Recently, I saw icanhazip.com pop up in my pFsense firewall logs. It was immediately blocked but the name piqued my interest, so I did a little digging which revealed an interesting backstory.
It’s owned by Cloudflare:
spoiler

spoiler

…but it hasn’t always been theirs: icanhazip: How a simple IP address tool survived a deluge of users. Pretty interesting, at least to me as I have never encountered it before.
I have it still blocked as nothing I’m doing seems hampered by blocking icanhazip.com’s ip range. Anyone else ever encounter icanhazip.com?
I think I found the source of the icanhazip.com block. From the Github Issues page:
2025-03-27 17:00:02] production.ERROR: Failed to fetch external IP address. [“cURL error 60: SSL: no alternative certificate subject name matches target hostname ‘icanhazip.com’ (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://icanhazip.com/%E2%80%9D]
ETA: Solved
I think I found the source of the icanhazip.com block. From the Github Issues page:
2025-03-27 17:00:02] production.ERROR: Failed to fetch external IP address. [“cURL error 60: SSL: no alternative certificate subject name matches target hostname ‘icanhazip.com’ (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://icanhazip.com/”]


I use ipecho.net, or ipecho.net/plain if I’m using curl
The thought just struck me that there may be who knows how many of these out in the wild. Little ‘touch stones’ that people use across a global internet.