Free tools
DNS leak test
Run a short-lived authoritative probe and see which recursive resolvers were actually observed for this browser session.
Observed recursive resolvers
We create a short-lived probe hostname, wait for the browser stack to resolve it, and then report the resolver IPs our authoritative DNS path actually observed.
How to read this
This result shows the recursive resolvers that reached our authoritative probe. It does not claim to be a perfect audit of every DNS request your machine might ever make, but it is a truthful sample of the resolver path this browser session exposed during the test.
Next checks
1Run IP checker to confirm the public edge view you expected.
2Run WebRTC leak test if browser candidate leakage is part of the same threat model.
3If you want a stable daily resolver path, create a workspace and use Secure DNS from the product instead of juggling one-off client settings.
Why this matters
DNS can quietly reveal browsing intent even when the app or tunnel path is otherwise private. A trustworthy DNS leak test has to show the recursive resolvers that really observed the query path, not guess from browser settings alone.