Register

The Most Active and Friendliest
Affiliate Marketing Community Online!

Register
“Adavice”/  “CPA

How do you recognize proxy ip?

TrafficYoda said:
how do you know if an ip is proxy
Click to expand...

I would like to explain first the difference between IP and Proxy briefly:

1. The IP is like the ID or your specific combination of numbers that your computer gets for being on the Internet. And it's your personal identifier it doesn't change. And every IP has his own server depending on the country where he lives. So every server has a bunch of IPs of some computers.

2. The Proxy, it's used to hide the IP (not changing it, just hiding it) by changing this server and moving to another server, as if your computer is from another country
(Example: if you're a gamer you'll notice that on Online games some people changes Server to be able to be connected and play together on the same server :D )

And since the IP can never change, some IP trackers can identify from which "real" destination you got the click or the conversion as:
ip-tracker.org
iptrackeronline.com
iplocation.net
 
Ilaria said:
I would like to explain first the difference between IP and Proxy briefly:

1. The IP is like the ID or your specific combination of numbers that your computer gets for being on the Internet. And it's your personal identifier it doesn't change. And every IP has his own server depending on the country where he lives. So every server has a bunch of IPs of some computers.

2. The Proxy, it's used to hide the IP (not changing it, just hiding it) by changing this server and moving to another server, as if your computer is from another country
(Example: if you're a gamer you'll notice that on Online games some people changes Server to be able to be connected and play together on the same server :D )

And since the IP can never change, some IP trackers can identify from which "real" destination you got the click or the conversion as:
ip-tracker.org
iptrackeronline.com
iplocation.net
Click to expand...

so i have to take this huge list of proxy and copy paste on these site
if it goes to somewhere that is not the same as what they say they are it's proxy? @.@;;
 
TrafficYoda said:
so i have to take this huge list of proxy and copy paste on these sites
if it goes to somewhere that is not the same as what they say they are it's proxy? @.@;;
Click to expand...

No, you can do a Bulk IP tracking!

And on your tracking software, you'll always find where the click is coming from. If you're skeptical about a click or a conversion you can check the Click IP and yes if there's a difference it means that this person used a Proxy to hide his location!
 
Last edited by a moderator:
Some VPNs and Proxies are 'leaky'
PHP: 
if(!empty($_SERVER['HTTP_CLIENT_IP'])) {
// Get the cl$clientIp = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$clientIp = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$clientIp = $_SERVER['REMOTE_ADDR'];
}
^ this type of code may detect some VPN or proxy users.
You can subscribe to MaxMind
minFraud Overview | MaxMind


Proxy and VPN defense is a main concern of protecting against financial fraud (credit card fraud), hackers and in some instance fast-buck blackhat SEO exploits.

Code: 
vader@DS10:~$ host google.com
google.com has address 108.177.112.100
google.com has address 108.177.112.101
google.com has address 108.177.112.102
google.com has address 108.177.112.113
google.com has address 108.177.112.138
google.com has address 108.177.112.139
google.com has IPv6 address 2607:f8b0:4001:c12::8b
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
vader@DS10:~$ nicinfo 108.177.112.100
# NicInfo v.1.1.1

[ NOTICE ] Terms of Service
         1 By using the ARIN RDAP/Whois service, you are agreeing to the RDAP/Whois Terms of
           Use
     About https://www.arin.net/whois_tou.html

# Query type is IP4ADDR. Result type is IP.

[ RESPONSE DATA ]
  1= NET-108-177-0-0-1
     `--- 1= Google LLC ( GOGL )
          |--- 1= Abuse ( ABUSE5250-ARIN )
          `--- 2= Google LLC ( ZG39-ARIN )

           [ IP NETWORK ]
                   Handle:  NET-108-177-0-0-1
            Start Address:  108.177.0.0
              End Address:  108.177.127.255
               IP Version:  v4
             Last Changed:  Wed, 07 Mar 2012 13:55:13 -0500
             Registration:  Wed, 07 Mar 2012 13:55:11 -0500

               [ ENTITY ]
                   Handle:  GOGL
                     Name:  Google LLC
vader@DS10:~$
arineng/nicinfo ^^^use the RDAP/Whois service


Install my script on LINUX ;) Below:

Code: 
#!/bin/bash
#whoisinfo.sh

echo "Pls enter your ip:"
read ip

# curl "https://ipinfo.io/$ip"
whois $ip|egrep -i  'netname:|CIDR:|inetnum:|Country:|owner:'|paste -d " "  - - -|sed -e 's/CIDR:\s*/deny /gI' -e 's/inetnum:/deny /gI' -e 's/NetName:\s*/# /gI' -e 's/ #/; #/g' -e 's/Country: //gI'

exit

Code: 
vader@paragon-DS-7:~$ ./whoisinfo.sh
Pls enter your ip:
108.177.112.100
deny 108.177.0.0/17; # GOOGLE        US
vader@paragon-DS-7:~$

This returns a Nginx deny it can be tweaked to Apache .htaccess, iptables, UFW or other code.

Sometimes, you will need ipcalc install that GNU Linux program.

Code: 
vader@DS10:~$ ipcalc 108.177.0.0 - 108.177.127.255
deaggregate 108.177.0.0 - 108.177.127.255
108.177.0.0/17

Sometimes, my script returns , separated CIDRs you need to fix those.

BTW, what I said earlier about JavaScript will not protect a landing page really. You have to use a cookie and a server side script to write the page.

If you want clickbot protection you have to either script it yourself or pay for some service to do it for you. There are public list out there but how up to date they are IDK.
 
Last edited:
Graybeard said:
Some VPNs and Proxies are 'leaky'
PHP: 
if(!empty($_SERVER['HTTP_CLIENT_IP'])) {
// Get the cl$clientIp = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$clientIp = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$clientIp = $_SERVER['REMOTE_ADDR'];
}
^ this type of code may detect some VPN or proxy users.
You can subscribe to MaxMind
minFraud Overview | MaxMind


Proxy and VPN defense is a main concern of protecting against financial fraud (credit card fraud), hackers and in some instance fast-buck blackhat SEO exploits.

Code: 
vader@DS10:~$ host google.com
google.com has address 108.177.112.100
google.com has address 108.177.112.101
google.com has address 108.177.112.102
google.com has address 108.177.112.113
google.com has address 108.177.112.138
google.com has address 108.177.112.139
google.com has IPv6 address 2607:f8b0:4001:c12::8b
google.com mail is handled by 10 aspmx.l.google.com.
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 30 alt2.aspmx.l.google.com.
google.com mail is handled by 40 alt3.aspmx.l.google.com.
google.com mail is handled by 50 alt4.aspmx.l.google.com.
vader@DS10:~$ nicinfo 108.177.112.100
# NicInfo v.1.1.1

[ NOTICE ] Terms of Service
         1 By using the ARIN RDAP/Whois service, you are agreeing to the RDAP/Whois Terms of
           Use
     About https://www.arin.net/whois_tou.html

# Query type is IP4ADDR. Result type is IP.

[ RESPONSE DATA ]
  1= NET-108-177-0-0-1
     `--- 1= Google LLC ( GOGL )
          |--- 1= Abuse ( ABUSE5250-ARIN )
          `--- 2= Google LLC ( ZG39-ARIN )

           [ IP NETWORK ]
                   Handle:  NET-108-177-0-0-1
            Start Address:  108.177.0.0
              End Address:  108.177.127.255
               IP Version:  v4
             Last Changed:  Wed, 07 Mar 2012 13:55:13 -0500
             Registration:  Wed, 07 Mar 2012 13:55:11 -0500

               [ ENTITY ]
                   Handle:  GOGL
                     Name:  Google LLC
vader@DS10:~$
arineng/nicinfo ^^^use the RDAP/Whois service


Install my script on LINUX ;) Below:

Code: 
#!/bin/bash
#whoisinfo.sh

echo "Pls enter your ip:"
read ip

# curl "https://ipinfo.io/$ip"
whois $ip|egrep -i  'netname:|CIDR:|inetnum:|Country:|owner:'|paste -d " "  - - -|sed -e 's/CIDR:\s*/deny /gI' -e 's/inetnum:/deny /gI' -e 's/NetName:\s*/# /gI' -e 's/ #/; #/g' -e 's/Country: //gI'

exit

Code: 
vader@paragon-DS-7:~$ ./whoisinfo.sh
Pls enter your ip:
108.177.112.100
deny 108.177.0.0/17; # GOOGLE        US
vader@paragon-DS-7:~$

This returns a Nginx deny it can be tweaked to Apache .htaccess, iptables, UFW or other code.

Sometimes, you will need ipcalc install that GNU Linux program.

Code: 
vader@DS10:~$ ipcalc 108.177.0.0 - 108.177.127.255
deaggregate 108.177.0.0 - 108.177.127.255
108.177.0.0/17

Sometimes, my script returns , separated CIDRs you need to fix those.

BTW, what I said earlier about JavaScript will not protect a landing page really. You have to use a cookie and a server side script to write the page.

If you want clickbot protection you have to either script it yourself or pay for some service to do it for you. There are public list out there but how up to date they are IDK.
Click to expand...


Strange, that your server went down, is it still okay to use the code?
I can see how I can use php,
how do you tweek it so that i can use it on .htaccess?
Also how do i install Linux program when i use vestacp for my hosting?
 
Funny coincidence -- this server went down right after I posted this ... I got a Cloudflare 502 then nothing -- there is probably some reasonable explanation ....
 
Graybeard said:
What server us down? The affiatefix server was down Friday night and Saturday morning. The code is fine. I think (sarcastically) I may have triggered a bot attack by posting code to kill the bots. There was either a ddos or they intentionally went offline to work on the server during that period, IDK

https://www.askapache.com/s/s.askap...e_2.1.4/doc/modsecurity2-apache-reference.pdf

If that mod_security is enabled on an apache2 server you *may* be able to use .htaccess IDK I have never needed to try that.

what is vestacp? are you talking about using an .sh script i have posted (a bash script)? you will need to execute a .sh (bash script) in ssh on a server. Can you use ssh on your server? if it is a VPS or dedicated you can. Some virtual hosts have a web interface ssh you can use jailed inside your user account in the control panel.
Click to expand...

I got the php code fine the other code is bit harder.
I have VPS so I need to find out how to put linx to vps? Just trying to get the concept here so that i can search on google to find how to do it
 
this is what I did got putty connected to my vps hosting saved urcode

Graybeard said:
Install my script on LINUX ;) Below:

Code: 
#!/bin/bash
#whoisinfo.sh

echo "Pls enter your ip:"
read ip

# curl "https://ipinfo.io/$ip"
whois $ip|egrep -i  'netname:|CIDR:|inetnum:|Country:|owner:'|paste -d " "  - - -|sed -e 's/CIDR:\s*/deny /gI' -e 's/inetnum:/deny /gI' -e 's/NetName:\s*/# /gI' -e 's/ #/; #/g' -e 's/Country: //gI'

exit
Click to expand...

saved it to my notepad++ save the file as .sh file.
But can't seem to upload i tried this

pscp C:\Users\admin\Downloads\protect.sh username@hosting
scp protect.sh username@hosting:C:\Users\admin\Downloads\protect.sh
scp * username@hosting:C://Users/admin/Downloads/protect.sh

I get this protect.sh: no such file or directory
Can u tell me what i am doing wrong?
 
What server us down? The affiatefix server was down Friday night and Saturday morning. The code is fine. I think (sarcastically) I may have triggered a bot attack by posting code to kill the bots. There was either a ddos or they intentionally went offline to work on the server during that period, IDK

https://www.askapache.com/s/s.askap...e_2.1.4/doc/modsecurity2-apache-reference.pdf

If that mod_security is enabled on an apache2 server you *may* be able to use .htaccess IDK I have never needed to try that.

what is vestacp? are you talking about using an .sh script i have posted (a bash script)? you will need to execute a .sh (bash script) in ssh on a server. Can you use ssh on your server? if it is a VPS or dedicated you can. Some virtual hosts have a web interface ssh you can use jailed inside your user account in the control panel.
 
Most of the time the UA (User agent) of the visitor tells if its a bot/fake traffic in my experience.
By doing some simple research on the net you will be able to block most of the bots/fake traffic.

You can also add some Javascript security check, traffic that doesn't come trough your check you can block based on the publisher ID given with it from the network where you buying it.
 
That may work -- ever code scrapers with PhantomJS?

I have scraped Google with PhantomJS in the past ....

Nginx:
Code: 
#in the server block

if ($http_user_agent = "") { return 444; }

end of discussion -- server disconnect :p
 
Last edited:

Similar threads

M
proxy
Replies
1
Views
525
Graybeard
Graybeard
K
Which ones do you do best on?
Replies
2
Views
448
Ayesha Afflyfe
Ayesha Afflyfe
trione
Which program do you suggest for newbie ?
Replies
5
Views
707
HighForLow
HighForLow
A
How Do I Get An Affiliate Link To Promote?
Replies
4
Views
1K
PaidPoints
P
smx666
How can I solve this problem? Do I need to pay?
Replies
5
Views
602
smx666
smx666
MI
Back