Detect whether your DNS queries leak outside your proxy or VPN tunnel, exposing the sites you visit to your ISP.
Click "Run DNS Leak Test" to begin. The test generates unique DNS queries.
Wait a few seconds while the test identifies your DNS resolvers.
Review the results: if resolvers belong to your ISP, you have a DNS leak.
DNS resolver IP addresses, resolver geolocation and ISP ownership, number of distinct resolvers detected, and whether any resolver belongs to your local ISP rather than the proxy provider.
DNS leaks are the most common privacy hole in proxy setups. A scraping operation that leaks DNS tells the ISP (and any network observer) every target domain being scraped, even though the actual HTTP traffic goes through the proxy. Fixing DNS leaks is essential for operational security.
The test generates random subdomain prefixes (e.g., a3f9b2.leak-test.example) and requests them from the browser. These unique subdomains cannot be cached, forcing a fresh DNS lookup each time. The authoritative DNS server logs which resolver IPs made the queries, revealing the actual DNS path your traffic takes.
A DNS leak occurs when your DNS queries bypass your proxy or VPN and go directly to your ISP DNS servers. This exposes every domain name you visit to your ISP, even though your HTTP traffic is routed through the proxy.
Configure your system to use DNS-over-HTTPS (DoH) or DNS-over-TLS (DoT) through a privacy-respecting resolver like Cloudflare (1.1.1.1) or Google (8.8.8.8). On SOCKS5 proxies, enable remote DNS resolution so lookups go through the proxy tunnel.
No. HTTP proxies only handle HTTP traffic -- DNS queries often bypass them entirely. SOCKS5 proxies can route DNS if configured for remote resolution. Always test after setup to confirm your DNS path.
Run this check again from a clean residential proxies exit and see what actually reaches the other side.