DonInAM ::

subscribe by email and YouTube to get notification of new posts. & videos.

Proxies can be detected

Escrito por

admin

en

resume if you ask «can js know if you’re behind a proxy ?»

google shows

JavaScript cannot directly access your system’s proxy settings or network configuration due to browser security sandboxing. However, JS can be used to infer that you are behind a proxy through several indirect technical methods

1. WebRTC IP Leakage

JavaScript can use the WebRTC API (specifically RTCPeerConnection) to bypass your proxy and discover your «real» local or public IP address. If the IP detected via WebRTC differs from the IP making the HTTP request, the site knows a proxy or VPN is in use. 

2. Network Latency Analysis (TCP Handshake)

Sites can compare the time it takes for a JavaScript-initiated request (like a WebSocket message) to reach their server against the initial TCP handshake time. 

  • Normal: Handshake and JS request have similar latencies.
  • Proxy Detect: The TCP handshake happens between the server and the proxy, while the JS request must travel the full distance from your browser, through the proxy, to the server. This discrepancy flags proxy usage. 

3. Timezone and Geolocation Mismatches

JS can check your local system time (Intl.DateTimeFormat) and browser language settings. If your system clock is set to London (GMT) but your IP address shows you are in New York (EST), it is a strong indicator of a proxy or location-spoofing tool. 

4. Detecting HTTP Headers

While JS itself can’t see the headers of the request it is currently running in, it can make a fetch request to an endpoint (like httpbin.org) that echoes back the headers. Many proxies automatically inject headers like: 

  • X-Forwarded-For
  • Via
  • X-Client-IP 

5. Advanced Fingerprinting 

Modern anti-bot scripts (like Cloudflare or Akamai) use JS to collect dozens of data points about your hardware, fonts, and browser behavior. They compare this «fingerprint» against databases of known proxy data centers. If your browser fingerprint matches a profile typically associated with automated scripts or data center IPs, you will be flagged. 

SO, I will be examining those factors, be aware that some are not true at all

example: https://stackoverflow.com/questions/19767589/how-to-detect-a-proxy-using-javascript this said can detect a proxy, but it does not

ANY WAY: THINGS TO CONSIDER

Use the bots on same country (time zone) where the IPs you’ll use are located. So do not use say USA IP’s if your Virtual machines are located on say GErmaby

Comentarios

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Más entradas