DNS leak test showing USA cloudflare addresses instead of local NextDNS?

Shadow Colossus I only ever use Safari and Firefox (on macOS Big Sur) and the tests I posted above were all done with those two browsers, so I don't think it's specific to Brave/Chromium.

Chris I didn't say specific, I said that on some browsers the leak seems to be worse than on others. For example, from what I've seen, the leak looks worse in Brave than in Firefox, but there's still a leak, you know? so my theory is that something is happening inside browsers that is causing DNS leaks. Or it could be a problem that is affecting these two providers in particular for some reason, I just know that before using ControlD, I was using NextDNS through YogaDNS in the recommended documentation settings and there was a huge leak to Google and Cloudflare, so, I thought Brave can be worse because they contact the servers of these two constantly differently from other browsers. But well, as I said, it's a theory, nothing concrete.

Shadow Colossus I can say that I have not seen any differences between Firefox and Safari and get between 3 and 87 additional DNS servers listed, usually from Cloudflare and Google, tested on 3-4 different sites listed above.  

Shadow Colossus  I have a python code that runs on time to time, the leaks do appear and I have it configured as per the nextdns documentation in my router.

Kummas 

So I throw my theory in the trash. I honestly have no idea what else it might be. Has anyone here thought of trying to post about these leak issues on privacytoolsIO? Because of what kind, in the situation we're finding ourselves in, the only reason we know these leaks are happening is because people here do periodic DNS leak tests from what I understand, imagine how many people who might be going through that and don't know because they don't do the dns leak tests periodically?

Honestly, I don't use NextDNS for privacy, but for security, but there are people who use NextDNS together with VPN and I think NextDNS is very wrong to know of a problem involving massive leak for more than a month without giving any official statement at least warning people who use their service along with VPN about the huge leak that is happening for them to take appropriate action until the problem is fixed. So, I'm actually going to wait a few more days before deciding whether or not I should post about it on Reddit myself, because honestly, it certainly shouldn't be an issue on our side considering that every day a new person appears with the same problem.

Shadow Colossus Edge on Windows, Safari on iOS: no leaks

Shadow Colossus And interestingly it doesn't happen with some other ones like Quad9, BlahDNS, Cloudfare, CZ.NIC or AdGuard DNS. This easily outweighs the similarities you found between NextDNS and ControlID.

I'd really like to see if someone with a paid plan faces this. I don't suspect anything fishy but I want to be absolutely sure that this problem has hit many indefinitely.

And it's really sad to see NextDNS sit quietly on this issue for so long. Just like you said they could've issued a public warning or at least communicated that they're looking into this issue. 

Rownan I've been using the paid plan since day 1 and have this issue. 

Rownan You know, the worst thing about what's going on is that they've been accused of a leak issue before involving Email and it took a guy to post on Privacy's Reddit for NextDNS to publicly speak about the possible issue : https://www.reddit.com/r/privacy/comments/jswghu/nextdns_is_leaking_your_email_address_to/ - They already have a history involving this type of issue, which makes the situation even worse, as you would expect they would have learned the first time something like this rebounded and got really bad for them that they didn't talk or respond on the subject until it reached a level they could no longer ignore. Honestly, the way it's going, I believe it's a matter of time before someone decides to do the same thing this guy did to try to get NextDNS to inform their users about it if they continue to be silent. Thank you for your contribution.

NextDNS OpenWRT router with Dnsmasq . The leaks are determined through the crontab python script that hits an API from bash.ws. Like I said on the other posts, the leak happens on time to time. There are instances that my home network was compromised with the ring alarm by hijacking nextdns by blocking “ring.solutions”. The workaround was just adding ring.solutions to the allow list.

NextDNS Forgot to mention, no VPN used.