IP-API.com discussion

[Moonraker]

http://ip-api.com/
this is being blocked by ublock origin by an adguard spyware filter i should add.

[Moonchild]

Question: Why isn't http://ip-api.com/ using HTTPS?

Because it's not needed. Everyone and their mom can do a geoip database lookip. Neither the requests nor the responses have any value beyond what is already in the open when looking up your own IP even if it -was- https...
If you want https you can use their paid service, though.

http://ip-api.com/
this is being blocked by ublock origin by an adguard spyware filter i should add.

Then whomever is in charge of that filter list should be taken out back for some "re-education".

[vannilla]

https://spyware.neocities.org/articles/http.html

The language used in the HTTP specification explicitly says that the protocol was designed with enabling the datamining of its users in mind

I'm definitely missing something here...

As to the home page. People use that?!

I do, though admittedly I should configure my content blocker to allow more requests from that page.
It does provide some revenue for the developers after all.

[Moonchild]

I'm definitely missing something here...

I'd like a reference to where the spec says this

[Frasier]

I'd like a reference to where the spec says this

From the link vannilla posted:

https://spyware.neocities.org/articles/http.html

[New Tobin Paradigm]

I think he meant from the actual HTTP specification.. Not the fake news on that website.

[Isengrim]

As a comment on an unrelated ghacks thread put it, privacy nuts being nuts. Of course HTTP wasn't designed with privacy in mind - it was designed to transfer information in an age where exploitation of data by dubious parties did not yet exist.

I have my privacy concerns about using the internet, as do many people I know, but folks who write half-truths and spread FUD like this accomplish nothing except making the rest of us look bad. It's ridiculous.

[superA]

http://ip-api.com/
this is being blocked by ublock origin by an adguard spyware filter i should add.

Then whomever is in charge of that filter list should be taken out back for some "re-education".

I doupt.
http://ip-api.com/ is also blocked by easyprivacy too and MVPS HOSTS and
hpHosts’tracking servers.

[Moonchild]

Just because people are copying each other's list entries doesn't mean they are right in doing so.

ip-api.com is most certainly NOT a tracker, and isn't a privacy issue.
I think someone added it because some websites display a widget with publicly available geolocation data retrieved from that API, and for an uneducated user that might seem like an invasion of privacy (oh no! this website knows my location!) while, in fact, the website owners:

• Already have that data in their web server log because they know your IP. Blocking the geoip lookup in the web page will make no difference.
• Aren't involved at all in that data being presented to you (since it'll be your browser directly retrieving the geo data)

MVPS hosts, by the way, does not block it (it's listed but commented out). It only blocks the pro one which is likely to be used by commercial users, which is kind of silly in itself because those people won't be blocking their own tool

[gepus]

I doupt.
http://ip-api.com/ is also blocked by easyprivacy too and MVPS HOSTS and
hpHosts’tracking servers.

I doubt also.
The site works fine with uBlock and the EasyPrivacy filter list. Can't tell about the other filter lists since I don't use them.

[superA]

I agree with MC, they are copying each other's list entries and the rule is in fact useless.

gepus
Before you start doupting check easyprivacy again.
It is blocked as a third party, the others block it as a first party just like adguard s everywear.

[Moonchild]

It shouldn't even be blocked as a 3rd party because it's not a tracker or ad server, at all. It's a geo lookup tool (translates IP addresses to geographical locations), and that's all.

It's actually a problem if it's in a hosts list you're using, because it will prevent Pale Moon from performing geolocation lookups even if you want to allow it on a specific website.

[gepus]

Before you start doupting check easyprivacy again.
It is blocked as a third party, the others block it as a first party just like adguard s everywear.

Sorry but I'm still doubting and for a good reason:
https://i.postimg.cc/Pxn3pNTP/2019-02-21-213957.png

[Moonchild]

Sorry but I'm still doubting and for a good reason:
https://i.postimg.cc/Pxn3pNTP/2019-02-21-213957.png

So what exactly is the reason? your screenshot doesn't show me anything unwanted.

[JustOff]

I'm not sure if this is offtopic or not, but why would anyone even need to use geolocation in the desktop browser?

[Moonchild]

I'm not sure if this is offtopic or not, but why would anyone even need to use geolocation in the desktop browser?

... You're kidding, right?

Websites will regularly request geolocation to be able to provide you with catered local services. That's not something exclusively reserved to mobile devices. E.g. a store chain may want to get your location to be able to select the relevant store in your area for contacting information or local offers. A train site might use it to provide travel planning from your home to where you want to go, etc.

[JustOff]

Websites will regularly request geolocation to be able to provide you with catered local services.

I'm serious, they already know my ip, so why would I care to provide any additional data? I've never allowed it and everything was fine.

[gepus]

Sorry but I'm still doubting and for a good reason:
https://i.postimg.cc/Pxn3pNTP/2019-02-21-213957.png

So what exactly is the reason? your screenshot doesn't show me anything unwanted.

I doubt that superA is right by claiming that EasyPrivacy filter list is blocking http://ip-api.com/.
See here.
My screenshot shows that it doesn't. No wonder that you can't see anything unwanted.

[Moonchild]

Websites will regularly request geolocation to be able to provide you with catered local services.

I'm serious, they already know my ip, so why would I care to provide any additional data? I've never allowed it and everything was fine.

I'm serious too. Websites that do it properly will ASK you. The IP they see from the server end might, after all, not be the outbound IP of your actual connection, meaning there's a good chance of error.
Also, there is no "additional" data. Either they look up the IP address server-side and get latitude/longitude, or they ask the browser to provide latitude/longitude through a geo lookup.

[JustOff]

The IP they see from the server end might, after all, not be the outbound IP of your actual connection, meaning there's a good chance of error.

But in such situations, the data provided by IP-API.com will also be incorrect.

Also, there is no "additional" data. Either they look up the IP address server-side and get latitude/longitude, or they ask the browser to provide latitude/longitude through a geo lookup.

If I use a mobile device, it can potentially provide more accurate data, but on the desktop the only source for this is my ip, so I really don't understand why should I care.