How This Test Works: Accuracy & Privacy
A Brand-New Address Every Time
Each test hands your device a one-time web
address that has never existed before (like
a8f3b1c9-leak.dnsdoh.art). Older test
sites can be fooled because your browser
remembers addresses it has already seen.
Ours can't be remembered, because it's brand new, so
your device has no choice but to ask a DNS server
where to find it. Whoever looks it up is the server really
handling your traffic, and that's exactly what we
catch.
Gentle on Your Connection
Some tests flood your connection with 50+ requests at once, which lags your browser and triggers false alarms. We send just a small, carefully spaced set of requests instead. That's still enough to uncover tricky setups, like big providers (Google, Cloudflare) that answer from many servers at once, without ever slowing you down.
ISP Snooping (Proxies)
Even after you switch to a private DNS, some providers quietly grab DNS requests as they leave your network and push them through their own servers, so they can still see the sites you visit. If that's happening, your provider's name shows up in the results above even though you never chose it. That's the giveaway.
Windows & VPN Conflicts
To feel faster, computers (Windows especially) sometimes use your VPN and your normal Wi-Fi at the same time. When that happens, some requests slip out through your real connection instead of the VPN. If you're on a VPN but your home provider still shows up above, this is usually why.
The Fix: Encrypted DNS
Encrypted DNS seals your requests inside encryption, so your provider can't read them or swap in their own servers. Look for DoH (over HTTPS), DoH3 (over HTTP/3), DoT (over TLS), or DoQ (over QUIC). Any of them keeps your browsing private. If this test shows only the resolver you expect, it's working.