What is "x-luminati-ip: superproxy bypass"

Gal El Al
Gal El Al
  • Updated

Whenever targeting a domain that is not allowed or not in use with the right product, the Bright data "Network policy" monitoring system will either block the request or route it from the super proxy server.

When routing from the super proxy server, traffic will be charged at the same rate as the zone used to make the request is charged.

To better understand if the request passed or not, simply check the request in curl mode:
- Go to BrightData API and examples page

- Choose "shell" as the example, and the correct network type you will use (api_exam.png)
- Copy the Curl command and run it with -v at your terminal
- Check the response header for x-Luminati-IP:

The below code snippet shows a curl request to the website which was bypassed by super proxy and not sent by the peer IP
api_examples.png

curl --proxy zproxy.lum-superproxy.io:22225 --proxy-user lum-customer-<CUSTOMER>-zone-<ZONE>:<PASSWORD> "https://www.google.com" -v -L 
* Trying 95.179.153.203:22225...
* TCP_NODELAY set
* Connected to zproxy.lum-superproxy.io (95.179.153.203) port 22225 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to www.google.com:443
* Proxy auth using Basic with user 'lum-customer-c_9cf9551e-zone-resi'
> CONNECT www.google.com:443 HTTP/1.1
> Host: www.google.com:443
> Proxy-Authorization: Basic bHVtLWN1c3RvbWVyLWNfOWNmOTU1MWUtem9uZS1yZXNpOjQ2OGZ1dzBjcjV6dQ==
> User-Agent: curl/7.68.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< x-luminati-ip: superproxy bypass
< x-luminati-timeline: z6164-init:0,auth:83,dns_resolve:1
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=www.google.com
* start date: Dec 27 08:11:32 2021 GMT
* expire date: Mar 21 08:11:31 2022 GMT
* subjectAltName: host "www.google.com" matched cert's "www.google.com"
* issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1C3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x56124223ce10)
> GET / HTTP/2
> Host: www.google.com
> user-agent: curl/7.68.0
> accept: */*

 

Note - to resolve this matter, you should contact your account manager,
He will assist you in using the correct product for your needs.
Access to domains/use cases which not allowed by default can be granted by passing our compliance approval:
compliance@brightdata.com


 

 

 

 

 

 

 

 

 

 

 

Share this

Was this article helpful?

0 out of 0 found this helpful