Why do browsers and apps behave differently?

Some browsers and applications may use their own DNS, encrypted DNS, built-in resolvers, cached results or proxy logic. Because of that, the same domain may behave differently in a browser, mobile app or game client.

How Can You Tell if DNS Pollution Is Happening?

Q: Does correct DNS resolution guarantee that a website will work?

No. DNS only converts a domain name into an address. The actual connection still depends on routing, server response, certificates, ports and how the application connects.

Short answer

To detect DNS pollution, do not only check whether the website opens.

Compare how the same domain resolves through different DNS servers, networks and devices. Then combine the DNS result with ping, traceroute and actual connection behavior to decide whether the problem is in DNS resolution or in the later connection path.

Reason one: DNS returned an unusual address

DNS converts a domain name into a server address.

If a normal domain resolves to an unrelated IP address, a private address, a reserved address or an address that clearly cannot be reached, the DNS result may have been interfered with.

Reason two: different DNS servers give different answers

The same domain may return different answers when queried through different DNS servers.

This difference is not always pollution, because CDN systems naturally return different nodes based on region. But if one DNS server returns an obviously abnormal address while others return expected results, it is worth checking further.

Reason three: different networks behave differently

The same device may receive different DNS results on home broadband, mobile data, office networks or public WiFi.

If resolution only becomes abnormal in one network environment, the issue may be related to that ISP's DNS, routing policy or network exit.

Reason four: correct DNS does not guarantee a successful connection

DNS is only the first step.

After a domain resolves to the correct address, the actual connection still depends on routing, server response, certificate matching, port reachability and whether the application is affected by other network rules.

Reason five: some applications do not use the system DNS

Browsers, mobile apps, game clients or certain tools may not fully use the system DNS.

They may use built-in DNS, encrypted DNS, proxy resolution, cached results or their own connection logic. A browser working normally does not always mean the app will connect; an app working normally does not always mean the system DNS is clean.

Common signs

The same domain returns completely different addresses across DNS servers
One DNS server returns an unrelated or unreachable IP address
A site fails on home broadband but works on mobile data
Browsers and apps behave differently for the same service
The ping target points to an unexpected server region
The page redirects strangely or shows a certificate mismatch
Clearing DNS cache helps briefly, then the issue returns

How should you troubleshoot it?

Start by querying the same domain through multiple DNS servers.

Then switch to another network, such as mobile data instead of WiFi, and observe whether the result changes. After that, compare ping, traceroute, browser access, app connection behavior and certificate warnings to decide whether the issue truly occurs at the DNS stage.

If the DNS result looks normal but the connection still fails, stop focusing only on DNS. At that point, routing, ports, server direction, ISP exits or the application's own connection method may be more relevant.

Haipaida's view

DNS pollution is one possible cause, but not every unreachable site is a DNS pollution problem.

The useful approach is to separate name resolution from the connection path. First confirm where the domain resolves, then confirm whether traffic can actually reach that address.

Search more network questions in the knowledge base › ｜ Why are speed tests normal but webpages slow? ›