0

If we are behind a VPN, then in how many ways we can try to find the ip address of the client? here are some that i know - Torrents (most people say torrent expose real IP) - Javascript (but how can they? ) - Web-RTC requests

My point is, i opened a website in firefox private browser, behind a VPN, i checked myself that my IP was not leaking, DNS was not leaking, VPN was working fine, my actual IP was of other country when i checked from different sites, but the website was able to find my actual country where i am. (not sure if it was able to get my location too)

So how is that possible? can just javascript be used to send my real ip , country or location to site owner ?

Improve this question
0

2 Answers 2

Reset to default
1

There are some ways for a website to find your real IP. Here are some:

  • evercookies - are some kind of persistent cookies which are not deleted like the normal ones. They can be bypassed by disabling JavaScript.

  • VPN accidental disconnection - if you have accessed a site in which you have some kind of account, even a single time, with your real IP, then the site administrators can link you with the IP.

  • Previous access in the page from the real IP

  • webrtc leaks - Click here to test for webrtc leaks.

  • DNS leaks - click here to test for VPN leaks.

  • Legal request to the VPN provider - remember that almost all the VPN providers will give information about you if are asked by law enforcement. You should read carefully the terms and conditions to see what data your VPN provider store.

P.S

Anyhow if you are trying to hide yourself fro government agencies like NSA or FBI there are likely no options to hide your true identity. The only way wood be to access the internet from some public wi-fi with a first-used device with no CCTV around.

Improve this answer
5
  • i have alreadt checked using webrtc, dns leak, ip leak, all is clear. vpn has also been connected always. i dont think any legal request was sent
    – Hamza Islam
    Commented Oct 31, 2016 at 18:40
  • 1
    Then there's nothing to worry about.
    – Vini7
    Commented Oct 31, 2016 at 18:46
  • What worries me is that how did the website got my country. even though i opened it in firefox private browser and creates a new email and fresh account. (it was not accessed before)
    – Hamza Islam
    Commented Oct 31, 2016 at 19:12
  • The main idea of private browsing in popular browsers is to hide your history from other people who use your computer, not to hide you from the website. JavaScript isn't disabled, SSL certificates will be installed when you visit https pages etc. Here (makeuseof.com/tag/…), one way how someone can track you in private browsing mode.
    – Vini7
    Commented Oct 31, 2016 at 19:40
  • 2
    Regarding your P.S: Using a public wi-fi is a good suggestion, but using the TOR browser with javascript disabled is probably good enough for that purpose, too.
    – Out of Band
    Commented Oct 31, 2016 at 20:21
1

You assume the website identified the country via your IP address. How sure are you that this is in fact the case?

Modern browsers have a geolocation API which is accessible to javascript if you opt in (e.g. you should get a warning message when javascript wants access to your location).

Determining the geolocation can be done via IP address, but might also be done via wifi signal, mobile signal or gps signal if available. It's possible that your browser is leaking your geolocation not via IP address, but via one of the other venues, especially if you're browsing from a smartphone.

Improve this answer
3
  • it just showed me the country, not my IP address. i am wondering how much the website knew? it could be IP(from which it got country ) or something else. like timezone? I am sure it was not geo-location. also, i did not used my connection on phone, but on fiberoptic connection to home
    – Hamza Islam
    Commented Oct 31, 2016 at 17:31
  • 1
    Hmmm. Is your native language limited to your country? If it is, and your browser sends your language preference to the site in the headers, the site might assume you're located in that coutnry based on the language. I'll admit it's a bit far-fetched, though.
    – Out of Band
    Commented Oct 31, 2016 at 20:23
  • i have not set native language in pc, only English usa
    – Hamza Islam
    Commented Oct 31, 2016 at 20:25

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .