip, belonging to $isp, was unlawfully downloading $torrent, either you tell him to knock it off or you're complicit in distributing illegal content. A VPN puts their IP in the pool, masking yours, and good VPNs don't keep logs. Lots of VPNs don't "honor" DCMA strikes. Do your research!
VPNs are a necessity now, not just for torrenting. Don't be ignorant and uninformed, protect yourself!
Yeah, we have run into that a lot. Most of the site that list these uncommon standards just come back and say they don't have it. It's frustrating. The same thing happens with bulk suppliers. Many have listings up for compounds/extracts just to judge interest in them. They don't actually have them. It would be nice if they either took down the listing, or made it clear that it was not currently available.
>Oh btw it appears Tractus Chem is based in England as oppose to Hong Kong. I'll confirm once they reply.
>Tractus Company Limited 326 CLEVELAND ROAD LONDON ENGLAND E18 2AN
That's just a registered agent in the UK. The company is actually in Hong Kong. You can see many other companies registered to that 326 Cleveland RD address. Sometimes companies open Ltds in the UK through registered agents, so they can more easily get things through customs, or for tax/banking advantages. Tractus is definitely out of Hong Kong. Their website resolves to 113.10.173.214, which is an IP in Hong Kong.
Pinging wikileaks.org [195.35.109.44] with 32 bytes of data: Reply from 195.35.109.44: bytes=32 time=148ms TTL=47 Reply from 195.35.109.44: bytes=32 time=147ms TTL=47
https://ipinfo.io/195.35.109.44
https://hostingcompass.com/whois/195.35.109.44
https://otx.alienvault.com/indicator/ip/195.35.109.44/
When did Norway join Russia?
just easier to create an alias for all the identified IPs in the blocks and drop the rule above the rule to force traffic over the VPN.
I have this working right now actually for all my interfaces. This is the list of all their IP blocks.
for frontend web development:
- reactjs (library)
- angularjs (framework)
apis i would say
- https://ipinfo.io/ is pretty sweet
there are tons, but those are just some ive worked with recently
It's a VPN, some providers have streaming tiers that will actively attempt to evade streaming blocks. With VPS, most of the time you already lost unless it's a very obscure VPS. Try visiting https://ipinfo.io/, notice that not only the IPs are associated with companies running it, which would indicate whether it's a residential ISP vs data centers, they also already categorized them as such.
there's websites like https://ipinfo.io if you have a dynamic ip (you probably do) then it'll show around what city, plus it's not like they're gonna fly over the world to your location just for one person
You can't get the information there using the IP address. The only way you can is go to ipinfo.io and search their IP to see their ISP. Then hack their ISP's database to find the owner of the IP. Then use a people lookup site to view their information.
Where can I test this? I've tried the Xbox desktop app for Windows, but ... it just doesn't load, I cannot even login into the goddam thing ... In Edge Canary I wasn't able to check this, no option like that.
When using Edge Canary I've monitored my network stats via Wireshark and figured out the server from where I streamed the game (the one with the biggest amount of traffic). Did a traceroute on the address - the stream server doesn't response to ICMP traffic so it's hard to guess the latency from that, but to those server who did respond the average ping latency is 35ms.
This was the server: https://ipinfo.io/13.104.102.4, usually I'm connected to the Netherlands, but quality changes drastically, not sure what does it depends tho'.
In the early days, you could connect to your neighbors computers with just a few commands in a *NIX CLI.
You could start by port scanning your WAN subnet. The IP was usually set to have your immediate nextdoor neighbor just a few digits off in the last octet. IIRC, telnet was ALWAYS open, and sometimes SSH. For some reason, the default configuration of PCs just left these open and listening. This was before the hardware firewalls (0-65535) became popular and you had to rely on a single machine to communicate at your DEMARC point.
Maybe this was a regional configuration, but all of the neighborhoods I grew up in were like this - I am guessing it was ISP protocol to assign IP addresses this way.
Nowadays to get your neighbors WAN IP, you would need to connect to their AP and run curl on ipinfo.io. Not impossible, but just another hoop to jump through if you're a blackhat.
That, and no ads. There were zero ads on websites.
In earlier days I created a script for a company that would connect to https://ipinfo.io and get the info from there. It usually correctly states if you're using a VPN or not. Of course, nothing is infallible but it would give you a right idea.
Hyperlink
> not clicking any links
> they used Kali Linux and a hyperlink
Kali Linux is like a normal distribution of linux, but it comes out of the box with more hacking tools. Anywhere in your conversation, or in any mutual servers, did you click on anything? It could be a gif that didn't load, or a hyperlink that's supposed to lead to a cat. For example, I can view all traffic that's coming to my server's IP Address and look them up immediately. Did you join a minecraft/game server hosted by them?
There is no way they could've found your information through discord. Discord uses to simplify, something of a 'proxy'. Your data only goes to Discord servers, never to anyone else. Then, discord sends any relevant data *from their servers*. You must've clicked a link, website, or tried to join a server owned by them. There is no other way your IP could've been taken.
(Geolocating IPs is simple enough, check out https://ipinfo.io/putIpHere). Stay safe, most antiviruses also block IP Grabbers. Kaspersky does for sure.
FYI, sistem CDN itu, server-nya banyak, tapi IP-nya beberapa doang (anycast - IP yg sama bisa di-announce dari lebih dari 1 server di lokasi berbeda thanks to the magic of BGP).
Perusahaan (CDN, dll.) yg punya IP address itu punya AS number yg isinya list IP address perusahaan itu. Contoh AS number Cloudflare. Ini bisa dipake buat block & throttle bandwidth
- So you can easily get someone's IP address from Xbox or PS4.
- From that, you can get a general area - you can't get a street address unless the area you live in is very unique or they somehow got your address from your service provider (which they never do unless they are subpoenaed)
- You can look up your IP address here and see what GPS coordinates it gives.
So for a person that doesn't know you to be able to send the cops to your house is unlikely.
In the case where this is not a made-up story (either for karma or other reasons):
- I suggest you call the local police station and ask for information about who called them. If it happens again and have had no progress an attorney can help you navigate working with the police to stop the harassment.
- Is there anyone that you know personally that might have tracked you down online to harass you?
Otherwise, maybe check your carbon monoxide levels and that everything is ok with you. Wish you well.
Well, there are plenty of third world countries, or countries where copyright infringement is not taken seriously. Even if there is such a law, in some countries it is just not acted upon. So there are lots of people who do not feel the need to use a VPN.
If you are curious, there are ways to detect that a person is using a VPN anyway. You can check out https://ipinfo.io/ if you are curious, put the IP next to the slash at the end, and it'll show you a bunch of information about it, a general location (usually accurate down to the city level), the ASN and all that.
Most of the time you can Google the name of the ASN and tell if it's a legit ISP for residential users or some kind of ASN affiliated with a VPN. These will usually have IP blocks all over the world and they'll own a crazy amount of IP addresses. So yeah.
the 0s are not the actual ip just representing the numbers present but the letters are as they are in the ip.
curl space https://ipinfo.io/0000:000:b000:00c0:f0e0:f0a0:0b00 enter
sorry to be dense but what quotes around the url?
again thank you for your help
As already asked by "foxyknwldgskr", you should tell us via which webcam portal, e.g. chaturbate, you have streamed.
Even if you are no longer an active model, you can and should always turn to the webcam portal for help. For chaturbate = .
In the case of websites that are affiliate of webcam portals, the removal of content is usually problem-free.
93 (dot) 115 (dot) 61 (dot) 24 is not a website but the IP of SecuNet Inc., a hosting provider that also hosts pirate sites.
https://ipinfo.io/AS208273/93.115.61.0/24
I understand absolutely nothing on this, but here https://ipinfo.io/countries/br Telefônica Brasil is listed as various ASN's, you must have seen only one of them. Besides, I think they can go by other names like Vivo (the current commercial name, Telefônica Brasil is the "official name" - we have these oddities in Brazil lol) and even Telesp (the original company which was bought by the spanish Telefônica).
This is a great resource, if people can trust the servers. One question to the community: how can we be confident we can trust a server?
The use of domain names and reverse DNS lookup could help prove identity of the server. Perhaps we need a web endpoint for validation.
It would be nice to add to the list the reverse DNS result and IP whois information. That would show the cloud providers and may also reveal some interesting servers. A service like https://ipinfo.io can be helpful.
A client that only tunnels encrypted traffic and does encrypted DNS could help too, since the servers wouldn't be able to modify or read traffic, though they could still see the TLS domains.
Lastly, it would be great to search or filter the list by location. Perhaps group by continent and country.
Using admin, log into router and check logs.
Look for repeated admin attempts from an outside IP . Google IP. Something like This.
In advanced setting, or something close. Block IP range 121.128.0.0 - 121.159.255.255
its very easy with mail tho(if you dont use vpn), just open up "show original" on any messege you get, get an ip, use ipinfo.io for example, and then use coordinates in google maps
> Your ISP can map your IP address to your home address. That's all you need to say.
You don't see how that's different than >So if you share your IP from a website like Ookla that does speed tests, no one is really able to do anything with it?
Raw IPs cannot be associated with physical locations in a super meaningful sense. If one were to look up my current IP, 107.116.79.76 you might find this which is somewhat accurate, my ISP is AT&T Mobility but I'm not in Washington DC.
AT&T could look probably look up that address and see what account is using it and then find the listed address associated with the cellular service--but the geolocation and billing address don't match. The billing address may not match one's home address either though.
I don't know about the operator, I just know that the IP address of my IG account pulled from istaunch and then inserted into ipinfo.io has an ASN assigned name of Amazon.com.
My suspicion was that someone from another country got Instagram to send a recovery access code to my email, and I was wondering if that's possible.
I'm kind of meh on this site. It's very generic. No contact information other than a web form. The site was registered just one year ago and has very little web presence. And I stumbled on an IP info site that has it listed with a bunch of other similar looking sites all under a Chinese company name: https://ipinfo.io/185.33.94.22
Probably a drop shipper. Proceed at your own risk. Use a credit card so you have recourse if it turns out to be a rip off in some way.
Hi,
Thank you for taking time with me.
I have no idea what DHT & Peer Exchange is. So that is a good place to start for me! Thank you!
I can successfully exchange whole files, so I believe the ports are fine. It's a headless server running nordvpn on Debian Bullseye. I do have it's headed twin that I used the same procedures to create. It's just easier to troubleshoot. But I'm almost positive that those ports are open. I can figure out how to do a terminal based check to see if the ports are open. I do use curl ipinfo.io so that helps.
But thank you! very helpful!
How did you check your location? https://ipinfo.io/ use IP geolocation so it should show you're using the VPS American IP, but if the site request browser's location info, then it will still see your original location. Other possibility is your account has been used before, the site might ignore your new IP geolocation info if it detect the IP belongs to data center instead of residential ISP.
It uses a geoip service to find the laptop WAN IP's country of origin. You can use a site like ipinfo.io to find the city, state, country, hostname, and organization who owns the IP. I guess TV does this for finding regional deals or checking restrictions.
I use Windscribe Pro, sideloaded latest Android apk through SideQuest.
I checked with browser at ipinfo.io and it displays the VPN IP address so it seems to work fine but I'm no expert in these things.
(https://windscribe.com/yo/bj036cn7 referral but feel free to ignore)
Work on getting better at detecting and isolating synthetic traffic. Use a layered approach that combines fingerprinting (botd is a decent place to start) and ip address intelligence (i've had success using the ipinfo.io proxy/vpn detection solution).
Flip the script. You could, in theory, rely on an alternate approach where users text a specific six-digit code to a specific phone number - and only then will the phone number be associated with the account being created. If these attacks are truly sinking your fleet, pivot to this - it doesn't sacrifice any of the validity of the verification.
I'm biased as I work at IPinfo.io :) But if I forget about it for a second, I'd still recommend it.
There's a free plan with up to 50 000 requests a month. You can use the website search if you don't need API integration. Or you can use the bulk upload tool for the whole list of IPs you have.
For a very quick overview, you can try the Summarize IPs tool: https://ipinfo.io/tools/summarize-ips , it processes up to 500 000 IPs at once.
Did you try it ?
I used to use Residential VPN from RapidVPN provider with costs 20$/month but it was still detected by their tool.
When I check it on https://ipinfo.io/ .The system detected my IP from VPN provider not ISP provider...
I like ipinfo.io for getting full ISP data. Sometimes they have business/organizational records attributed that ipinfo will show you, if the ISP had designated as much detail. Also sometimes if you have a large netblock, the ISP may also have provided a smaller netblock designation for that IP within their greater netblock that ipinfo will show you, but other tools wouldn't.
I then use something like shodan or binaryedge to look at the whole netblock to see if any sort of certain business/industry/operation may be attributed to it.
I have purchased your Mesh devices and when I look at the data traffic on my LAN I see lots of traffic to a Chinese website https://ipinfo.io/1.58.168.192 that I have not seen before. When I blocked traffic the devices then directed traffic to a site in Thailand. Currently your mesh devices are disconnected and no traffic to these ip addresses seen. What an earth are you doing???
One of the IPS of those scammers is https://ipinfo.io/AS9299/49.145.224.0/19-49.145.225.0/25 He's a scammer from the Philippines. Blue-Valve Employee#6161
When companies purchase public IPs, they also register their full information. Since your VPS IP is identified as belonging to the VPS provider instead of a residential ISP, it's trivial for streaming services to block you. On https://ipinfo.io/what-is-my-ip see your ASN and Organization Info.
trace route would always timeout with 192.205.32.78 when it failed which is the last hop before it hit China, and it is clearly an AT&T device which failed the trace.
>trace route would always timeout with 192.205.32.78 when it failed which is the last hop before it hit China, and it is clearly an AT&T device which failed the trace.
>
>https://ipinfo.io/192.205.32.78
trace route would always timeout with 192.205.32.78 when it failed which is the last hop before it hit China, and it is clearly an AT&T device which failed the trace.
Itu lokasi ambilnya dari database geoip. Jadi basically ISP lu daftarin ownership IP address ada data lokasinya. Kek lu masukin biodata di form, ada data alamat lu. Bisa dicek di https://ipinfo.io. Nah, masalahnya, data lokasi itu bisa aja ga akurat karena ISP bisa daftarin alamat headquarter-nya mereka (e.g., Jakarta) despite IP-nya bakal dipake di Surabaya.
Finally got it to work, after a lot of frustration. IHttpClientFactory is not as useful as I had thought. Need to new up an HttpClient, and reset the baseUri, then it will work, in that instance.
protected override async Task OnInitializedAsync() { try { HttpClient http = new HttpClient(); http.BaseAddress = new Uri("https://ipinfo.io/"); var response = await http.GetFromJsonAsync<MemberIPAddress>("json?token=[Key]");
forecasts = await Http.GetFromJsonAsync<WeatherForecast[]>("WeatherForecast"); } catch (AccessTokenNotAvailableException exception) { exception.Redirect(); } }
- Try opening the ports listed here (just scroll down for a port list) by hand on your router.
- Try assigning a fixed IP to your console/PC, and assigning those ports to that IP on your router.
Destiny does not have a single IP, because there are all kinds of servers and services. If you want to get the IP ranges from Bungie here.
If you live in a country censoring Bungie, you'll need some great deal of elbow grease and a decent VPN. You'd need to configure a policy where the VPN should connect to every Bungie IP, but every other IP should get a direct connection (because Destiny still has a great deal of P2P connections).
I want to split tunnel specifically WSL2; it seems to be working perfectly on other apps (for example I have Firefox split tunneled but not Edge, and that is working correctly).
However, when I go into Ubuntu Server 20.04 via WSL2 and do a check on the ip via command : curl https://ipinfo.io/ip the IP is my local IP and not the VPN's IP.
Starlink uses CGNAT too. I think that's unlikely to change anytime soon since they only currently have 256 IPv4 addresses on their whole ASN.
I'm not overly familiar with Telegram, but they operate AS59930. Assuming all their services are run from the IP addresses associated with this network, then you can just add the following two blocks to your aliases:
149.154.172.0/22
91.108.12.0/22
https://ipinfo.io/AS59930#blocks
Make sure your 'Alias' type is 'Network(s)' rather than 'Host(s)' otherwise pfSense will break those /22s into 2048 individual IP addresses and makes a bit of a mess.
Then why is my client constantly connecting me to this subnet. Why is my google showing up in ukrainian. Also why does every IP on the subnet I've connected to trace back to Kyiv City, Ukraine when using ipinfo.io?
This is still happening for us in Austria, same ISP as multiple countries. ISP is Liberty Global/AS6830 we have constant packet loss also, about 5-10% depending on the server IP, on OVH servers it works fine however for your regular servers we always use VPNs... there have been multiple tickets sent already, to hiperz and to your platform /u/Faceit_Jimmy
>infotracer.com
Yea I was thinking outside of a isp breach I don't see how you would be able to tell.
Out of curiosity I tried to dox myself using my public ip but didn't get much. I also tried a background check on: infotracer.com same info as matelgo or ipinfo.io.
I'm guessing OrdinaryGamers has a cop buddy or knows someone that works at the target isp.
This has lots of good and helpful links in one place. Thank you for that. The following site below showed my gateway IP as being correct location.
ip2location: good
ipinfo.io: good
maxmind: good
iphub: good
db-ip: good
For example:
const url="<code>https://ipinfo.io</code>"
const req = await (new Request(url).loadJSON())
const ipaddress = req.ip
​
Or you just use Shortcuts if you just need to quickly display the ip address, it has an action for it.
If you can do something to reset your IP assuming you get a random DHCP IP from your ISP that would be a good start. That way the IP the attackers are using will point to someone else. Unfortunately, even for ISP we often always get the same IP. Do you have Ports 63675, 64337, and 34444 exposed on your PFSENSE for port forwarding or anything? If so, logon to your PFSENSE and change those ports if you can. That may delay them some unless they do a new full port scan on your connection. Do you see in the logs if a full port scan was done by someone? The randomness of the source IPs means someone released information about your network on probably the dark web and multiple hackers are now trying to get in. I also notice all of the source IPs using ipinfo.io list TOR as one of their privacy services. Have you recently installed a TOR browser or something similar? If so, could it be acting like torrent application and trying to serve as a node but being denied?
Ehrlich gesagt weiss ich das nicht, ich hab's in der Liste der anderen auf dem Server gehosteten Seiten nicht gefunden. Aber kannst ja selbst nochmal nachschauen: https://ipinfo.io/AS41915/194.37.72.0/21-194.37.75.0/25