YSK: thisismyip.com (website to display your IP) had inserted new code to its website that is detected by Kaspersky antivirus and Fortinet as malicious; Here are some alternatives to use instead - AOS for Lemmy.World - A generic Lemmy server for everyone to use.

18163

YSK: thisismyip.com (website to display your IP) had inserted new code to its website that is detected by Kaspersky antivirus and Fortinet as malicious; Here are some alternatives to use instead

2mon 7d ago by piefed.world/u/beep in youshouldknow

I know that a lot of VPN users have it as a homepage to their browser, that is why I wanted to publish this warning.

You can replace it with:

this is for all the gooners of lemmy

Glad somebody else posted it. Glad it still exists. Some of the internet is still hilarious and amazing.

There is also ifconfig.me which works amazingly on the command like with curl ifconfig.me

The same works with ipinfo.io, it's what I usually use.

Awesome, good to know. Nice it has more info in a JSON blob.

At that point just run ifconfig

That won't tell you the public IP unless you're on a directly-connected machine

That's not how this works. That's not how any of this works.

exept it does? At least in ipv6 land

i could see a situation where a host that only speaks IPv4 would need to add my IP to an allow list, and therefore I would need to check what IPv4 address I appear as, even though I am running IPv6.

icanhazip.com

This is the one true answer.

Just an IP, nothing else. And easily curlable.

Crymyip.com

Was expecting a robotic voice, is this AI?

It exists before AI was a thing. Just a dude recording himself and making a software that plays it relatively smoothly.

The domain was registered in 2012

🤣

I have DuckDuckGo set as my default search engine, so I just search for "ip" and Bob's your uncle

Is it malicious code hosted on the website? Or are they saying that visiting that site is an indicator of compromise because they've malware commonly visiting that site?

Looks like the domain registration expired, according to https://lookup.icann.org/en/lookup

Fortinet marked the website as "malicious", but it doesn't seem to give an explanation as to why it's been given that classification (looked up here: https://www.fortiguard.com/webfilter)

Kasperky wanted an account (and possibly a subscription) to look up the website and I'm not going to give them any of my information so I'm not sure if they gave an explanation as to why the website is flagged.

Visiting https://thisismyip.com/as of now just redirects to a Namecheap landing page so I doubt there's any actual malware on the website. I think Fortinet and Kaspersky preemptively marked it for when a malicious actor picks up the name and starts hosting actual viruses.

Hosted on the website.

I always use check.torproject.org. If I'm not on Tor, it gives me my IP, if I am on Tor it verifies that. Good for both.

There's also https://ip4.me/,nice and simple ipv4 test.

(it also does other IP lookups via https://ip6.me/,https://ip6only.me/, https://whatismyv6.com/)

https://www.ipchicken.com/

It's a good old service, but unfortunately it's so old that it doesn't support IPv6 connections

I just checked with curl and it showed me my IPv6 IP

icanhaz tools:

https://canhazip.com/
https://github.com/major/icanhaz?tab=readme-ov-file
Browserleaks
https://browserleaks.com/ip

https://icanhazip.com/

#!/usr/bin/sh  
dig -4 +short @resolver2.opendns.com myip.opendns.com

#!/usr/bin/pwsh  
Resolve-DnsName -Server resolver2.opendns.com -Name myip.opendns.com -Type A | % { echo $_.IPAddress }

There should be an IPv6 resolver, but I don't remember and am currently unable to test. My PowerShell skills are also effectively non-existent.

A simpler and easy to memorize alternative:

curl ifconfig.me

That still relies on an external website, whereas dig uses just DNS

I saw it used in another comment, and am already aware of the use of curl for such a task, but choose to query DNS services instead—especially in scripts.

but choose to query DNS services instead—especially in scripts.

Why? What advantages do you get?

In order to connect to a site like wtfismyip.com you have to do a dns query for the IP address of the server, then query the http port on that IP address, but what if instead, that first dns query gave the answer to your question?

I worry less about the service breaking, changing, or otherwise disappearing, over a random website.

EDIT: Also what was said in a sibling comment.

Neat, how can you check IPv6? I was able to get my IPv4 address by querying with an A record, but tried with AAAA which doesn't respond with an answer.

dig -6 +short @resolver2.opendns.com myip.opendns.com AAAA

Note: You have to ensure you are actually contacting the server with IPv6.

Ahh yeah, works with @resolver2.opendns.com so I guess my DNS resolver isn't supporting IPv6 or something like that?

This is a service provided by some DNS hosts, with their own special subdomains, and is not universal. They may also require slightly different options.

Other options include:

Google (query for txt record): @ns1.google.com o-o.myaddr.l.google.com
Akaimai (query for txt record): @ns1-1.akamaitech.net whoami.akamai.net
Cloudflare: @1.1.1.1 whoami.cloudflare
Cisco (there are four, as far as can tell): @resolver[1-4].opendns.com myip.opendns.com

…and likely others.

My goto has always been https://www.whatismyip.com/,or https://www.wimi.com/for short.

For us Linux users (BTW), this wtfismyip script just dumps a text string. Just save it to /usr/local/bin or some other location in your path and make it executable, and install the lynx text www browser if you don't have it installed already.

There are a lot of ways to do this, but this works and I'm lazy...

root@tux:~# cat $(which wtfismyip)
#!/bin/bash

printf "%s\n" "Your fucking IP address is $(lynx -dump -nolist http://wtfismyip.com/text)."

root@tux:~# wtfismyip
Your fucking IP address is 13.107.226.41.

also ip.wtf

curl ifconfig.me

Not sure about Linux, but on a Mac you can put it on your clipboard with

curl ifconfig.me | pbcopy

xh ifconfig.me | wl-copy

👍

Oookay, I guess it detects the user agent and only sends the IP number when it detects curl. Using xh did not work as intended.

Huh. Is it going by user-agent or something? Weird.

Our own tiny one goes by the Accept header. If xh sets that to text/html you'll get an HTML webpage though.

Some sites go by that, some go by user agent. I believe xh can fake it's user agent, if I'm not mistaken.

A good compromise would be to go by known user agents, but also heed the accept header. 👍

I've been using wgetip.com for over a decade now

I’ve been using ifconfig.me for a while, you can curl it on the command line

dnsleaktest.com

ipleak.net

Check your IP and your DNS, all in one.

You can just search ip on ddg and it'll show you

i usually use icanhazip.com, seems to work well enough

We have a little one, in case it's useful. https://ip.brightfur.net/Super simple. Works with curl too (autodetects whether to give you plain text or an HTML webpage).

It's like 20 lines of PHP and most of that's HTML.

-- Frost

I wrote my own. It's one of the easiest possible services to write.

IP chicken is another option

I use thiscomputer.info

It's just text. It shows a bit more than just your IP. And it's easy to remember.

ip.me also works well in the terminal with curl. The default response is plaintext

https://httpbin.org/ip

Httpbin has a bunch of other useful endpoints as well

https://ip.fsky.io/

YSK: I’m the webmaster and developer of thisismyip.com, and I can assure you that the site does not contain any malicious code.

Kind regards.

Am.i.mullvad.net