echoip
echoip copied to clipboard
Published
20 hours ago •
mpolden
mpolden
Insane amount of blank redirects (> 50 at times)
Hi, I am making app which fetches location using ip address, I noticed that sometimes there are a lot of redirects. Most of the time there are none, but when redirects occur, there is a LOT of them and they redirect to the same address:
[00:00:00.244] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.360] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.468] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.573] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.687] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.794] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.902] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:01.012] (7f063214b640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.254] (7ff03ce3f640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.361] (7ff03ce3f640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.471] (7ff03ce3f640) DEBUG redirecting 'https://ifconfig.co/json' to 'https://ifconfig.co/json'
[00:00:00.618] (7ff03ce3f640) DEBUG redirecting 'https://ifconfig.co/json' to 'http://45.135.56.105/json?imgdjeknohlnohlf'
[00:00:00.618] (7ff03ce3f640) DEBUG starting new connection: http://45.135.56.105/
[00:00:00.752] (7ff03ce3f640) DEBUG redirecting 'http://45.135.56.105/json?imgdjeknohlnohlf' to 'http://45.135.56.105/json?imgdjeknohlnohlf?phlfknglfcjmgdbi'
[00:00:00.753] (7ff03ce3f640) DEBUG starting new connection: http://45.135.56.105/
[00:00:00.886] (7ff03ce3f640) DEBUG redirecting 'http://45.135.56.105/json?imgdjeknohlnohlf?phlfknglfcjmgdbi' to 'http://45.135.56.105/json?imgdjeknohlnohlf'
[00:00:00.886] (7ff03ce3f640) DEBUG starting new connection: http://45.135.56.105/
[00:00:00.976] (7ff03ce3f640) DEBUG redirecting 'http://45.135.56.105/json?imgdjeknohlnohlf' to 'http://45.135.56.105/json?imgdjeknohlnohlf'
[00:00:00.976] (7ff03ce3f640) DEBUG starting new connection: http://45.135.56.105/
[00:00:01.066] (7ff03ce3f640) DEBUG redirecting 'http://45.135.56.105/json?imgdjeknohlnohlf' to 'http://45.135.56.105/json?imgdjeknohlnohlf'
[00:00:01.067] (7ff03ce3f640) DEBUG starting new connection: http://45.135.56.105/
I captured this with curl too:
curl -v https://ifconfig.co/json
* Trying 2606:4700:3036::6815:1956:443...
* Connected to ifconfig.co (2606:4700:3036::6815:1956) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com
* start date: Aug 11 00:00:00 2021 GMT
* expire date: Aug 10 23:59:59 2022 GMT
* subjectAltName: host "ifconfig.co" matched cert's "ifconfig.co"
* issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3
* SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55b6bfa23960)
> GET /json HTTP/2
> Host: ifconfig.co
> user-agent: curl/7.78.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
< HTTP/2 302
< date: Tue, 24 Aug 2021 17:04:43 GMT
< p3p: CP=NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM
< location: /json
< set-cookie: oooo4efce71b=d778bf3boooo4efce71b_d778bf3b; Path=/
< cf-cache-status: DYNAMIC
< expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa5KimMO2UFM5HCHAoMBkdfTtKmKRZ4oIg%2FYY133WPnakmMneSKYzE5Y42CAlsy4wYhMkvJ9PdwzX1eZTaUNxETTanK%2FzXosNr6x9kLV4ATJ%2FzbXaPxwQ%2Byw9k8EMuEi12goqIu4V7ellA%3D%3D"}],"group":"cf-nel","max_age":604800}
< nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
< server: cloudflare
< cf-ray: 683e295229424991-DME
< alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
<
* Connection #0 to host ifconfig.co left intact
As you can see, it tries to redirect me to the same address /json. Same happens in app.
I tried setting max redirect count to something crazy like 50, but even then I got errors.
I am not spamming service with requests, so far it was a request every few minutes at most. What could cause all these redirects?
I don't have this problem on my own instance, running in docker, so it must be either one of the latest changes not yet in docker image or weird routing?
I think that when cloudflare thinks your'e a robot - it thinks your'e a robot
I was just trying to curl -s ifconfig.co/json | jq -r '(.city + "/" + .country + "/" + .ip)' which worked yesterday on my VPN-connected VM but today I'm getting
<div id="trk_jschal_js" style="display:none;background-image:url('/cdn-cgi/images/trace/jsch/nojs/transparent.gif?ray=77067ecdef0d335a')"></div>
<div id="challenge-body-text" class="core-msg spacer">
ifconfig.co needs to review the security of your connection before proceeding.
</div>
...
