Does DNS Test Leak My Real IP Address?

The website which makes the DNS test can only know our DNS provider. It can’t know our real DNS settings or our real IP address behind the proxy.

Question: I use a proxy (in My IP Hide) in the United Kindom. But the DNS servers are in Belgium. Does it leak my real IP address?

Answer: The short answer is No. Below is the detailed explanation.

Websites Know Your DNS IP?

The websites which can show our DNS servers are using the same technology. We use this one as an example:

Here is the test result for our My IP Hide server (UK5).

DNS Leak Test
DNS Leak Test for UK5 Proxy

It seems that the website knows our DNS servers. In fact, it only knows the ISP of our DNS because our real DNS servers are and instead of 74.125.x.x.

Let’s see how it detects our DNS servers. First, it makes six new domain names such as these ones.

Then it uses javascript to make our browser to connect to those domain names. Our browser needs to know the IP address of them. So it makes a DNS query: “What is the IP address of”.

The query route looks like this: Our Browser -> UK5 Proxy -> -> other Google DNS servers ->  74.125.x.x -> the name server of (

What Are Those DNS IP?

Then the name server of knows we used 74.125.x.x to do a DNS query. It made six new domain names so it can get six  IP addresses which query those six new domain names.

But those IP addresses 74.125.x.x are just edge DNS servers which are on the optimal route. can’t even know their previous nodes. Neither can it know our real DNS servers ( or our real IP address which is behind the UK5 proxy. What it actually knows is our DNS provider, Google.

Use DNS Test to Check User’s IP?

First, DNS test can’t get the user’s exact location. For example, websites may get Belgium IP addresses for all the European users, and Taiwan IP addresses for all the Asian users if the users are using Google DNS

Second, DNS test is costly. It needs extra code to make many one-off domain names and read the logs from the name servers. It also wastes the Internet resources, by adding unnecessary DNS queries for those disposable domain names.

Because of the above two reasons (no exact location and costly), most websites won’t use DNS test to block foreign visitors. Getting the IP address from the user’s HTTP request is still the main method.

The Meaning of DNS Leak Test

If you don’t use any proxy/VPN and use the default DNS server settings. You should be using the DNS server of your ISP. You will see Comcast, Verizon, or AT&T in the DNS Leak test result.

In that case, your ISP knows all your DNS queries. Thus it can know all the websites you visited.  That is a DNS leak. Some bad ISP may send fake or invalid IP addresses to your DNS queries. Thus it can block some websites.

Moreover, a DNS test may know your exact location if you are using the default DNS servers of your ISP.

The meaning of the DNS leak test is to check whether you are using a safe DNS provider. These are safe DNS providers.

DNS Provider NamePrimary DNS ServerSecondary DNS Server
OpenDNS Home208.67.222.222208.67.220.220
Comodo Secure DNS8.
Norton ConnectSafe199.85.126.10199.85.127.10
Alternate DNS198.101.242.7223.253.163.53
Hurricane Electric74.82.42.42

How to Fix a DNS Leak

  • Use those safe DNS providers above
  • Use remote DNS if you are using a socks proxy
  • Use a version of OpenVPN newer than v2.3.9
  • Use an HTTP proxy which doesn’t have the DNS leak problem natively
  • Use My IP Hide which is an enhanced HTTP proxy service



Leave a Reply

Your email address will not be published. Required fields are marked *