Extended guide

Proxy knowledge base

This is the full Good-Proxies.ru reference guide: it combines definitions, protocol classification, anonymity levels, DNSBL/RBL specifics, cascading schemes and guidance on choosing proxies for a specific task.

Brief knowledge base Full article URL Proxy list Free proxies API documentation

If you need a shorter overview without deep detail, open the brief knowledge base. If you need the permanent URL of this long article, use https://good-proxies.ru/en/proxy-info/full/.

01

Proxy Server: Definition and Use

Definition: A proxy server is software that runs on the client side and lets you send network requests on behalf of that machine. The term proxy comes from the Latin word proxus and means delegated representation.

Functionality: A proxy server acts as an intermediary between a client, such as a personal computer, and a remote server, such as a web server with internet content. The client connects to the proxy first, and the proxy then establishes the connection to the target resource.

How it works: Direct connection

With a direct connection your computer sends the request straight to the site's server. The server replies straight back — two nodes, no middleman.

How it works: Using a proxy server

In the alternative model the client connects to a proxy server, passes the access parameters for the desired resource and waits for the response. The proxy receives the request, opens the connection to the target server under its own address, receives the result and sends it back to the client.

Note

If you need a shorter summary of the differences between HTTP, HTTPS and SOCKS without the long-form explanations, open the brief knowledge base. For real filtering and working addresses use the proxy list.

02

Proxy Servers: Functional Features and Use Cases

Definition: A proxy server is software that sends network requests on behalf of the client. In real use, its value goes beyond hiding the IP address: it also gives control over geography, connection type, and traffic profile.

Main Reasons to Use Proxies

Proxies are used for different network tasks. The most common uses fall into three categories: protection, marketing research, and cost savings.

Protection on the Internet

  1. Protection from data collection: a hidden IP and connection details make it harder to track what you do online.
  2. Password protection on public networks: proxies with traffic encryption such as HTTPS help keep your logins and passwords safe on open Wi-Fi.
  3. Preventing phishing and malware: some proxy servers can block access to known phishing and malware resources.

Marketing / SEO

  1. Parsing search engine results pages to analyze rankings of your own site and competitors.
  2. Checking for cloaking: verifying whether site content changes depending on IP, geography or ISP.
  3. Checking site availability from different regions to detect network or application failures in time.
  4. Checking language versions of a site and the correctness of localization in a multilingual setup.
  5. Checking multi-region campaigns and geo-dependent ad delivery.

Savings

  1. Using regional pricing for subscriptions and digital goods when the cost depends on the user country.

Tip

For large SEO checks and regional SERP tests it is more convenient to build a filtered pool in the proxy list and save an API URL from the API documentation.

Proxies for services

Proxy servers with email sending support

SMTP proxies are servers with port 25 open, which is required for sending email from the sender to the destination mail server. They allow bulk mailing and email delivery testing while hiding your real IP address. These proxies are needed for automating email campaigns and checking whether mail services work correctly. Hiding your real IP address helps bypass blocks from mail services caused by suspicious activity from a single IP, which in turn makes email sending tests more convenient. In our SMTP proxy list, availability of port 25 is checked no more than once every 30 days. This is done so we do not overload target mail servers with extra requests and so we reduce the load on public proxies.

Proxies for Telegram API

They work with the Telegram API while hiding your real IP address, and let you make the required number of requests when working with bots and automation. Proxies help bypass rate limits and distribute load across different IPs — this matters for large bots. This reduces the risk of account blocking and makes it easier to manage user interactions. Each proxy for the Telegram API is checked no more than once per week: the messenger blocks IPs less often than other services, and more frequent checks would only overload public proxies.

Proxies for Avito API

They work with the Avito API while hiding your real IP address. They let you make the required number of requests for scraping competitors' listings and help avoid IP-based blocks. This makes it possible to analyze competitors' ads and find the best placement options to rank higher. In the Good-Proxies.ru proxy service, each proxy for the Avito API is checked no more than once per hour — so as not to overload public proxies or create unnecessary load on Avito.

Google proxies without captchas

Through these proxies you can make requests to the Google search engine for SEO monitoring, rank checking, collecting search data, and analyzing competitors. Proxies hide your real IP, reduce the risk of IP-based blocks, and let you target specific GEOs. Availability of proxies for Google is checked no more than once per day.

Proxies for Mail.ru

Proxy servers verified for access to Mail.ru. They hide your real IP and are suitable for bypassing geo-restrictions set by your internet provider or by Mail.ru. These proxies are not checked for sending mail — only for connectivity to Mail.ru services. The check is performed no more than once every 7 days.

03

Proxy Server Classification

Definition: Proxy servers are classified by functional capability, supported protocol and anonymity level. This combination determines whether a resource is suitable for a browser, scraping, an API client, a mail client or a multi-layer chain.

HTTP Proxy Servers

Description: Proxies of this type support the HTTP protocol and are used to access web pages and download files from services that operate on the standard TCP port 80.

Limitations: Regular HTTP proxies are not suitable for websites that require SSL/TLS and cannot be included in a proxy chain.

HTTP proxy classification by anonymity level

High Anonymous Proxies (Elite)

They do not inject client information and do not reveal proxy usage in HTTP headers.

Anonymity level: The highest level available for HTTP connections.

Anonymous Proxies

They indicate that a proxy is being used but do not pass the real client IP address.

Anonymity level: Adequate for many everyday tasks.

Distorting Proxies

They pass the client address partially or in distorted form, for example by exposing only part of the octets.

Anonymity level: Minimal: it is visible that a proxy is in use, and some client data may leak.

Transparent Proxies

They always add a header with the client's real IP.

Anonymity level: No anonymity: the target server sees both the proxy and the real address.

Important anonymity notice

Some HTTP proxies behave as transparent only in standard HTTP mode. If the same resource is used through the CONNECT method, its anonymity level may rise to anonymous or highly anonymous.

Good-Proxies.ru checks the anonymity level separately for each supported protocol. To get the expected result, use the resource only with the protocol shown in the proxy list and confirmed by the check.

HTTPS (CONNECT) Proxies

These proxies support the HTTP CONNECT method, which makes HTTP tunneling possible. In this mode HTTP becomes a transport layer for lower-level TCP traffic.

Because of that, such proxies can connect to almost any required port on the target resource and work with most TCP applications, including SSL/TLS web servers. Tunneling is what makes HTTPS proxies suitable for multi-layer chains and preserves their anonymity.

SOCKS Proxies

Almost any network application can work through SOCKS proxies: mail clients, specialized communication systems, browsers, parsers and other TCP tools.

The key SOCKS feature is the ability to build sequential chains from multiple proxies. This increases anonymity because SOCKS operates on a lower networking level and does not modify HTTP headers.

Classification of SOCKS protocol versions

The most common versions are SOCKS4, SOCKS4a and SOCKS5. All of them support IPv4, TCP and the BIND method that opens a port for incoming connections.

SOCKS4a and SOCKS5 have an important edge over SOCKS4: the client can pass not just an IP but a domain name, and the SOCKS server itself resolves DNS. That avoids DNS leaks. SOCKS5 also handles UDP, IPv6, and stronger authentication.

Comparing HTTP, HTTPS, and SOCKS versions

Protocol Traffic DNS Best for
HTTP Web requests Client-side Public sites, scraping
HTTPS CONNECT + TLS Client-dependent Logins, APIs, browsing
SOCKS4 TCP IP only Light TCP tasks
SOCKS4a TCP Domain via proxy SOCKS4 without DNS leaks
SOCKS5 TCP + UDP Domain via proxy Messengers, VoIP, automation

Web Proxies (CGI Proxies, Anonymizers)

A web proxy is a specialized web page through which a user opens another website, often anonymously. Such a resource is often called a CGI proxy or anonymizer.

The main advantage is simplicity: usually no browser configuration changes are required. Most web proxies can work with HTTPS resources and, if necessary, can be embedded into a cascading scheme.

Detailed Functional Analysis

  1. HTTP proxies operate strictly on the application layer, OSI Layer 7, and suit only HTTP requests without built-in encryption.
  2. HTTPS proxies can correctly pass TLS/SSL traffic by using HTTP tunneling through the CONNECT method.
  3. All SOCKS versions operate on the session layer, OSI Layer 5, which is closer to transport logic.
  4. SOCKS4 is the baseline version without authentication and without IPv6 support.
  5. SOCKS4a adds minimal improvements while preserving SOCKS4 limitations.
  6. SOCKS5 is the most advanced implementation: it supports domain names, extended authentication, IPv6 and UDP.

Service recommendation

To get current information about availability, country, port and anonymity level for specific addresses, open the Good-Proxies.ru proxy list. For tests before purchase you can start with the free sample.

04

Proxy Classification by Infrastructure and IP Origin

To choose proxies more precisely, evaluate not only the protocol but also the hardware base and IP origin. These parameters determine connection stability, trust from target sites, and behavior under load.

4.1. Classification by hardware type

Proxy services fall into two big groups, depending on the kind of hardware they run on.

Server Proxies (Dedicated Server Proxies)

This group runs on dedicated, powerful servers.

Technical advantages: High uptime and fast request processing are achieved through significant CPU and RAM reserves together with uplinks of high bandwidth.

Use cases: They are optimal for automated tasks with high request frequency and strict latency requirements.

Non-Server Proxies (Non-Dedicated Proxies)

This group includes proxies running on standard end-user hardware or local infrastructure devices.

Platform examples: Smartphones, routers, laptops and desktop computers.

Speed limits: CPU, memory, and bandwidth on home devices are weaker than on servers — so overall throughput is lower too.

4.2. Classification by IP ownership

Modern databases give you the country, city, ISP, and connection type for any public IP. Sites use this for marketing, anti-fraud, anti-bot defense, and personalization. So how much a request is trusted depends not only on the proxy but also on where the IP comes from.

Corporate / Data Center Proxies

These are IP addresses owned by large hosting centers and data centers.

Trust analysis: Requests from such addresses often create lower trust because they are associated with automation, bots or deliberate anonymization.

Also in this group: IPs of companies that don't sell home internet to private subscribers.

Residential Proxies

These are IP addresses from consumer internet provider pools that serve home users.

Trust analysis: This traffic looks the most natural and usually produces the highest trust from target services.

Mobile Proxies

These are IP addresses from 3G, 4G and 5G mobile internet operator pools.

Trust analysis: Mobile addresses also show high trust because they reflect real user behavior inside mobile networks.

05

Proxy Classification by Access Level

For users it matters how isolated an IP or port is from strangers. The fewer people share a proxy, the higher the speed and reliability. The flip side: if one user breaks the service's rules, the proxy can get blocked for everyone.

5.1. Private Proxies

The term private points to a connection used by only one subject. A resource can be treated as truly private only when access is restricted by IP authorization or login and password, which prevents simultaneous use by outsiders.

The market offers proxies rented to one user for a defined period. Such resources are private during the rental window, but their quality can still depend on how earlier clients used them. Usually this is the most expensive class and, with comparable infrastructure, it gives the best stability and speed.

Advantages

  1. High speed compared to shared resources.
  2. Maximum stability under equal technical conditions.
  3. Exclusive ownership of the IP address for the rental period.

Disadvantages

  1. Relatively high cost, around 5 USD and above per resource.
  2. Limited assortment and a low refresh rate of IP addresses.
  3. Possible functional restrictions, such as closed ports or blocked social networks.

5.2. Shared Proxies with Restricted Access

The number of users is capped by IP binding or required authentication. Owners of small server-proxy pools or subnets do this most often. They also tend to block certain traffic types — outgoing SMTP, for example — to avoid RBL complaints.

An alternative source is resources obtained from botnets. They can be protected by credentials, but more often restriction is implemented through non-standard ports known only to the infrastructure owner. BackConnect proxies also belong here: they do not open an inbound port and instead initiate the outbound connection to a gateway. Their weaknesses are the unknown concrete IP and sudden address rotation every few minutes.

Advantages

  1. Higher speed than public proxies, especially in server-based pools.
  2. Moderate stability compared to fully open resources.

Disadvantages

  1. High cost: from tens to hundreds of USD per month depending on pool size.
  2. Possible functional limitations, especially on server pools.
  3. No ability to choose the exact IP address in a BackConnect model.
  4. Risk of unexpected IP rotation.

5.3. Public Proxies

Lists of public proxies are openly published on thousands of websites. They usually appear after scanning open ports across network ranges or after address leaks from infrastructure that used to be tied to botnets. After a basic validation, the share of truly working addresses in such sets often stays around 5 percent.

Paid aggregators collect those resources, revalidate them on a regular basis and provide users with working lists of much higher reliability. This is exactly the format behind the systematic checks and classification on Good-Proxies.ru.

Advantages

  1. Minimal entry cost.
  2. Maximum choice of available IP addresses and networks.
  3. Ability to get proxies as a ready-made list.

Disadvantages

  1. Low speed compared to restricted or private resources.
  2. Critically low stability.

Useful tip

If you need to quickly inspect a free pool before buying, start with the free proxy page. If you need filtering by country, type and anonymity, go directly to the main list.

06

Cascading Proxy and BackConnect Proxy

6.1. Cascading Proxy Server (Proxy for Proxy)

A cascading proxy is a proxy that connects, as a client, to another upstream proxy. Several proxies stack into a chain: each next one makes an outbound link to the previous.

The key sign of a cascade is that the connection IP and the final IP seen by the target resource are not the same. This is what separates multi-layer schemes from a regular single proxy.

  1. Several proxies with different source IPs, and even from different subnets, can produce the same final resulting IP.
  2. A single final IP can expose several ports, each of which leads to a different source proxy and even a different geography.

Important

A cascading link by itself does not mean BackConnect or a botnet. That conclusion needs more evidence.

6.2. BackConnect Proxy Server (Reverse Connection Proxy)

BackConnect works differently from a regular proxy. A regular one opens a port and waits for incoming requests, while BackConnect opens no inbound port — it makes an outbound connection to the client or a gateway.

  1. A classical proxy stays in a passive mode and waits for an incoming connection.
  2. A BackConnect proxy reaches out on its own, which helps bypass firewalls and NAT because outbound connections are usually allowed by default.

BackConnect implementation challenges

Such an architecture creates two fundamental tasks for the system.

  1. How to pass the client IP address and port to the BackConnect proxy so it can establish the reverse connection.
  2. How to ensure that the client is ready to listen for an incoming connection from the gateway server.

This is usually solved through a specialized gateway server that accepts the request from the client, forwards it to one of the BackConnect proxies and returns the result back.

  1. The gateway accepts the request from the client and looks like a classic cascading proxy from the client side.
  2. The gateway forwards the request to one of the connected BackConnect nodes.
  3. The gateway receives the execution result and sends it back to the client.

Technology drawbacks: The client does not know in advance which final IP address will perform the request. Because of that, geographic control usually requires multiple gateways or separate port pools with predictable characteristics.

In the overwhelming majority of cases, BackConnect proxies come from botnet infrastructure.

Geolocation note

If the connection IP and resulting IP are different, Good-Proxies.ru determines geography by the resulting IP rather than the connection address. To select resources with frequently changing final addresses, use the unique IP filter in the proxy list.

07

How to Choose the Right Proxy for Your Task

Not every proxy is suitable for every task. To reduce errors and improve stability, choose addresses based on the required protocol, geography, and session duration.

7.1. Protocol Compatibility (HTTP vs. HTTPS/SOCKS)

If the target resource works only over a protected HTTPS protocol, for example https://yandex.ru/, using a regular HTTP proxy is not acceptable.

  1. Standard HTTP proxies without CONNECT support cannot encapsulate and forward encrypted HTTPS traffic correctly.
  2. For such tasks you should use only HTTPS proxies or SOCKS proxies.

7.2. Geographic Suitability (Excluding Chinese Resources)

China is a traditional source of a very large number of proxy resources, and the share of such addresses in the overall base can be high.

At the same time, because of the internal censorship system in China, some global services including Google.com, Gmail.com and x.com can be unavailable or unstable.

If your program produces too many connection errors, one possible reason is an attempt to reach a blocked resource through a Chinese proxy.

Working rule

To exclude this factor, use the Exclude Chinese Proxies filter in the web interface or reproduce the same rule in the request parameters described in the API documentation.

7.3. Session Stability (Long-Lived Resources)

If you are running tasks in a browser session or a long-running script, priority should be given to long-lived proxy resources.

  1. Any proxy can stop working at any moment.
  2. The risk of sudden interruption can be reduced by selecting addresses with stricter and more informative quality filters.
08

Proxy Anonymity and Security

8.1. Limits of Full Anonymity

Using a proxy does not guarantee absolute anonymity and does not mean full communication security.

  1. Even anonymous and high-anonymity proxies can leak client data through JavaScript and other channels.
  2. Proxies themselves may keep detailed logs: traffic, credentials, and other sensitive data.
  3. There is always a risk that a resource is controlled by attackers, state structures or intentionally built for traffic interception.

8.2. Proxy Chain Construction

A proxy chain is a sequence of several resources through which traffic passes one by one to increase anonymity.

  1. HTTPS proxies, SOCKS proxies and web proxies can all participate in such a chain.
  2. Unlike server-side cascades, this kind of proxy chain is built on the client side, by a dedicated program.

8.3. Methods for Building a Chain

  1. For HTTPS and SOCKS chains you usually need a separate client tool, for example ProxyCap.
  2. If the chain consists only of web proxies, it can be assembled directly inside the browser by opening the next proxy inside the previous session.

8.4. Critical Reliability Parameter

Any chain stops working if even one component inside it fails. The longer the chain, the higher the risk of interruption.

8.5. Proxy Judge Construction

A proxy judge is a specialized script-based resource that shows connection parameters and helps determine the true anonymity level.

  1. When an HTTP request reaches it, it outputs the full set of headers and their contents.
  2. These signals are exactly what proxy checkers use to identify the proxy type and its anonymity.
  3. Choosing a fast and correct judge resource is critical for configuring automated checking systems.

Good-Proxies.ru relies on an up-to-date set of verified judge resources.

For day-to-day work it is more convenient to open the separate Proxy Judge List page, where the same set is shown as a working table with status, speed, and quick URL copy.

8.6. IP Addressing in Network Space

The internet is a global network of computing nodes connected by wired and wireless communication channels. For these nodes to exchange information, each one needs a unique identifier: the IP address.

The most common format today is IPv4, which means four numeric octets from 0 to 255 separated by dots.

8.7. Classification of IP Ranges

For administration and risk evaluation you need to distinguish between private and dangerous address ranges.

Private (Internal, Local or Gray) Ranges

These addresses are not intended for direct use on the global internet. They are reserved for local networks and are not allocated centrally like public ranges.

According to the IANA definition, the following IPv4 blocks are reserved for local use.

  1. 10.0.0.0 - 10.255.255.255
  2. 100.64.0.0 - 100.127.255.255 (Carrier-Grade NAT range)
  3. 172.16.0.0 - 172.31.255.255
  4. 192.168.0.0 - 192.168.255.255

In addition, the 127.0.0.0 - 127.255.255.255 range is reserved for loopback interfaces.

Dangerous IP Ranges

This term refers to subnets of government structures, military and law-enforcement organizations, and some large corporations tied to defense and research activity.

Using proxies from such networks may involve higher risks because they can potentially be suitable for covert traffic analysis.

Good-Proxies.ru removes addresses identified as belonging to such dangerous ranges from its own databases.

8.8. DNSBL/RBL Mechanism (Realtime Blocking List)

DNSBL or RBL is a structured list of IP addresses and domain names observed in harmful network activity.

  1. Typical reasons for listing include spam campaigns, DoS and DDoS attacks, and active port scanning.
  2. The lists are distributed through DNS infrastructure. Some databases can also include dynamic IP addresses without direct malicious behavior.
  3. The main purpose of DNSBL is to fight spam in email, comments and message forms.

8.9. Procedure for Verifying an IP Address in DNSBL/RBL

To check your IP against the most trusted block lists, open the your IP and RBL check page.

  1. We only check block lists where being listed really points to suspicious activity. Dynamic lists are not analyzed separately.
  2. After the query finishes you will see the list of databases that include the address and can follow the active source link to identify the reason and the removal procedure.

8.10. Botnet Concept

The term botnet combines the words robot and network and denotes a network of infected devices under centralized control.

  1. Attackers use viruses, trojans and worms to remotely control user computers all over the world.
  2. Such programs work covertly and consume user resources without the user knowing it.
  3. Common botnet jobs: spam, password brute-forcing, DoS attacks, and ad-click fraud.

What to open next

If the theory is clear, move on to action: filter addresses through the proxy list, check free proxies, review the RBL status of your IP, and connect proxy delivery through the API.

Open proxy list View free proxies Study the API Check your IP