The header doesn't matter, unless the proxy is masquerading, which you can't trust, it's the TCP header that unavoidably reveals the source

The only way out is via onion routing