Is DNS.WATCH Secure?
Independent privacy and security audit of DNS.WATCH DNS servers, with live monitoring data.
Last updated March 26, 2026
DNS.WATCH fails multiple security checks. We recommend considering a provider with better privacy and security features.
Security Audit Results
| Check | Result | Details |
|---|---|---|
| DNSSEC Validation | No | Does not validate DNSSEC. Vulnerable to DNS cache poisoning attacks. |
| NXDOMAIN Hijacking | No | Returns proper NXDOMAIN responses for non-existent domains. |
| DNS-over-TLS (DoT) | Not supported | DNS queries are sent in plain text over this protocol. |
| DNS-over-HTTPS (DoH) | Not supported | No DoH endpoint available. |
| Logging Policy | No logging policy | |
| Reliability | 77% | Based on continuous monitoring from our probe network. |
DNS.WATCH DNS Addresses
| Type | IP Address | |
|---|---|---|
| Primary | 84.200.69.80 |
|
| Secondary | 84.200.70.40 |
Test DNS.WATCH Yourself
Run a live privacy and security check on 84.200.69.80 from your location. Get DNSSEC, NXDOMAIN, encryption, and latency results in seconds.
Run Privacy Check on 84.200.69.80How DNS.WATCH Compares
See security audits for other DNS providers:
Related Guides
Frequently Asked Questions
Is DNS.WATCH safe to use?
DNS.WATCH fails several key security checks. Consider switching to a provider that supports DNSSEC, encrypted DNS, and does not hijack NXDOMAIN responses.
Does DNS.WATCH log DNS queries?
DNS.WATCH logging policy: No logging policy. Always review the provider's current privacy policy for the latest details.
Does DNS.WATCH support encrypted DNS?
DNS.WATCH does not support encrypted DNS (neither DoT nor DoH). Your DNS queries travel in plain text and can be monitored by your ISP.
How reliable is DNS.WATCH?
DNS.WATCH (84.200.69.80) has a reliability score of 77% based on our continuous monitoring. This is below our recommended threshold.
What are the DNS addresses for DNS.WATCH?
Primary: 84.200.69.80, Secondary: 84.200.70.40. Configure both for redundancy.