How to Find proxy server IP address?

Go through proxy server to Find an original IP Address [closed]
Suitable Technologies | How do I find my proxy server IP address

For transparent web proxies and with static tracking alone (say, your web server's access logs), you can't. The request was made to your web server from the proxy server itself, so unless it's a non-transparent proxy that attaches to web requests forwarding information, such as e.g. X-Forwarded-For HTTP header field revealing the original request's IP address, you're out of luck.

These HTTP header fields might vary by different non-transparent HTTP proxies, some of the most commonly used are: X_FORWARDED_FOR, VIA, USERAGENT_VIA, FORWARDED, PROXY_CONNECTION, XPROXY_CONNECTION, HTTP_PC_REMOTE_ADDR, HTTP_CLIENT_IP.

These might reveal anything from the public IP address of the original request, local network name, web client user agent string, and so on, depending on their implementation. Their presence alone (all of these are non-standard HTTP request fields for non-proxied connections) would however confirm your suspicions that the web requests are proxied. Of course, again, assuming the proxy isn't a transparent one that doesn't even include any of these custom header fields in its requests to your server. And sometimes, the fact that the request came from the proxy server can also be established by the request's DNS name (if it includes "proxy" in the name, then it probably is). You should also set up your server to report these values of custom HTTP fields and DNS names in your access log files, otherwise they might not even be recorded.

One other thing to add, since you're talking of coordinates, is that those are more or less useless. Exactly geolocating IP addresses is near impossible via HTTP requests, unless the clients themselves choose to allow their geolocation info to be shared via HTML 5 responses. Best you can hope for with proxied requests is establishing approximate location of the server, sometimes in which city it is in, but more commonly only in which state the IP range that server's IP belongs to was registered in. You might have better luck checking the Whois records, e.g. with the Hurricane Electric's IP address lookup tool (and there are many others available online) and perhaps be able to establish who the proxy server in question belongs to.

As for actively tracking web clients (browsers that made initial requests and revealing their true IP address), I wouldn't recommend it. It's fiddly, technically demanding and not all the fun parts of it might be legal in your country, or considered ethical. It isn't impossible, but you'll need a qualified expert for that, setting you up on your server. And it might still not work, especially if the true web clients accessing your server via a proxy aren't even proper end user browsers, but scripted web bots automating web tasks for whoever is controlling them, and relying on web APIs that don't accept browser plug-ins and extensions through which the real IP address could be revealed (say, via Flash objects), or the web client more uniquely fingerprinted for easier tracking.

In most cases, best you can do is block certain web client by user agent strings, IP addresses / IP ranges, their DNS names, or implement more in-depth checking (such as FCrDNS lookups, CBL blacklists, Honeypots and Honeynets...) on your end, be it in web server's access rules, WAF or other firewalls... to prevent unwelcome clients using your own resources against you. I.e. implementing a comprehensive authorization policy that would protect your assets before it hurts, instead of tilting at windmills after the fact.

Source: security.stackexchange.com


Related posts:

  1. Detect proxy server Address
  2. Where to Get proxy server address?
  3. How to Know my proxy server address?