# Hidden HTTPS Tunnel - detection showing proxy IP as target

When traffic is sent through a proxy, the Vectra platform only sees the connection between the **client** and the **proxy**. The proxy then handles communication with the final destination (i.e. external IP), which is not directly visible to Vectra.

Because of this, detections may show the **proxy IP address** as the **target**. However, for **HTTPS traffic**, Vectra can still extract the **destination domain** from the **CONNECT packet**, allowing you to see the **domain name** even if the IP address belongs to a proxy.

This is normal behavior and does not indicate an issue with detection accuracy. You can refer to below article for more details:

Proxy handling: [Proxy handling in Vectra](https://docs.vectra.ai/configuration/setup/proxies)

Data Smuggler with proxy: [Why would Data Smuggler list an internal IP address as the destination?](https://docs.vectra.ai/operations/detection-specific-guidance/broken-reference)