DNS Leak Test

When you use a VPN, your DNS requests should go through the VPN tunnel. If they don't, your ISP (or others) can see which websites you visit — even with the VPN on. This test detects which DNS servers are handling your requests and checks if they match your VPN location.

What is a DNS Leak?

Every time you visit a website, your device sends a DNS (Domain Name System) request to translate the domain name into an IP address. Normally, your ISP's DNS servers handle these requests — and they can see every site you visit.

When you connect to a VPN, your DNS requests should be routed through the VPN's own DNS servers. A DNS leak happens when these requests bypass the VPN and go to your ISP's servers (or other third-party DNS servers) instead, exposing your browsing activity.

How to Read the Results

• Match — The DNS server is in the same country as your public IP. If you're using a VPN, this means the DNS server matches your VPN location. Good.
• Mismatch — The DNS server is in a different country than your public IP. This could indicate your DNS requests are leaking outside your VPN tunnel.

How to Fix DNS Leaks

• Use your VPN's DNS — Most VPN apps have a "Use VPN DNS" or "Prevent DNS leaks" setting. Make sure it's enabled.
• Set custom DNS servers — Configure your device to use privacy-focused DNS like Cloudflare (1.1.1.1), Quad9 (9.9.9.9), or your VPN provider's DNS.
• Disable Smart Multi-Homed Name Resolution — On Windows, this feature can cause DNS requests to bypass the VPN.
• Use DNS-over-HTTPS (DoH) — Modern browsers support encrypted DNS, which prevents ISP snooping regardless of VPN status.