Quite amusing if you put in a VPN IP:

[NSFW - adult links] https://iknowwhatyoudownload.com/en/peer/?ip=173.254.222.162

I'm using a VPN too (via AirVPN). The stuff people are downloading from this VPN IP is kinda scary, TBH.

One thing that's actually interesting is that for basically the month of December it looks like there are fewer than 2000 files being pulled through that VPN endpoint. Seems to me that that would indicate that either not that much is being torrented through that VPN provider or that their tracking is only covering a relatively small percentage of DHT torrents. I'd have expected to see significantly higher volume through any significant VPN endpoint.

VPN isn't a guarantee of safety. I got a DMCA warning for downloading one file once using a top VPN service.

5 dollars say your torrent client wasn't using the VPN.

And/Or DNS resolver leak (not using dnscrypt)

Use this [0] to find your Torrent Clients IP address. It downloads a torrent where the tracker description echoes back your IP. I've found VPNs to be too unreliable and only use a seedbox now.

[0] https://torguard.net/checkmytorrentipaddress.php

There are some extra precautions you need to take to anonymize your traffic on torrents, like forcing encryption with a socks proxy in addition to running the VPN.

Which means your VPN service is telling your IP to authorities, which makes it not secure, which brakes the purpose of VPN service

Stupid question : If I am on a college campus and using a VPN, does it in anyway protect me from the college authorities snooping on my data ? Will they know that I am downloading a torrent ? What about normal HTTP(S) data ?

If you're actually using a VPN (as opposed to a SOCKS proxy) then what they can certainly identify is that you're moving VPN traffic, the volume of traffic each way, and probably that it's torrent traffic (gaming, streaming, surfing will have very different usage patterns and much lower uploads most likely). For torrent traffic, they can also tell whether you're seeding a lot, leeching/downloading without seeding, or a mixture.

This makes sense if you think about the kinds of traffic you'd expect from the most common uses. There's a pretty limited set of categories that most Internet traffic can be grouped into, and they all will have pretty distinct and identifiable patterns - commercial streaming will be slow and steady, downloads will be bursty, VoIP will be small streams, etc.

For sophisticated enough systems or determined investigators with enough raw material to examine, they may even be able to get a decent guess at what sites you're using (even via a VPN) if you're only doing one activity at a time. If they can identify that almost every video view on YouTube starts with a particular traffic pattern of sets of blocks of data of roughly identifiable sizes and that video views on Netflix, Vimeo, Hulu, YouPorn, or whereever all have different patterns, they can approximate which sites you're visiting - particularly given enough data over time.

They can see your encrypted packets are going to a known VPN IP; that's about all they can tell. They can't peer into the tunnel. If you are sending and receiving hundreds of megabits per second day in day out they can probably infer you are torrenting, but are unlikely to care unless your bandwidth usage ventures into their "user abusing our networks" territory.

Lots of traffic only proves possibly abusing TOS, nothing about the content of said activity.

They can see that you are trying to hide something because all of your traffic goes to the single IP address.

Just like the authorities in any nation-state can tell if you are using Tor.

I'm curious: how long did you seed on that torrent?

I received one 20 Minutes after I started a download.

The letter was digital?! That's surprising.

That's interesting. I was always under the impression that they only go after seeders.