I'm really really interested to find out how they're discovering the DNS server IP addresses I'm using.
The only clue I have is that they're trying to resolve a bunch of fake domain names (which show up as unresolveable in the console).
The webpage has the IP addresses written directly into it (so clearly the data came from the server) which means there's nothing I can investigate (eg, in JS) from my end.
"The DNS leak test works by sending your client a series of domain names to resolve within a specific test domain. Each request is sent from your client to your configured DNS server. Even if you have configured a single DNS server, there may be many other servers that the request is passed on to in order to be resolved (normally to load balance the requests). For example if you configure Google DNS then you will often find 6-10 Google DNS servers which are fullfilling the DNS requests."
Basically it's sending you unique subdomains and then in turn seeing what IP addresses DNS requests come from. Since the subdomains are tied to you, it can tie the requests from the DNS servers you're using back to you.
friendly reminder not to use google DNS if you care about privacy (which you probably do if you're using a VPN in the first place), because you're basically giving them your fingerprint in the form of the websites you visit.
The only clue I have is that they're trying to resolve a bunch of fake domain names (which show up as unresolveable in the console).
The webpage has the IP addresses written directly into it (so clearly the data came from the server) which means there's nothing I can investigate (eg, in JS) from my end.
What's going on?