Proxy Checker
Detect Proxy, VPN & Anonymizer Connections 2026
Run a free proxy checker to detect if your connection uses a proxy server, VPN, or anonymizer. This tool scans 15 HTTP headers to identify transparent, anonymous, and elite proxy connections. It compares your real IP against forwarded addresses and cross-references with WebRTC leak data. See exactly what servers and websites detect about your connection.
Quick Answer: Is Your Proxy or VPN Detectable?
A proxy checker examines HTTP headers like X-Forwarded-For, Via, Client-IP, and 12 others that reveal whether traffic passes through an intermediary server. Transparent proxies expose your real IP in headers. Anonymous proxies hide your IP but leave telltale headers. Elite proxies and well-configured VPNs remove all indicators. Our tool classifies your connection type, shows every detected header, and cross-checks against WebRTC leak data.
--
Proxy Headers
--
Forwarded IPs
--
Connection
--
Protocol
--
WebRTC
Your Connection Details
Jessica Wright
Cybersecurity Threat Researcher
Jessica specializes in proxy and VPN detection, HTTP header forensics, IP reputation analysis, and anonymity testing. She has analyzed detection evasion techniques across 100+ proxy services and VPN providers.
View All ArticlesWhat Is a Proxy Checker and How Does It Work?
A proxy checker analyzes your HTTP connection to determine whether your traffic passes through a proxy server, VPN, or anonymizer before reaching the destination. Every time your browser connects to a website, it sends a set of HTTP headers. Proxy servers — whether intentionally configured by you or transparently injected by your ISP or corporate network — often modify these headers or add new ones that reveal the presence of an intermediary.
Our tool examines 15 HTTP headers that are known to indicate proxy usage. These include X-Forwarded-For (the most common proxy header, which carries the original client IP), Via (which identifies the proxy software and version), Client-IP, Forwarded (the official standard per RFC 7239), and specialized headers like CF-Connecting-IP (Cloudflare), True-Client-IP (Akamai), and X-Cluster-Client-IP (load balancers).
Based on which headers are present and what data they contain, the tool classifies your connection into one of three categories: transparent, anonymous, or elite. It also compares your visible IP against any forwarded IPs found in headers to determine whether your real address is exposed. For deeper header analysis, use our HTTP Headers Analyzer.
15 Headers in One Scan: Most proxy checkers only test 2-3 headers. Our tool scans 15 known proxy-indicating headers simultaneously, including CDN-specific headers from Cloudflare, Akamai, and AWS. Check your complete privacy with our Browser Leak Test which adds 20+ fingerprinting checks.
Transparent vs Anonymous vs Elite Proxy: Classification Explained
Understanding proxy classification is essential for anyone who relies on proxies or VPNs for privacy. The classification depends entirely on which HTTP headers the proxy adds, modifies, or removes when forwarding your request.
Transparent Proxy (Level 3)
A transparent proxy passes your request through an intermediary server but does not hide your identity. It adds the X-Forwarded-For header containing your real IP address and may add a Via header identifying the proxy software. The destination server sees both the proxy's IP and your real IP. These are commonly used by ISPs for caching, corporate networks for content filtering, and CDNs for load distribution. They offer zero anonymity.
Anonymous Proxy (Level 2)
An anonymous proxy hides your real IP address from the destination server — it does not include your IP in X-Forwarded-For. However, it still sends headers that reveal proxy usage, such as Via, Proxy-Connection, or modified header ordering. The destination knows you are using a proxy but cannot determine your real IP from headers alone. Most commercial proxy services fall into this category.
Elite Proxy / High-Anonymous (Level 1)
An elite proxy removes all proxy-identifying headers. Your connection appears identical to a direct connection with no intermediary. The destination server sees only the proxy's IP address with no headers indicating proxy usage. Premium VPN services and residential proxy networks typically provide elite-level anonymity at the HTTP header level.
| Type | Real IP Visible | Proxy Headers | Detection Level |
|---|---|---|---|
| Transparent | Yes | X-Forwarded-For, Via | Easily Detected |
| Anonymous | No | Via, Proxy-Connection | Detectable |
| Elite | No | None | Very Difficult |
| VPN | No | None (usually) | IP Reputation Check |
Important: Even elite proxies and VPNs can be detected through methods beyond HTTP headers — including WebRTC leaks (test with our WebRTC Leak Test), IP reputation databases (check with our IP Fraud Checker), datacenter IP detection (verify with our Cloud IP Check), and TLS fingerprinting (see our JA3 Fingerprint tool).
The 15 HTTP Headers Our Proxy Checker Scans
Each header in our scan serves a specific purpose in proxy communication. Understanding what each header reveals helps you evaluate your proxy or VPN's anonymity level and identify potential leaks.
Primary Proxy Headers
- X-Forwarded-For (XFF): The most widely used proxy header. Contains the original client IP, potentially followed by a chain of proxy IPs separated by commas. Example:
X-Forwarded-For: 203.0.113.50, 198.51.100.10. If this contains your real IP, you have a transparent proxy. - Via: Identifies the proxy software, version, and sometimes the protocol. Example:
Via: 1.1 proxy.example.com (Squid/6.6). This header reveals proxy usage even if your IP is hidden. - X-Real-IP: Set by reverse proxies (especially Nginx) to carry the original client IP. Often used in server-side applications to identify the real visitor behind a reverse proxy or load balancer.
- Client-IP: An older header used by some proxy implementations to carry the client's original IP address. Less common than X-Forwarded-For but still checked by detection systems.
- Forwarded: The official standardized header per RFC 7239. Uses structured syntax:
Forwarded: for=203.0.113.50;proto=https;by=198.51.100.10. More informative than X-Forwarded-For but less widely adopted.
Secondary and Infrastructure Headers
- Proxy-Connection: A non-standard header sent by some proxy clients instead of the standard Connection header. Its mere presence indicates a proxy in the chain.
- X-Forwarded-Proto: Indicates whether the original request used HTTP or HTTPS. Set by SSL-terminating proxies and load balancers. Example:
X-Forwarded-Proto: https. - X-Forwarded-Host: Contains the original Host header value from the client's request. Set by reverse proxies that serve multiple domains.
- CF-Connecting-IP: Cloudflare-specific header carrying the visitor's real IP. Present when your traffic routes through Cloudflare's CDN network.
- True-Client-IP: Akamai CDN header similar to CF-Connecting-IP. Carries the real client IP through Akamai's edge network.
- X-Cluster-Client-IP: Used by load balancer clusters to preserve the original client IP across distributed infrastructure.
Check your IP reputation with our Blacklist Check and verify domain ownership with our WHOIS Lookup. Analyze full server headers with our Headers Analyzer.
Beyond Headers: How Websites Really Detect VPNs and Proxies
HTTP header scanning is just the first layer of proxy detection. Modern anti-fraud systems, streaming services, and websites use multiple techniques in combination to identify VPN and proxy users. Understanding all detection methods helps you evaluate your actual anonymity level.
IP Reputation Databases
Services like MaxMind, IP2Proxy, IPQualityScore, and Spur maintain databases of known VPN, proxy, and datacenter IP addresses. When you connect to a website, your IP is checked against these databases in real-time. Even if your headers are clean (elite proxy), your IP itself may be flagged. Check this with our IP Fraud Checker and Cloud IP Check.
WebRTC IP Leaks
WebRTC can expose your real IP address through browser APIs that operate outside the proxy tunnel. Even with an elite proxy and clean headers, a WebRTC leak reveals your true ISP IP to the website. Test this with our WebRTC Leak Test.
TLS Fingerprinting (JA3)
Your browser's TLS handshake creates a unique fingerprint called JA3. Proxy servers and VPN clients sometimes modify this fingerprint, making your connection distinguishable from a regular browser connection. Automated traffic through proxies often has non-browser JA3 hashes. Check yours with our JA3 Fingerprint tool.
Behavioral and Timing Analysis
Websites analyze request patterns, latency characteristics, and behavioral signals. Datacenter proxies often show unnaturally low latency and consistent request patterns. Timezone mismatches between your browser and IP geolocation flag VPN usage. Browser fingerprinting through canvas, audio, and WebGL data provides persistent tracking even through proxy rotation.
Complete Detection Audit: To properly evaluate your anonymity, run all five checks: (1) This proxy checker for headers, (2) WebRTC Leak Test for IP exposure, (3) IP Fraud Checker for reputation, (4) Browser Leak Test for fingerprinting, (5) DNS Lookup for DNS leak detection. Read our IP reputation score guide.
Proxy Headers Injected by CDNs: Cloudflare, Akamai, and AWS
One of the most common sources of confusion in proxy detection is headers added by CDN (Content Delivery Network) infrastructure. If the website you visit uses Cloudflare, Akamai, or AWS CloudFront, your request passes through their edge servers — and these services add proxy-style headers even though you are not using a proxy yourself.
Cloudflare adds CF-Connecting-IP and X-Forwarded-For to every request passing through its network. This is not a sign that you are using a proxy — it means the website uses Cloudflare for DDoS protection, SSL termination, or caching. Over 20% of all websites use Cloudflare, so seeing these headers is extremely common.
Akamai adds True-Client-IP and X-Forwarded-For. Major enterprise websites including banking portals and e-commerce platforms use Akamai's CDN. Again, these headers reflect the website's infrastructure, not your proxy status.
Our proxy checker distinguishes between CDN-injected headers and genuine proxy indicators. If only CDN headers are present (CF-Connecting-IP, True-Client-IP) without traditional proxy headers (Via, Proxy-Connection), your connection is likely direct through a CDN. Verify your SSL certificate chain with our SSL Checker.
Use Cases: Who Needs a Proxy Checker?
Proxy detection serves different purposes depending on your perspective — whether you are checking your own anonymity, protecting a website, or debugging network infrastructure.
VPN and Proxy Users should regularly test their connections to verify anonymity claims from their providers. Many proxy services advertise "elite" or "anonymous" classification but actually leak headers. Running this checker before accessing sensitive websites ensures your proxy performs as expected. Follow up with our WebRTC Leak Test for complete verification.
Website Administrators use proxy detection to identify suspicious traffic, prevent fraud, and enforce access policies. E-commerce platforms check for proxies to prevent payment fraud from masked IPs. Streaming services detect VPNs to enforce regional content licensing. Our tool shows exactly what detection results your visitors would trigger.
Network Engineers debug proxy configurations by verifying which headers their proxy servers add. Misconfigured reverse proxies can leak internal IPs through X-Forwarded-For chains or expose backend server information through Via headers. Our scan identifies these configuration issues. Detect Tor connections with our Tor Detector tool.
Check your browser information, hardware exposure, and cookie data for a complete privacy picture. Protect accounts with our Password Generator. Learn about clearing your digital footprint.
How to Achieve Elite-Level Anonymity
If your goal is to make your connection appear as a clean, direct connection with no proxy indicators, follow this verification workflow:
- Step 1: Choose a premium VPN or residential proxy service that does not inject proxy headers. Avoid free proxies — they almost always add headers or inject ads.
- Step 2: Run this proxy checker to verify zero proxy headers are present. Your connection should show "No Proxy Detected" with zero headers found.
- Step 3: Check your IP fraud score. If the IP has a high fraud score, websites will flag it regardless of clean headers. Prefer residential IPs over datacenter IPs.
- Step 4: Verify no WebRTC leak exposes your real IP. Disable WebRTC or use Brave browser with leak protection enabled.
- Step 5: Match your browser timezone and language to your VPN's location. A VPN exit in London with a browser timezone of America/New_York is a clear VPN indicator.
- Step 6: Run the full Browser Leak Test to check canvas, audio, WebGL, and font fingerprinting exposure.
- Step 7: Use our Cloud IP Check to verify your VPN IP is not flagged as a datacenter address. Check IP blacklist status.
Read our guides on IP reputation for email marketing, fixing 550 RBL errors, and cold emailing IP reputation.
Understanding Proxy Detection in E-Commerce and Fraud Prevention
Online businesses lose billions annually to fraud from masked IP addresses. Understanding how proxy detection works from the website's perspective helps both fraud prevention teams and privacy-conscious users.
Payment processors like Stripe, PayPal, and Adyen automatically check buyer IPs against proxy and VPN databases during transaction processing. A purchase from a known VPN IP triggers additional verification steps — 3D Secure challenges, manual review, or outright decline. This is why legitimate VPN users sometimes face payment failures on e-commerce sites.
Sophisticated fraud prevention systems combine proxy header detection with device fingerprinting, behavioral biometrics (mouse movement patterns, typing speed), and velocity checks (multiple accounts from the same IP). A single signal like a proxy header is rarely enough — it is the combination of signals that triggers fraud flags.
// Example: Server-side proxy detection (PHP)
$proxy_detected = false;
$check_headers = ['HTTP_X_FORWARDED_FOR',
'HTTP_VIA', 'HTTP_CLIENT_IP',
'HTTP_PROXY_CONNECTION',
'HTTP_FORWARDED'];
foreach ($check_headers as $h) {
if (!empty($_SERVER[$h])) {
$proxy_detected = true;
break;
}
}
// Combine with IP reputation API for accuracy
For website owners implementing proxy detection, we recommend checking HTTP headers (this tool's approach) as the first layer, followed by IP reputation database queries (our IP Fraud Checker API), and WebRTC probing for browser-based verification. Layered detection catches more proxies than any single method alone.
Frequently Asked Questions About Proxy Detection
Q What is a proxy checker?
A proxy checker scans HTTP headers to detect proxy, VPN, and anonymizer usage. It examines 15+ headers like X-Forwarded-For, Via, and Client-IP to classify your connection as direct, transparent proxy, anonymous proxy, or elite proxy.
Q What is the difference between transparent and anonymous proxy?
A transparent proxy forwards your real IP in headers — the website sees both the proxy and your real address. An anonymous proxy hides your IP but still sends headers that indicate proxy usage. An elite proxy removes all proxy indicators.
Q Can websites detect my VPN?
Yes. Through proxy headers, IP reputation databases, WebRTC leaks, datacenter IP detection, TLS fingerprinting, and timezone mismatches. Our tool checks headers; use our WebRTC Leak Test and IP Fraud Checker for the other vectors.
Q What headers reveal proxy usage?
X-Forwarded-For, Via, Client-IP, Proxy-Connection, Forwarded, X-Real-IP, and others. Our tool scans 15 known proxy headers simultaneously and shows which ones are present in your connection.
Q Why do I see proxy headers when I am not using a proxy?
CDNs like Cloudflare, Akamai, and AWS add headers like CF-Connecting-IP and X-Forwarded-For to route traffic through their edge servers. Corporate firewalls and ISP transparent proxies can also inject these headers. These reflect infrastructure, not privacy concerns.
Q What is an elite proxy?
An elite proxy (high-anonymous) strips all proxy headers, making your connection appear as a direct connection. Even elite proxies can be detected through IP reputation databases, WebRTC leaks, and behavioral analysis.
Q How do I hide that I use a VPN?
Use a VPN with residential IPs, disable WebRTC, match timezone and language to VPN location, use a clean IP not flagged in reputation databases, and clear cookies. Run this proxy checker plus our WebRTC and Browser Leak tests to verify.
Q Is using a proxy or VPN illegal?
In most countries, using proxies and VPNs is completely legal. Some countries restrict VPN usage (China, Russia, Iran). Using a VPN or proxy for illegal activity is illegal regardless of the tool. Our checker helps you test your connection — it does not encourage any illegal use.
Related Privacy & Security Tools
Is Your Proxy or VPN Truly Anonymous?
15 Header Checks — One Free Scan
Our proxy checker scans HTTP headers, classifies proxy type, compares forwarded IPs, and cross-checks WebRTC for the most complete proxy detection test available free in 2026.