My ISP external IP being sent through Cloudflare?

G’day from Australia. I still use Windows 7, and the desktop app ‘Network Meter’.
From time to time, the Ext IP: will show random. I keep blocking new ones in my firewall (Private Firwall) from Cloudflare IP such as,
172.68.86.7
172.68.86.5
108.162.250.128
I have a dozen more.
My ISP says they know nothing about this.
I’m not tech savvy enough to see if there’s a man in the middle thing going on.
Anyone have any tips, ideas? Thank you.
cloudflare-spy-021120

Are you using Cloudflare Warp?

G’day.
No my ZTE NBN router is set to use my ISP’s DNS

Try using your phone, open “https://ipinfo.io/”, does it show your ISP IP?

If it shows your ISP IP, then your desktop is running a VPN software connected to Cloudflare (CF Warp maybe)

But if shows Cloudflare’s IP, then there’s something weird about your network :grimacing:

G’day.
Yes phone shows my IP is my ISP’s…as does the same PC right now.
The Cloudflare IP switch over comes and goes.
I have two other Win7 PC’s with ‘Network Meter’ showing the same odd back and forth changes.
Both of those have bare-bones software installed.
I built all my PC’s from fresh installs.
Only thing like a VPN I have on my main PC, is the ‘Epic Privacy Browser’.
That’s not installed in the other two PC’s which rules it out.
I went to the ISP 24 hours ago and manually changed my IP4 and IP6.
That didn’t work, as I type, the app is now showing 108.162.249.15
I’m now wondering if the ‘Network Meter’ app makers (addgadgets.com) are up to something.
Cheers. :+1:

Last night I noticed the same Cloudflare IP showing on a second computer I hardly use.
Neither computer is in sync with the other.
Both use the same router.

Network Meter people have yet to reply to my email with a link to this thread.

May I ask, what is Network Meter?

What’s the output of the following:

https://1.1.1.1/cdn-cgi/trace (does it show your home IP?)

What does Google say when you search whats my ip?

G’day,
Network Meter, is a built in Microsoft app in Windows 7.
Network Meter and https://1.1.1.1/cdn-cgi/trace is curnelty showing my ISP IP
The switch comes and goes.
Below is a list of the saved Cloudflare IP’s that have saved.
Does anyone see any oddly sued Cloudflare IP’s, or are they all publicly used?
If there were a few used only by a special group or app, that would help a-lot.

233.255.2.7

162.158.2.53
162.158.2.21
162.158.2.223
162.158.2.229

108.162.249.15
108.162.249.41
108.162.249.59
108.162.249.85
108.162.249.97
108.162.249.109
108.162.249.131
108.162.249.241
108.162.249.243

108.162.250.24
108.162.250.82
108.162.250.128
108.162.250.132
108.162.250.140
108.162.250.148
108.162.250.166

172.68.86.5
172.68.86.7
172.68.86.119
172.68.126.133
172.68.126.135
172.69.162.151

For me personally, just ignore the network meter.

If you want reliable info, you can just search “what is my ip” on Google or checking at Cloudflare’s trace at https://1.1.1.1/cdn-cgi/trace.

I would, but what if it’s not the Network Meter, but something in Windows 7 or my Chinese ZTE router?
I’m not accusing Cloudflare.
But something or someone IS using Cloudlfare’s service, possibly in breach of the TOS
I can’t ignore all those IP’s in my last post. (there were more but I lost the list)
Does anyone see any odd private CF ranges in IP list in my last post?
Or are they all public Cloudflare IP’s?
Thank you.

That’s why I said to compare IP address results on Google (what is my ip) or Cloudflare’s 1.1.1.1/cdn-cgi/trace.

I think those IP addresses are used for egress (connections going OUT from Cloudflare’s servers), not ingest (accessing to/going into Cloudflare servers).

If websites shows your real ISP IP, then that “Network Meter” seems to have issues. There’s no correlation with your ZTE/Huawei routers. My ISP use those GPON routers from ZTE, but eveything looks fine for me.

Maybe do you use Cloudflare as DNS (1.1.1.1 or 1.0.0.1)?

1 Like

No, thus why I’m keen to find out what’s either in my OS, or router, calling up Cloudflare.

I’ve set my ISP’s dns manually in the ZTE router instead of letting it do so automatically.

I was on a USA (I’m in Australia) MyBB forum about fishing a few months ago, and my shown login IP was a Cloudflare that macthed the one shown on Network Meter.

Can anyone tell me is any of theses CF IP’s are reserved for private use?

162.158.2.53
162.158.2.21
162.158.2.223
162.158.2.229

108.162.249.15
108.162.249.41
108.162.249.59
108.162.249.85
108.162.249.97
108.162.249.109
108.162.249.131
108.162.249.241
108.162.249.243

108.162.250.24
108.162.250.82
108.162.250.128
108.162.250.132
108.162.250.140
108.162.250.148
108.162.250.166

172.68.86.5
172.68.86.7
172.68.86.119
172.68.126.133
172.68.126.135
172.69.162.151

The cdn-cgi will always show your ISP IP, even when connected to Warp, I’m curious what Google displays your IP as when this happens

New one…
108.162.250.160

‘Always’, like Pegasus, always tell us it’s watching us?
There is no absolutes online.

TR-069, the topic not many speak about. DEF CON 22 - Shahar Tal - I Hunt TR-069 Admins: Pwning ISPs Like a Boss - YouTube

Well, if you’re still worried, why not reinstall your entire computer to Windows 10? :grin:

1 Like

Windows 10 solves router TR-069 and Pegasus OS man in the middle attacks?

Well

  1. you’re currently running Windows 7, which is a 12-yrs old software, Windows stopped supporting it since last year, so no security updates at all.
  2. TR-069 is not exposed to your computer, it’s a communication protocol between your router to your ISP equipment. it doesn’t touch your computer/internet traffic at all. it’s a seperate “link”

It’s getting out of topic here, so maybe mods can close this?

You changed the topic. If you don’t like it, jog on. Maybe the mods could answer a simple request. Are any of the below IP’s ranges, reserved for use by non-public bodies?
162.158.2.53
162.158.2.21
162.158.2.223
162.158.2.229

108.162.249.15
108.162.249.41
108.162.249.59
108.162.249.85
108.162.249.97
108.162.249.109
108.162.249.131
108.162.249.241
108.162.249.243

108.162.250.24
108.162.250.82
108.162.250.128
108.162.250.132
108.162.250.140
108.162.250.148
108.162.250.160
108.162.250.166

172.68.86.5
172.68.86.7
172.68.86.119
172.68.126.133
172.68.126.135
172.69.162.151