How can I check if my proxy is secure?
Proxy servers are used to hide your actual IP address. They function as an intermediary between a user and a website. When you use a proxy server, security systems see the IP address of the server, not the user.
However, not all proxies are equally good. Some of them have been added to a blacklist of unreliable ones, while others can leak the actual address of a user. It could be nothing more than a minor inconvenience if you only use such proxies to watch a favorite show on a resource banned in your country. However, suppose the proxy quality determines whether an ad or business account on an e-commerce platform can work efficiently.
In this article, we will tell you how to check if a proxy IP can be trusted, what could lead to your real IP leaks, and how to test all this in a few easy steps.
However, not all proxies are equally good. Some of them have been added to a blacklist of unreliable ones, while others can leak the actual address of a user. It could be nothing more than a minor inconvenience if you only use such proxies to watch a favorite show on a resource banned in your country. However, suppose the proxy quality determines whether an ad or business account on an e-commerce platform can work efficiently.
In this article, we will tell you how to check if a proxy IP can be trusted, what could lead to your real IP leaks, and how to test all this in a few easy steps.
We asked Asocks, our partners and experts in all things proxy, what the most important considerations when choosing a reliable proxy server should be. According to them, there are three crucial aspects to be evaluated:
- Service reviews. Even the largest proxy providers might have some hiccups from time to time. Still, if you find reviews saying “the proxy GEO is not the same as the IP checker GEO” often, the service is unreliable, and you should only choose their proxies with additional checks and precautions and at your own risk. The probability of your accounts being blocked is high in such cases.
- The amount of available IP addresses. Many IP addresses indicate that the service has its own servers and reliable and trusted suppliers.
- Price. Using free proxies is dangerous: as you found them somewhere on a message board, so did others. 20 other guys are using them right now besides you.
Once you have a proxy, you need to check it. The Octo Browser Team has put together a list of 7 basic steps that you should follow to check your proxies thoroughly.
Step 1: Adding the proxy to a test profile in Octo Browser and checking the connection
If you’re using proxies for work reasons, you will likely do so with a multi-accounting browser, which is the most logical first step to start our testing. For our example, we will use Octo Browser. First, let’s create a new profile, go to its settings, add the proxy data and click Check Proxy. This starts the basic IP check, as the browser determines if it can connect to the host, and establishes the geolocation of the address.
Setting proxy in Octo Browser
Step 2: Checking if Google and other popular websites work correctly
Let’s do the basics: we’ll use our test profile and open Google to run a few search queries, followed by visiting other popular web resources: eBay, Amazon, Facebook. If they can be opened without issues, we can move on.
Step 3: Checking the proxy trust level with IP Quality Score
Let’s start our test profile with the added proxy and visit ipqualityscore.com. Several websites’ security systems use it to check and block suspicious traffic. The platform allows you to run several checks for free; however, if you intend to use it regularly, you must register, and buy a subscription for access to premium functions. However, free options will usually be enough for most.
Let’s enter our new IP address and look at the report:
IP Checking
The most important parameter here is the Fraud Score, and it needs to be as low as possible. As we can see, here it equals 0, which means that we’re doing great so far and can move on.
Step 4: Checking if the IP is present in spam databases
If an IP has been identified and added to a spam database, this could be a red flag for website security systems, and emails from this IP will not reach their destinations.
You can use one or several services that track such addresses to see if an address is on such a list. For example, our IP has been added to one such database according to Spamhaus:
You can use one or several services that track such addresses to see if an address is on such a list. For example, our IP has been added to one such database according to Spamhaus:
Checking IP in spam databases
Here’s a list of several resources you can use to check your address:
- Spamhaus
- Spamcop
- SORBS — registration required
- MX Toolbox — collects information using several databases at the same time
- DNS Checker — similar to above
- PixelScan — go to the IP Check section
However, the best checking option, in our opinion, is the iplists.firehol.org database. It is among the most complete and updated more often than others. To check your IP address using this tool, you will need to download the databases from their website and write a script that will search your IP addresses in those databases.
Step 5: Checking the ASN type
Checking the ASN type helps you identify your proxy type: datacenter, hosting, residential, or business. You can use the following services: IPinfo, db-ip, whois/rdap, ripestat, and others. We will use IPinfo for our example.
ASN type check
The report shows the ISP type, which stands for Internet Service Provider. It means the IP address belongs to a residential Internet provider, not a hosting company. This is exactly what we need, as most users access the Internet using exactly this type of IP address. Conversely, an address belonging to a hosting provider or a datacenter will look more suspicious.
Step 6: Checking for DNS leaks
A DNS leak happens when DNS queries are sent bypassing and ignoring the proxy server. This may lead to your real IP address being exposed, instead of the one supplied by the proxy provider.
Many services can be used to check this; we use open-source DNS Leak Test.
Many services can be used to check this; we use open-source DNS Leak Test.
DNS Leak Test
Everything is in order if you do not see your real servers on the list.
Step 7: Checking the MTU
This step builds on the subject of TCP/IP fingerprinting. This check should not be treated as strictly necessary, as not a single proxy server at our disposal at the time of writing failed it, but we still should mention it.
The MTU, standing for maximum transmission unit, is the total size of a valuable data block in a single packet that can be transmitted by a protocol without fragmentation. When connecting to a server directly, a standard value is assigned to the MTU: e.g., 1500 for Ethernet, or 1480 for PPTP. However, when connecting through proxies using such protocols as PPTP, L2TP (± Ipsec), or IPsec IKE, the original packets are placed inside other packets, which leads to their greater size. To prevent excessive packet fragmentation and maintain a good data transmission speed, the OS decreases the MTU setting of the network interface, e.g., down to 1400 for IPsec.
Thus, it is possible to detect proxy usage by comparing the packet size to standard MTU/MSS values. You can check the MTU value using most checkers; we used Browserleaks for our example.
The MTU, standing for maximum transmission unit, is the total size of a valuable data block in a single packet that can be transmitted by a protocol without fragmentation. When connecting to a server directly, a standard value is assigned to the MTU: e.g., 1500 for Ethernet, or 1480 for PPTP. However, when connecting through proxies using such protocols as PPTP, L2TP (± Ipsec), or IPsec IKE, the original packets are placed inside other packets, which leads to their greater size. To prevent excessive packet fragmentation and maintain a good data transmission speed, the OS decreases the MTU setting of the network interface, e.g., down to 1400 for IPsec.
Thus, it is possible to detect proxy usage by comparing the packet size to standard MTU/MSS values. You can check the MTU value using most checkers; we used Browserleaks for our example.
Check MTU in Browserleaks
Here we are interested in the MTU value, which can be found in the IP address tab under TCP/IP Fingerprint. As we can see, it equals 1500, which means we have successfully passed the check.
Summing up:
Checking a proxy means evaluating how trusted it is. The trust that security systems assign to a proxy IP address is assessed using several factors: whether it is present in spam databases, whether the actual IP address can be identified when a proxy is used, and whether it belongs to a datacenter or an ISP. A proxy that is not trusted is dangerous to work with: you can quickly get banned for using it.
First, you need to test if the proxy connection works in your browser properly, and you can open popular websites and search with Google. Then you should test how popular checkers see you. Many of them give you an overall grade or score, which can indicate the proxy quality. PixelScan, CreepJS, Browserleaks, and other checkers are great for quick tests.
First, you need to test if the proxy connection works in your browser properly, and you can open popular websites and search with Google. Then you should test how popular checkers see you. Many of them give you an overall grade or score, which can indicate the proxy quality. PixelScan, CreepJS, Browserleaks, and other checkers are great for quick tests.
The factors that you should pay special attention to are:
- Presence of the IP address in spam databases;
- DNS leaks: the list of servers should not include your real one;
- The proxy provider type: ISP proxies are generally less suspicious.
Lastly, common sense is always vital. Try testing a proxy on your target resource that you will work with. Each platform uses its own architecture and databases for checking IP addresses, so some minor faults in how a given proxy functions might not be critical for your work.
Stay up to date with the latest Octo Browser news
Related articles
