🌙 LATE NIGHT MODE ACTIVATED — THE CLOWN IS WATCHING 🌙
HomeResourcesPrivacy → ISP Visibility

What Your ISP
Actually Sees.

A walkthrough of everything your internet provider can see about your activity. Without a VPN: a lot of it. With one: mostly just "you connected to a VPN."

Without a VPN: what your ISP sees

Your ISP is the gateway between your home or phone and the public internet. Every packet you send and receive passes through their infrastructure. Without a VPN, here's what they can technically observe:

1. DNS queries

Most users use their ISP's DNS resolver by default. Every time you visit a site, your device asks the ISP's resolver "what's the IP for example.com?" The ISP logs this. They have a complete record of every domain you've ever visited.

This is the easiest thing for ISPs to log because it costs them nothing — they're already running the resolver. Many ISPs in the US (Comcast, Verizon, AT&T) have been documented analyzing or selling aggregated DNS query data.

2. Destination IPs

Even with encrypted DNS, the actual packet headers contain the destination IP. Your ISP sees that traffic flows between you and IP 104.16.x.x. Reverse-lookup that IP and they know you're talking to Cloudflare (which serves thousands of sites). The IP-level identification is fuzzier than DNS but still useful for traffic patterning.

3. SNI (Server Name Indication)

HTTPS handshakes still leak the hostname in plaintext via SNI — a TLS extension that lets one server host multiple domains. Your ISP can read "you're connecting to instagram.com" even though the content is encrypted. There's a newer standard (Encrypted Client Hello) that fixes this, but adoption is partial.

4. Traffic patterns / metadata

Even when content is encrypted, ISPs can see:

  • How much data you're using.
  • When you're online.
  • Which protocols (HTTPS, BitTorrent, WireGuard, etc.).
  • How much data goes in each direction.
  • Latency patterns.

This metadata can identify activities — a streaming session looks different from email; a video call looks different from web browsing — without seeing actual contents.

5. Identity

Your ISP knows who you are. Your account has your real name, address, payment method. Everything they log can be tied to a specific person, not just an IP. This is the fundamental privacy problem with ISPs as gatekeepers.

With a VPN: what your ISP sees

When you connect through ClownVPN (or any reputable VPN):

  • One destination IP: the VPN server you connected to. They see "this user is talking to ClownVPN's network" — they don't see what's behind that.
  • One protocol: WireGuard or OpenVPN traffic. Identifiable as "VPN traffic" but not as anything more specific.
  • Total bandwidth. They can still see how much data you're transferring. They can't see what it is.
  • Connection times. When you connect and disconnect from the VPN.

That's the entire scope. The destinations you visit through the tunnel, the DNS queries, the SNI, the contents — all encrypted, invisible to the ISP.

Trade-off: you've now placed trust in the VPN provider (who CAN see your destinations) instead of the ISP. The calculus is: is the VPN provider more trustworthy than the ISP? For privacy-focused providers, yes. For sketchy free VPNs, often no.

What ISPs do with this data (US perspective)

Big-three US ISPs all have similar policies:

  • Log connection metadata for at least 90 days (some longer, depending on whether you're an active subscriber and what regulations apply).
  • Comply with law enforcement subpoenas. National Security Letters (NSLs) can compel disclosure with gag orders.
  • Sell anonymized aggregate data to advertisers and data brokers. This used to be more aggressive before the 2017 FCC privacy-rule repeal didn't actually go through; now most have toned down direct sale but still aggregate usage data for "research" purposes.
  • Inject ads in some HTTP traffic (Verizon's Super Cookies scandal, 2014-2016). Mostly stopped now, but the precedent is there.

If you're on a school or work network, the network admin has equivalent visibility plus often deeper inspection (deep packet inspection, content filtering, etc.). A VPN closes this same hole at the same layer.

What about mobile carriers?

Cellular carriers see everything an ISP sees, plus:

  • Your cell tower locations (continuous, fine-grained physical tracking).
  • Your IMEI and SIM identifiers.
  • Carrier-level analytics that can identify the apps you use based on traffic signatures.

A VPN encrypts the destination/content layer, same as for fixed-line ISPs. It does NOT hide your cell tower location or device identifiers. The carrier still knows your physical movements while connected.

What about EU vs US ISPs?

EU regulations (GDPR, e-Privacy directive) restrict what ISPs can do with user data compared to US providers. Major differences:

  • EU ISPs generally can't sell aggregate user data without explicit consent.
  • Most EU member states require ISPs to retain connection metadata for law-enforcement access for 6-24 months (varies by country, some struck down by courts).
  • Users have right-to-access for what's been collected about them.

Different rules, similar technical visibility. A VPN closes the same hole regardless of regulatory regime.

Tools to verify

You can see what your ISP / DNS provider sees right now using:

Related reading

🎪 FAQ

Can my ISP see the content of HTTPS sites?
No — HTTPS encrypts the page contents and the URL path. They CAN see the hostname you're connecting to (via SNI in TLS, and via DNS unless you use encrypted DNS). So they know you went to reddit.com but not which subreddit. A VPN closes the SNI + DNS leakage by encrypting that layer too.
Does my ISP keep records of what I do online?
In the US: yes, generally. Most major US ISPs log connection metadata (which IPs you connect to, when, how much data) for at least 30-90 days, often longer for billing and abuse purposes. Some sell aggregated data to advertisers. In the EU: GDPR limits this, but most member states still require retention of connection metadata for law enforcement.
Do mobile carriers see the same things as ISPs?
Same general categories, sometimes more. Mobile carriers also know your cell tower locations (rough physical location continuously), your IMEI/SIM identifier, and which apps you're using based on traffic patterns. A VPN encrypts the destination/content layer but doesn't hide the cell tower / SIM layer.
If my ISP can't see destinations with a VPN, what CAN they see?
They see: (1) that you're connected to a VPN provider, (2) which provider (the server IP resolves to ClownVPN's network), (3) total bandwidth, (4) when you're connected. They don't see what you do through the tunnel. Some networks have policies against VPN use; check yours if you're on corporate or school networks.
Does encrypted DNS (DoH / DoT) help when I'm not on a VPN?
Yes, partially. Encrypted DNS hides your DNS queries from your ISP (they can't see 'this user looked up netflix.com'). But your destination IP is still visible in your packet flow, and modern sites often resolve to large CDN IPs that don't directly reveal the hostname. So DoH/DoT helps but doesn't replace a VPN for full destination privacy.

🎪 Take Your Destinations Back

ISP sees one encrypted endpoint. The rest is your business.

🤖 Get The Free App