• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

AAC PayPal random IP's cause failed IPN verifcation

Extrodus

|| Blazera.net ||
Premium User
Joined
Dec 22, 2008
Messages
2,724
Solutions
7
Reaction score
534
Location
Canada
Hey there guys, so I've spent the past 3 hours trying to figure out why PayPal IPN servers wont stick to configurable IPS.
I've checked the PayPal Live IP List, and they don't even have a 172.~ ip listed there. what are-the-ip-addresses-for-live-paypal-servers (https://www.paypal.com/ca/smarthelp/article/what-are-the-ip-addresses-for-live-paypal-servers-ts1056)

I've resent the IPN request 19 times and these are the IP's I've logged:
173.0.81.65, 172.70.34.178, 173.245.54.237, 172.68.65.232, 172.69.22.32, 172.68.132.149, 172.68.57.83
172.68.189.91, 172.69.22.86 , 172.69.63.125

This is the current code - I have added gethostbyname attempting to resolve it that way but that doesn't work to verify since the IP's change continuously there too.
PHP:
    $ip = $_SERVER['REMOTE_ADDR'];
    $ips = array('173.0.81.1','173.0.81.33','66.211.170.66');
    $wip = gethostbyname("ipnpb.paypal.com");
    $wip2 = gethostbyname("notify.paypal.com");
    //echo $wip2;
    if(!in_array($ip, $ips, $wip, $wip2)) {
        print "Your IP has been logged.";
        $hak = fopen("scammer.log", "a");
        fwrite($hak, "$ip \r\n");
        fclose($hak);
        die(0);
    }

Does anyone know how to verify PayPal's IPN servers and does the code below look like a good substitute?

Code:
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
 if (!preg_match('/paypal.com$/', $hostname)) { 
$ipn_status = 'Validation post isn't from PayPal';
 
Last edited:
If you want to verify by IP I recommend to use GeoIP2 ISP database and verify IP if it match PayPal ASN.
 
Hey there guys, so I've spent the past 3 hours trying to figure out why PayPal IPN servers wont stick to configurable IPS.
I've checked the PayPal Live IP List, and they don't even have a 172.~ ip listed there. what are-the-ip-addresses-for-live-paypal-servers (https://www.paypal.com/ca/smarthelp/article/what-are-the-ip-addresses-for-live-paypal-servers-ts1056)

I've resent the IPN request 19 times and these are the IP's I've logged:
173.0.81.65, 172.70.34.178, 173.245.54.237, 172.68.65.232, 172.69.22.32, 172.68.132.149, 172.68.57.83
172.68.189.91, 172.69.22.86 , 172.69.63.125

This is the current code - I have added gethostbyname attempting to resolve it that way but that doesn't work to verify since the IP's change continuously there too.
PHP:
    $ip = $_SERVER['REMOTE_ADDR'];
    $ips = array('173.0.81.1','173.0.81.33','66.211.170.66');
    $wip = gethostbyname("ipnpb.paypal.com");
    $wip2 = gethostbyname("notify.paypal.com");
    //echo $wip2;
    if(!in_array($ip, $ips, $wip, $wip2)) {
        print "Your IP has been logged.";
        $hak = fopen("scammer.log", "a");
        fwrite($hak, "$ip \r\n");
        fclose($hak);
        die(0);
    }

Does anyone know how to verify PayPal's IPN servers and does the code below look like a good substitute?

Code:
$hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
 if (!preg_match('/paypal.com$/', $hostname)) {
$ipn_status = 'Validation post isn't from PayPal';
Checked this IP on geolocation site Comprehensive IP address data, IP geolocation API and database - IPInfo.io (https://ipinfo.io/):
172.68.132.149 - owner Cloudflare, Inc.

It looks like you are using Cloudflare protection. When you use it, you must edit apache/nginx configuration to pass real user IP from Cloudflare to PHP.
How to edit config of any webserver you can find there:

Anyway, if you are using Gesior2012 these 3 checks are wrong:
Code:
    $ips = array('173.0.81.1','173.0.81.33','66.211.170.66'); // this list misses new IPs added few days ago by PayPal
    $wip = gethostbyname("ipnpb.paypal.com"); // Gesior2012 uses 'notify' system, not IPN
    $wip2 = gethostbyname("notify.paypal.com"); // this return IP in format x.x.x.x like 173.0.81.1, just one IP, not list of all possible paypal IPs
How to check list of new IPs of PayPal:
You can also check it using PHP function, but you must use gethostbyaddr (get domain by IP), not gethostbyname (get IP by domain):
Code:
if (gethostbyaddr($_SERVER['REMOTE_ADDR']) !== '') {
    echo 'wrong IP address';
    exit;
}

First fix Cloudflare problem, then make sure your PayPal IP check is up to date.
If you need some help, you can contact me on Discord: Gesior.pl#3208
 
Hmm okay, I wasnt sending it through the active cloudflare (blazera.net) - I was sending the ipns through (login.blazera.net) which is not proxied by cloudflare. I even tried sending it directly to the IP of the server with no luck - I'm going to do further tests right now and let you know the results. Also, it shows my IP when I check the page - so its almost like its on PayPal's end that this is coming from.. I'm completely disabling CloudFlare now and going to start from scratch to hopefully get this working, will send you a shout if I dont end up getting it <3
 
Last edited:
Back
Top