Please consider removing RC4 support etc.
https://www.ssllabs.com/ssltest/analyze.html?d=api.ipify.org&s=107.21.241.89&latest

See this fine tool:
https://mozilla.github.io/server-side-tls/ssl-config-generator/

I've been using ipify and I've noticed that my IPv6 only shows if I enter from Firefox, when I enter from Chrome or another browser it always shows my IPv4 even if I enter from api6.ipify.org

Thanks.

In about 1/4 readings of api.ipify.org the result is HTML code, not plain text.

Why is this?

For ease of development and deployment, Docker support could be added to the project. This removes the need for dependencies on the developer's local machine (in this case, Go) and provides an easily portable container for developing and distributing.

Acceptance criteria

• Add a Dockerfile and docker-compose.yml for development
• Running docker-compose up runs the server successfully.

One picture is better than a thousand words.

Maybe I'm mistaking but to my knowledge this is not an IPv6 address.

When you hit https://api.ipify.org/, the certificate is untrusted because it doesn't match '*.herokuapp.com', or 'herokuapp.com'. Would be great to have the SSL certificate trusted so calls can be made in a secure manner.

👏

Firstly apologies if this is not the right place to report this issue. I figured the alternative would be either to tweet or email you and out of these three options, this seemed most appropriate.

It seems the SSL certificate for api.ipify.org has expired today, 21/11/2016.

Hi @rdegges , Can you please some guidance on how to host this ipify-api internally on a webserver?

Appreciate your help

thanks

Jay

https://github.com/rdegges/ipify-api/blob/master/LICENSE

I was just using an application that was using your API (pretty cool idea, btw), and I noticed that it was failing because Cisco Security have blocked https://api.ipify.org using DNS RPZ. Specifically,

A hostname, network address, or nameserver associated with api.ipify.org has been manually identified by CSIRT as malicious or a security risk which has resulted in this block.

I'm a little surprised this has happened as you state you're served by Heroku, but I thought you may want to look into this.

More details on DNS RPZ here: https://blogs.cisco.com/security/using-dns-rpz-to-block-malicious-dns-requests

HTH :)

TBF, looking at #2 , I can't help but think that this is part of the same problem. :( But interestingly, it means that a web service that is (imo incorrectly) using api.ipify.org is completely broken for as long as I have Umbrella screening my DNS requests.

If a user sends a custom X-Forwarded-For header, this messes up the load balancer handling of the header. Need to debug this more to find a solution.

If one tries to request an IPv6 address from api6.ipify.org on a host that has no IPv6 connectivity, api6.ipify.org returns and IPv4 address.

Would be better to prevent that, e.g. simply by making sure api6.ipify.org does not have an A record in DNS, only AAAA. Currently it has both.

Perhaps also add measures against returning an IPv4 address when a v6 one is requested in code, and vice versa.

First off, thanks for providing this service!

Unfortunately it seems that Bitdefender anti-virus has listed the domain ipify.org as serving malware.
This may be because some malware authors have used the ipify.org service in their executable, see: https://malwr.com/analysis/NDY2YWRkOGU3MTAzNGVkNDgwNmVmMzQwZGI5ODVkNTE/
This occurs with the lastest version of Bitdefender (1.0.21.1099).

Might as well change

print 'My public IP address is:', ip

to

print('My public IP address is:', ip)

RIP print
:-(

Hi,

It looks like Chrome is blocking this service from being used in a webpage.

Cross-Origin Read Blocking (CORB) blocked cross-origin response https://api.ipify.org/?format=json with MIME type application/json. See https://www.chromestatus.com/feature/5629709824032768 for more details.

I am pretty confused by Google's explanation at: https://chromium.googlesource.com/chromium/src/+/master/services/network/cross_origin_read_blocking_explainer.md

Because the JSON syntax is derived from and overlaps with JavaScript, care must be taken to handle the possibility of JavaScript/JSON polyglots. CORB handles the following cases for JSON:

Non-empty JSON object literal: A non-empty JSON object (such as {"key": "value"}). This is precisely the subset of JSON syntax which is invalid JavaScript syntax -- the colon after the first string literal will generate a syntax error. CORB can protect these cases, even if labeled with a different Content-Type, by sniffing the response body.

Uhhhhhhhhhhhhhhhhhhhhhhh..........isn't that the wrong way round? That {"key": "value"} is valid as both JSON and as a JS object. It would be {key: "value"} that is valid JS object, but not valid JSON.

The code I'm using on a webpage is as follows. It doesn't reach the success callback as response.json fails, due to the response being empty.

    const params = {
      mode: 'no-cors',
      redirect: "follow",
      referrer: "no-referrer"
    };

    fetch('https://api.ipify.org/?format=json', params)
      .then(response => response.json())
      .then(successCallback)
      .catch(failCallback);

basically allow getting ip address without the need of jsonp.

Googling i only have found rejections in context of using localization services and user ip.

PS: I love your service. It's very convenient and easy to use.

On ipify.org:

$ curl 'https://api.ipify.org?format=json'
{"ip":"46.x.x.17"}

46.x.x.17 is my correct external IP. This is also what https://ident.me/ shows.

On api.ipify.org:

172.16.x.x

This is the internal/local IP.

Hi,

When I hit the service with say
https://api.ipify.org/?format=jsonp

I get back as expected:
callback({"ip":"195.xxx.xxx.xxx"});

However if I add the "callback" parameter, for example
http://api.ipify.org/?format=jsonp&callback=jq

...then I get back:
jq({"ip":"\u003cnil\u003e"});

Why? Is this a bug?

your api shows me two IP addresses. one is the right and the other (185.103.110.182).
I would like to answer. No VPN or proxy.

Is there a limit on the number of times or frequency

Occasionally (reasonably often) the ipify API will return some application error HTML generated by Heroku instead of an IP.

For example:

<!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta charset="utf-8"> <title>Application Error</title> <style media="screen"> html,body,iframe { margin: 0; padding: 0; } html,body { height: 100%; overflow: hidden; } iframe { width: 100%; height: 100%; border: 0; } </style> </head> <body> <iframe src="//www.herokucdn.com/error-pages/application-error.html"></iframe> </body> </html><!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta charset="utf-8"> <title>Application Error</title> <style media="screen"> html,body,iframe { margin: 0; padding: 0; } html,body { height: 100%; overflow: hidden; } iframe { width: 100%; height: 100%; border: 0; } </style> </head> <body> <iframe src="//www.herokucdn.com/error-pages/application-error.html"></iframe> </body> </html><!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta charset="utf-8"> <title>Application Error</title> <style media="screen"> html,body,iframe { margin: 0; padding: 0; } html,body { height: 100%; overflow: hidden; } iframe { width: 100%; height: 100%; border: 0; } </style> </head> <body> <iframe src="//www.herokucdn.com/error-pages/application-error.html"></iframe> </body> </html><!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta charset="utf-8"> <title>Application Error</title> <style media="screen"> html,body,iframe { margin: 0; padding: 0; } html,body { height: 100%; overflow: hidden; } iframe { width: 100%; height: 100%; border: 0; } </style> </head> <body> <iframe src="//www.herokucdn.com/error-pages/application-error.html"></iframe> </body> </html>

When running in a shell script this is annoying to handle correctly -- on application errors, I'd rather see a blank response than this.

I know you have this labeled as open source on the website, but adding a license will help others when modifying it and such.

This codebase deployed to Heroku works great. What would the process be to deploy this to Google Cloud as an App Engine service?

Not sure if the service isn't active anymore, but it appears to no longer be routing properly:

Hi,
this Api https://api.ipify.org?format=json is not working for older version of android but it is working fine in android marshmallow devices.
It is working fine after remove s from the API means APi URL is
http://api.ipify.org?format=json

Anyway to say thank you other than this message?

Even the ability for a one off via Ko-fi etc would be great :-)

On www.ipify.org it says

No visitor information is ever logged. Period.

however, the code has this line

fmt.Fprintln(os.Stderr, "WOOT:", r.Header.Get("X-Forwarded-For"))

which on heroku effectively logs every request made to the api.
Is this code a misplaced debug or is the website incorrect?

Would you consider dual-licensing this under the MIT and Unlicense? My company tries to steer clear of the Unlicense.

Hi, first off, thanks for this service!

For 2 days, some web clients have this error:

{
    "data": null,
    "status": -1,
    "config": {
        "method": "GET",
        "transformRequest": [null],
        "transformResponse": [null],
        "url": "https://api.ipify.org?format=json",
        "headers": {
            "Accept": "application/json, text/plain, */*"
        }
    },
    "statusText": ""
}

Could you tell me why?

Thank you very much.

This IP address info app - written in HTML - uses your service: api.ipify.org
Thank you!

http://szepeviktor.github.io/ip-info/?107.20.135.99

@topcoder1

We are using https://api.ipify.org/?format=json. Which is working fine in MAC Chrome but in windows chrome it is GIVING CORS issue.

Would be nice to include cache headers to prevent odd behavior from some ISPs:

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0

We regularly get 404 responses when calling https://api.ipify.org?format=jsonp&callback=JSON_CALLBACK. We use the service in our client code, so it might be an issue on our customers' machines. Do you have any explanation what might cause it?

Quad9 9.9.9.9 blocks api.ipify.org as well https://www.quad9.net/

9.9.9.9 is a popular global "secure" DNS server that many people use in their forwarders (for example).

Ipify.org also doesn't have an aaaa record

The api URL seems to be giving me a text result of:
<nil>
from the command
wget http://api.ipify.org -4 -q -O -

As json curl 'http://api.ipify.org?format=json' gives {"ip":"\u003cnil\u003e"}

If I were to guess I'd say it might be something to do with a header I add ... X-Forwarded-for 192.0.2.1 but that's not certain.

i tried to get the ip info using:

$.getJSON("https://api.ipify.org?format=jsonp&callback=?", function(json) {
    ip = json.ip;
});

but the callback doesn't get called and in the Network tab of devtools shows me that the request got redirected to data:text/plain,

Can you provide a Privacy Policy.

hello i try to use your api with the EasyDDNS library for arduino... i was trying to check my ip address and update my ddns acount with it.. it seems though that your api returns me an error -1 http code and i cannot get my ip address..
i run this on a Node Mcu Lua Esp8266 if this helps..

Hello,
i appreciate your work because it's stable, simple and easy to use
and it will really be great & perfect if you ll add Country Localization feature
Thank you

CSV Datei muss übertragen werden auf [email protected]

When querying https://api6.ipify.org, about one out of 3 of requests end up with SSLError WRONG_VERSION_NUMBER. Here is such instance:

wget https://api6.ipify.org --2021-02-28 18:34:21-- https://api6.ipify.org/ Resolving api6.ipify.org (api6.ipify.org)... 2607:f2d8:4010:c::2, 2607:f2d8:4010:8::2, 2607:f2d8:4010:b::2 Connecting to api6.ipify.org (api6.ipify.org)|2607:f2d8:4010:c::2|:443... connected. GnuTLS: An unexpected TLS packet was received. Unable to establish SSL connection.
As seen above the address api6.ipify.org resolves to 2607:f2d8:4010:c::2, 2607:f2d8:4010:8::2, 2607:f2d8:4010:b::2. The server at address 2607:f2d8:4010:c::2 yields the error, while the other 2 connect correctly and return the answer.

Results of http and https are different.
I connected using mobile phone tethering.

`
$ curl https://api.ipify.org?format=json
{"ip":"223.62.22.15"}

$ curl http://api.ipify.org?format=json
{"ip":"223.39.189.45"}
`

While having Ublock origin enabled the IP no longer appears on the webpage. Currently building a web app using MVC Core and ipify was embedded on the page using JS.

It seems one of the root/intermediate certificates for api.ipify.org have expired on May 30th 2020.

Ths certificate itself is valid but the intermediates seem to no longer validate. From browsers, this will look transparent but from machines/curl/node call it will show as an invalid certificate. We are currently hitting this from a node/electron application when trying to use api.ipify.org.

Relevant links:

• https://support.sectigo.com/articles/Knowledge/Sectigo-AddTrust-External-CA-Root-Expiring-May-30-2020
• https://www.sslshopper.com/ssl-checker.html#hostname=api.ipify.org
• https://news.ycombinator.com/item?id=23362759