1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

IP Leaks Behind Proxy

Discussion in 'Proxies' started by lancis, Jun 8, 2012.

  1. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    Hey guys,

    Although this is not exactly about proxies I found no better category, so please, bear with me.

    I'm facing a weird problem. Lately I'm seeing a lot of these screens:

    imgur.jpg

    This particular one is from imgur, and this is the reason:

    I'm pretty experienced when it comes to keeping the PC clean of viruses (I'm a programmer as well, so I know how to spot a weird PC/network behavior). Given that, lets assume my PC is clean of viruses. Moreover, we can safely assume the above because I used scrapebox lately. :)

    However, I'm behind anonymous proxies, and my IP is not supposed to leak out. Yet it does. My theories are as follows:

    1. Some of the proxies I'm using are the ones that track my IP. Is there any blacklist you know of?
    2. The DNS provider I'm using reports my DNS requests. Sounds reasonable?
    3. Scrapebox doesn't identify anonymous proxies correctly. Have you experienced something like that?

    What do you think?

    Cheers,
     
  2. proxygo

    proxygo Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 2, 2008
    Messages:
    10,199
    Likes Received:
    8,688
    question these anon proxies, you mentioned s/box what are u
    using them for.
    thing is also no matter how anon a proxy is even if its private
    you can be found
     
  3. marusia

    marusia Senior Member

    Joined:
    Oct 25, 2010
    Messages:
    1,122
    Likes Received:
    2,320
    How long have you had the proxies? Seems they've been abused. I use high anons and don't have problems with anything I use. I'll pm you who I use.
     
  4. knockoutlocal

    knockoutlocal Junior Member

    Joined:
    Jun 5, 2012
    Messages:
    160
    Likes Received:
    67
    Are you using HMA? I know when i use their proxies I run into the same error. Usually someone else has raped and pillaged with your ip address so now you're getting that error. Once you turn off your proxy the error message usually goes away.
     
  5. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    They are used for Scrapebox only, these are public anonymous proxies that I check before each blast. The blast lasts few hours so theoretically they should be fine. Practically I don't know.

    Its a new set of proxies before each blast, as I mentioned earlier in the post I refresh the list before each blast.

    No, not HMA, mate. I have some proxy sources that are rarely used by black hat community (mostly because its hard to find them), this is where I get the proxies.
     
  6. sirgold

    sirgold Supreme Member

    Joined:
    Jun 25, 2010
    Messages:
    1,260
    Likes Received:
    645
    Occupation:
    Busy proving the Pareto principle right
    Location:
    A hot one
    It's very possible the IP is not as fresh as it should be and that bigger services like imgur might have an updated list to check against. Other bigger services have these and I know for a fact. I'd highly recommend checking the offending proxy IP's for any leakage of these server variables: HTTP_VIA , HTTP_X_FORWARDED_FOR and of course REMOTE_ADDR in case the proxy checker you're using is flawed. HTH
     
    • Thanks Thanks x 1
  7. proxygo

    proxygo Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 2, 2008
    Messages:
    10,199
    Likes Received:
    8,688
    trust me if your using public proxies to post with thats bad
    never ever do it, ever, posting my friend should only be done
    with private proxies. and scraping via public ones.
    if you followed this method wich alot of people do you
    should have 0 issues. put simply public proxies
    suck at posting there unreliable for it, even my self
    as a public proxy seller would not advise anyone to post
    with public proxies. just not worth it.
     
    • Thanks Thanks x 1
    Last edited: Jun 8, 2012
  8. thejake

    thejake Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 13, 2009
    Messages:
    685
    Likes Received:
    828
    I've noticed strange stuff lately too, checking into this.
     
  9. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    I'm doing an experiment right now, installed PeerBlock and subscribed to spyware & p2p lists.

    Running it together with ScrapeBox. So far it seems PeerGuard doesnt like some of the proxies.

    Lets see if it helps on a fresh IP, luckily I don't have a problem changing them. :)
     
  10. proxygo

    proxygo Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 2, 2008
    Messages:
    10,199
    Likes Received:
    8,688
    the problem with most url scraped public proxies and ive said
    this a thousand times, there over used over banned over saturated
    and worthless for posting, and just about usuable for scraping.
    i bet you if i sent you a list of my port scanned proxies to see
    what happens, the results would be different .
     
  11. thejake

    thejake Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 13, 2009
    Messages:
    685
    Likes Received:
    828
    Confirmed problem with rapebox:

    [​IMG]

    [​IMG]

    This is why I avoid using public proxies for anything.

    Bug report sent.
     
    Last edited: Jun 8, 2012
  12. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    It depends on the proxies, results-wise I'm fine (about 70% success rate), the only problem is leaked IP and I want to find where does it leak.
     
  13. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    What was the problem? Seems your post have been cut-out.
     
  14. thejake

    thejake Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 13, 2009
    Messages:
    685
    Likes Received:
    828
    Rapebox says the proxy is anon, my header echo shows it sending a via with proxy ID and x-forwarded-for with my IP
     
    • Thanks Thanks x 1
  15. lancis

    lancis Elite Member

    Joined:
    Jul 31, 2010
    Messages:
    1,632
    Likes Received:
    2,384
    Occupation:
    Entrepreneur
    Location:
    Milky Way
    Home Page:
    Thats a bummer, guess I will have to change a proxy checker for the time being.
     
  16. sirgold

    sirgold Supreme Member

    Joined:
    Jun 25, 2010
    Messages:
    1,260
    Likes Received:
    645
    Occupation:
    Busy proving the Pareto principle right
    Location:
    A hot one
    Yeah, good catch @thejake As a general rule there's no way to reliably test for the anonymity of http proxies without external "judges" and for the sake of completion -ideally- working with socks would be a MUCH better option since they operate at a lower level of the iso/osi stack. Alternatively if the http proxies support the CONNECT method, that would be as good as using socks (assuming the apps you're using support tunneling via http proxy CONNECT...) since with this particular method all the tcp packets get relayed not just the http protocol on TOP of it. ;)
     
  17. kerekis

    kerekis Newbie

    Joined:
    May 31, 2012
    Messages:
    3
    Likes Received:
    0
    How can we prevent our IP leakage if the proxy disconnect? With a vpn we can do it from the windows rules, but for a proxy?