This is the first reason why most proxies get detected (with or without a browser) all details included

Tamia Zulauf

New member
Joined
Apr 22, 2024
Messages
12
Points
1
while most people complain about this issue and think that a browser that leaks proxy this won't be the case in 99%

the first reason is a fingerprinting method called JA3 now there is JA4

let's stay in JA3 as it is the most used till now so what is it
a method located in the "Transport Layer" In the OSI model that fingerprints you based on the following:

  • headers
  • UserAgent
  • cipher suite

what is cipher suite:


so this is what happened

lets say you send a request claiming that you are Chrome 122 and have proper headers that's great but when it comes to the cipher suite the proxy won't adjust the cipher suite according to your headers and UserAgent
most proxies send requests via nodejs or python and simply those clients don't have low-level access to change the cipher suite


you will look like the following example to the end server

send a request claiming that you are chrome 122 but when I verify your cipher suite I found that you have nodejs cipher suite so this will look to the server 99% using proxy

The solution
well there is no solution for this as it is related to the proxy provider and not you if the server is checking for JA3 then it knows that you are using a proxy

Except you are using your proxy farm then you can make a logic that will adjust the cipher suite according to every userAgent and this is a pain to do

another bypass for this is to use only 1 well-known user agent with the exact same header and adjust the cypher suite to this using C/C++ or Golang, this is the solution I am using I adjusted the cipher suite using C but other languages listed above can do the job as well

feel free to ask anything regarding this :)
 

Cathrine D'Amore

New member
Joined
Apr 22, 2024
Messages
15
Points
1
Very interesting. A question that may be a bit silly: Can websites see the IMEI/MAC of the device? I understand that apps can, but not through the browser. Is this correct? Thank you
 

Tamia Zulauf

New member
Joined
Apr 22, 2024
Messages
12
Points
1
Very interesting. A question that may be a bit silly: Can websites see the IMEI/MAC of the device? I understand that apps can, but not through the browser. Is this correct? Thank you
In some cases they can see MAC adress cause it sent in ip/tcp layer
 
Top