Explain how the below are differentiated from each other - X-Forwarded-For IP and X Real IP and VPNs and Tor.
What are the differences between X-Forwarded-For IP and X Real IP and VPNs and Tor. What is the point of spoofing X-Forwarded-For IP when it just tells the originating IP despite the fact that I have changed it many times?
X-Forwarded-For header may be used to forward client's X real IP in case of source NAT. But not all applications use them.
This header is often inserted by load-balancers or reverse-proxies, depending on the architecture in place, when the application needs to know the real IP belonging to a client. When this header is inserted, the application can see 2 IPs: Source IP used in TCP/IP connection IP set in X-Forwarded-For header
Setting this header does not hide your real IP (as it is still used in TCP/IP connection) but can trick applications using it. However as you were able to see, not all applications are using it. With TOR and VPN, this is the IP used in TCP/IP connection which is modified by (respectively) your exit node/your VPN gateway. However, they don't (and should not) operate at application layer, and they don't (and shouldn't be able to) insert the X-Forwarded-For HTTP header, thus your real IP is hidden.