DNS Leak Test
Check if your system DNS is leaking or returning manipulated results by comparing against trusted public resolvers.
How It Works
The DNS leak test queries a domain through your system DNS and four trusted resolvers (Cloudflare, Google, Quad9, OpenDNS), then compares the results:
- System DNS - Resolves the domain using your configured DNS
- Trusted Resolvers - Resolves via Cloudflare (1.1.1.1), Google (8.8.8.8), Quad9 (9.9.9.9), and OpenDNS (208.67.222.222)
- Comparison - If your system DNS returns IPs not seen from any trusted resolver, a leak is detected
Interactive Mode
From the main menu, select option [11] DNS Leak Test:
【 DNS LEAK TEST 】
Enter domain to test (e.g., google.com): twitter.com
═══════════════════════════════════════════════════════════════
DNS LEAK TEST RESULTS
═══════════════════════════════════════════════════════════════
Domain: twitter.com
── System DNS ──
IPs: 10.10.34.35
Latency: 5ms
── Trusted Resolvers ──
Cloudflare (1.1.1.1): 104.244.42.65 [42ms]
Google (8.8.8.8): 104.244.42.65 [38ms]
Quad9 (9.9.9.9): 104.244.42.65 [45ms]
OpenDNS (208.67.222.222): 104.244.42.65 [50ms]
🔴 LEAK DETECTED
DNS leak detected! System returned IPs not seen from any trusted resolver...
CLI Usage
# Test a specific domain
dns-mns leak-test google.com
# JSON output for scripting
dns-mns leak-test twitter.com --json
Understanding Results
| Result | Meaning |
|---|
| ✅ No Leak | System DNS returns the same IPs as trusted resolvers |
| 🔴 Leak Detected | System DNS returns different IPs — possible DNS poisoning, hijacking, or transparent proxy |
A leak detection means your system DNS is returning different results than
trusted resolvers. This commonly happens in Iran where ISPs perform DNS
manipulation. Consider using encrypted DNS (options [7], [8], or [10]) to
protect your queries.
