Staff member
Browsing Experience Security Check (aka ESNI Checker) by Cloudflare

[ < Run Test > ]

When you browse websites, there are several points where your privacy could be compromised, such as by your ISP or the coffee shop owner providing your WiFi connection. This page automatically tests whether your DNS queries and answers are encrypted, whether your DNS resolver uses DNSSEC, which version of TLS is used to connect to the page, and whether your browser supports encrypted Server Name Indication (SNI).

What do the results mean?
  • A check failure (❌) indicates that your browsing data could be vulnerable. An unwanted party could see sensitive information such as which sites or servers you are visiting, or the certificate you are using. If the DNS response is fraudulent, you could also end up visiting and/or providing data to an unintended party.
  • A pass ✅ indicates that your browser or DNS resolver supports that particular feature.
If I pass all four tests, am I secure no matter which site I browse?
  • Not necessarily. Even if you pass all four tests, the domain you are visiting also needs to support these technologies. If the domain you visit doesn't support DNSSEC, TLS 1.3, and Encrypted SNI, you are still potentially vulnerable, even if your browser supports these technologies.


Level 24
And that's the problem. Only few sites support DNSSEC and even less use eSNI.

Also I don't like their site. Tracking cookies with opt-out even if it need to be opt-in !
And they spread misinformation that using other DNS isn't secure - even if it's encrypted (I use AdGuard DoT). They only say that their own is secure this just isn't valid.