Our Verdict
When you connect to a WiFi network, the WiFi owner can see your browsing history, searches, downloads, and the apps you’ve used via the WiFi router’s logs — even if you use incognito mode or delete your search history from your device. They can’t see your internet history, downloads, or searches on the WiFi bill, but it will show the devices that accessed the internet and how much data they’ve used.
If you connect to someone else’s WiFi network — public or private — without taking steps to protect your privacy, the WiFi owner or network administrator can technically see all of your online activity.
This includes the web pages you visit and their URLs, your search history, the apps you’ve used, and how much time you spend on each website.
In this guide, we’ll explain what kind of information is visible to WiFi owners via the router’s logs and the WiFi bill. You’ll also learn how to delete or hide your internet activity so you can protect your privacy even on someone else’s WiFi network.
Can the WiFi Owner See The Websites You Visit?
If you connect your device to someone else’s WiFi network, they can see your browsing activity and internet history on that network by checking the WiFi router’s logs.
Most modern WiFi routers collect and store important information that passes through them, called ‘logs’. This can include your device’s IP address, MAC address, the websites you visit, and timestamps of when you visited them.
This information is readily available to the network admin through the router’s admin panel.
Internet history logs (DNS requests) on a WiFi router’s admin panel.
Some routers store more information than others. Different logging features can be switched on or off depending on the ISP, the type of router, and how the router is configured.
WiFi networks with stronger security measures will often store more information about what’s taking place on the network.
For example, misuse analysis software like WireShark and OpenDNS will capture and interpret a more comprehensive range of data. This can include your downloads, which apps you use, and even the content of text messages.
While some routers will be capable of deep packet inspection (DPI), others will simply log your DNS lookups and other web traffic requests.
Home WiFi Routers Versus Corporate WiFi Networks
Different types of WiFi router will store different logs. That means the type of information the WiFi owner can see will depend on the type of WiFi network you’re using.
Home routers — like the ones provided by AT&T or Verizon — are most likely to store a limited set of logs on the WiFi router itself. This usually includes information about the websites you’ve visited (DNS requests), apps you’ve used, timestamps, and devices that you’ve used.
If you connect to someone else’s home WiFi network, they’ll be able to see all of this information about your internet history. The time these logs are kept varies, but they are generally stored for at least several weeks.
In a corporate WiFi environment, these logs may be more detailed, and it’s more likely they would be aggregated and stored on a dedicated logging server.
Free public WiFi networks will vary in terms of the logs they keep and where they store them. However, these present the most direct threat to your online privacy. Often, the WiFi is offered for free because they can store and sell your browsing data to advertisers.
Connecting to anybody else’s WiFi network poses a threat to your privacy. At home, your ISP can see everything you’re doing online, but it will be limited by local data laws and regulations.
On someone else’s network — a neighbor, small business, or employer — you don’t know what they’re logging and how they use that information.
What Information Can WiFi Owners See?
Depending on how the router is configured, the owner of a WiFi network is capable of seeing the following details about your internet history:
- The websites you visit: This includes the domain names of the websites you visit, how much time you spend on each website, and when you visited them. Depending on the type of connection, router, and any other software being used, the owner may also be able to see what you do on each website.
- The apps you use: Most WiFi networks will log your DNS requests, which means the owner can see the apps you use, as well as the websites you visit. They won’t be able to see what you are doing in the apps, but they will know which ones you use.
- Unencrypted messages and images: The owner can see any unencrypted messages, images, or data you send through the network or to a website. This includes emails, social media posts, and other files.
- Your search history: Many WiFi networks keep track of your search history, including what you searched for and when you searched for it.
- Your MAC address: Every device has its own unique Media Access Control (MAC) address, which WiFi owners can also track to identify a device and monitor its activities.
- Your timestamps: WiFi networks can also log the time you connect and disconnect from the network and the duration of your connection.
- Your IP address: The network owner can see all devices connected to their WiFi network, including yours. They can also see your device’s private IP address, which can be used to geolocate and potentially identify you.
As you can see, WiFi admins can potentially collect a huge amount of personal data from an unsecured WiFi network. This data can be stored on the router itself, on a dedicated server, or in the cloud, and can be accessed by the owner at any time.
Does HTTPS Affect What WiFi Admins Can See?
The websites you visit are visible to WiFi network owners because the router logs your DNS (Domain Name Servers) requests. These servers translate a website’s URL into an IP address.
For example, if you visit google.com, your device will first submit a DNS request to find the IP address associated with that domain name. If you are connected to someone else’s WiFi network, they will be able to see this request and know that you are attempting to visit Google.
However, there are some restrictions on how WiFi network owners can view your online activities.
If you’re browsing websites secured by HTTPS (Hypertext Transfer Protocol Secure), the WiFi owner can only see the domain name of the website you visited — not the exact page or its contents.
You can identify websites using HTTPS by looking for the padlock in your browser’s address bar.
Browsing HTTPS websites will improve your privacy to some extent. However, to hide your DNS requests from the network owner, you’ll need to add an additional layer of encryption to your connection.
Can the WiFi Owner See Your Internet History If You Use a VPN?
VPN software is explicitly designed to protect your online privacy by creating an encrypted connection between your device and a remote VPN server.
Thanks to the encrypted VPN tunnel, none of the data sent through your VPN connection can be intercepted or viewed by the network owner. For the same reasons, VPN services also hide your browsing activity from your ISP.
In the image below, we’re using packet-inspection software to analyze our web traffic while connected to Windscribe VPN. As you can see, the VPN’s encryption makes it impossible to see which websites we’d visited.
VPN encryption makes your web traffic indecipherable to any third parties.
If you’re connected to a VPN server, the owner of the WiFi network cannot see your internet history, downloads, searches, or the apps you use — even if you’re browsing websites without HTTPS protection.
All the WiFi owner can see is the amount of data transmitted and that you’re connected to a VPN. They won’t be able to access specific information about your internet history.
Other encryption sources, such as secure messaging apps, can also limit the amount of data visible to WiFi owners.
For instance, if you use WhatsApp, your messages will be encrypted, making it impossible for the WiFi owner to read them.
However, since they can see the DNS (Domain Name System) request, they will know that you’re using WhatsApp and how much data is being transmitted — unless you use a VPN.
Can Someone See Your Search History Through WiFi?
If you’re using a search engine that isn’t protected by HTTPS, the owner of the WiFi network can easily see your search history and any websites you’ve visited.
However, most major search engines like Google, Bing, and Yahoo use an HTTPS connection by default. That means the WiFi owner can see that you’ve visited Google, for example, but not exactly what you’ve searched for.
If you end up clicking a link in the search results, the owner of the WiFi network will be able to see the name of the website you’ve clicked on through the DNS requests stored in the router’s logs — unless you use a VPN.
Does Incognito Mode Hide Your Internet Activity From WiFi Owners?
Browsing in incognito mode will not prevent the owner of a WiFi network from seeing your online activities. Similarly, manually deleting the history from your browser will not delete it from the WiFi router’s logs.
Incognito mode and other private browsing options prevent cookies and other data from being stored on your device. However, they don’t encrypt your data, so it’s still stored on the WiFi router’s logs and is visible to your ISP.
The disclaimer on Google Chrome’s incognito mode.
Google Chrome’s incognito mode disclaimer, pictured above, highlights the fact that local browsing information won’t be stored by your browser when you use incognito mode — but your employer, school, or ISP may still be able to see your activity.
Even Firefox’s Private Mode also clearly states that: “…private browsing does not make you anonymous on the Internet. Your Internet service provider, employer, or the sites themselves can still gather information about pages you visit”.
While Firefox’s private browsing mode may protect you from browser fingerprinting, third-party cookies, and telemetry — making it our choice for the best private browser — it won’t hide your internet activity from WiFi admins.
Can Someone See Your Search History on the WiFi Bill?
WiFi bills do not contain detailed information about your browsing activity or search history. Although the exact contents of a WiFi bill will vary by Internet Service Provider (ISP), most WiFi bills typically include billing details, a summary of the amount of data used, and any applicable charges — not a rundown of all the websites you’ve visited.
While it’s not possible for someone to see your internet history through the WiFi bill, the owner of the WiFi network can still see your browsing history by checking the WiFi router’s logs or using other network monitoring software.
Can Your Employer See Your Browsing History When You’re at Home?
The information your employer can see when you’re working from home depends on a number of factors, including:
- Company policies
- The software you use to connect remotely
- The network setup at your home
- The level of device access granted to the employer
There are three scenarios to consider:
1. The Device and Network Belong to Your Employer
If you are using a device that belongs to your employer, and you’re connecting through a remote access VPN, your employer will almost certainly have access to your browsing history.
This is because they have control over the device and network you’re using. It’s essentially the same as connecting to the WiFi network when physically working on company property.
Your employer may also install monitoring software on your company-owned device or network, which can track and record online activity including your keystrokes, screenshots, and website visits.
2. The Device Belongs to Your Employer, But Not the Network
If you’re using a company device but connecting to your home WiFi network, your employer cannot see your browsing history through the network’s logs or any network-level monitoring software.
However, they may still have monitoring software installed on the device itself, and they may also look at your local browsing history if they have physical access to the device.
3. The Device and Network Belong to You
If you’re working from a personal device and using your own home WiFi network, your employer won’t have access to your browsing history unless you’re connected to the company VPN.
In this case, both your device and the network belong to you, and your employer has permissions for neither.
How To Stop Wifi Owners From Seeing Your Internet History
If you’re using someone else’s WiFi network and you don’t want them to see your online activity, you’ll need to add an additional layer of encryption to your connection. There are three easy ways to do this: use a VPN service, enable DNS-over-HTTPS, or enable HTTPS-only.
1. Use a VPN Service
Using a VPN is the easiest and most effective way to prevent WiFi owners from seeing your internet history. Unlike other methods, VPN software encrypts all of the web traffic leaving your device.
As long as you’re connected to a VPN server, your browsing history, downloads, searches, and the apps you use will be unintelligible to both your ISP and the owner of the WiFi network you’re connected to.
Here’s how to use a VPN:
- Select a VPN Provider. It’s important you choose a VPN with robust encryption, a no-logs policy, and fast speeds. In our tests of over 61 VPNs, ExpressVPN has scored the highest rating for over 8 years.
- Install the VPN to your device. Following the links on your chosen provider’s website, install the VPN application to your device. Most top VPN providers have native apps for computers, smartphones, and tablets.
- Choose a VPN server. Open the VPN application and sign in using your account details. From the home screen, select a server location and click “connect”. This will create an encrypted tunnel between your device and that VPN server.
- Start browsing. As long as you remain connected to the VPN server, the WiFi owner can no longer see your browsing history or any other online activity on that device. Your information will be routed through the VPN’s encrypted tunnel, and will not show in the router’s logs.
In the video below, you can see us connecting to a VPN server and encrypting our web traffic using ExpressVPN:
Changing our IP address and encrypting our internet traffic with ExpressVPN.
Using a VPN also protects you from security risks when using public WiFi networks, and it will also hide your IP address from the websites you visit. It’s a worthwhile investment for anyone looking to keep their internet activity private and secure.
2. Use DNS-Over-HTTPS
DNS traffic isn’t usually encrypted, so it’s vulnerable to eavesdropping and monitoring by your network admin or ISP.
You can avoid this by using DNS over HTTPS, which uses HTTPS encryption to protect your DNS requests.
While encrypted DNS alone will help protect your privacy from the WiFi admin, your ISP will still see your DNS requests if it operates the DNS server.
For this reason, encrypted DNS is best used together with a public DNS server such as CloudFlare’s 1.1.1.1 for maximum privacy benefit.
DNS over HTTPS will encrypt your DNS requests, preventing the router from logging them.
Encrypted DNS is now supported in most operating systems, including iOS, Android, Windows 11, and macOS.
Here’s how to enable it in different browsers:
- Google Chrome: Go to Settings > Privacy & Security > Security > Advanced > Select “Use Secure DNS” > Select “With Cloudflare (1.1.1.1)”.
- Mozilla Firefox: Go to Settings > Privacy & Security > DNS over HTTPS > Select “Max Protection”.
- Microsoft Edge: Go to Settings > Privacy, Search, and Services > Security > Use Secure DNS.
DNS-over-HTTPS will stop your DNS requests from being logged by the WiFi router, but it won’t encrypt any of your other activities.
3. Enable HTTPS-Only
In 2024, the vast majority of websites are secured by HTTPS. This means the WiFi owner can see the names of the websites you’ve visited, but not the specific web pages.
If you visit a HTTP website on someone else’s WiFi network, they’ll technically be able to see everything you do on that website.
To help prevent this, most modern browsers offer a “HTTP-only” setting that will prevent you from accessing websites without HTTPS protection. You’ll find this option in the “security” section of your browser’s settings menu.
Google Chrome’s “HTTPS-Only” setting.
How to Clear the History and Logs on a WiFi Router
The exact method for clearing history and logs on a WiFi router will vary depending on the make and model of your router.
Here are the general steps you can take to clear your WiFi router’s history:
- Log into your router’s admin page. You can usually access this by typing in your router’s IP address (usually found on the back or bottom of the device) into a web browser.
- Navigate to the logs/history section. This can usually be found under “System Tools”, “Advanced Settings”, or a similar section on your router’s admin panel.
- Clear the history/logs. Once you’ve located the router’s network logs, there will be an option to clear them. Click on this to delete the router’s records of past activity on the network.
- Save changes. If possible, make sure to save any changes before exiting the admin page.
Another option is to factory reset your router, which will erase all data and settings on the device. This should only be done as a last resort, as it will reset any other custom settings or configurations you have made on your router.
Every router model will be different, so it’s best to consult your router’s manual or contact the manufacturer for specific instructions.
EXPERT TIP: Clearing the logs on a WiFi router will only delete the records stored on the router itself. Other third parties, such as ISPs or government agencies, may still have access to records of your browsing history and other online activity.
How to Delete Incognito History on Different Devices
Incognito mode prevents your browser from storing any data about your browsing history, cookies, or forms you’ve filled. However, this does remove all records of your activity.
Your DNS cache stores a record of every website you’ve visited, and anyone with access to your device can access that data.
To flush your DNS cache and delete your incognito history on different devices, follow the steps outlined below.
Windows & macOS
Here’s how to clear your device’s DNS cache on Windows:
- Close all Incognito windows.
- Press the Windows key + R and type in “cmd” to open Command Prompt.
- Type in
ipconfig /flushdnsand press Enter to clear your DNS cache. - Type in
ipconfig/displaydnsto view the cached data and ensure it has been cleared.
Here’s how to clear your device’s DNS cache on macOS:
- Close all Incognito windows.
- Go to Applications > Utilities and open Terminal.
- Type in
sudo dscacheutil -flushcache;sudo killall -HUP mDNSResponderand press Enter to clear your DNS cache. If you’re using OS X 10.10.1, 10.10.2, or 10.10.3, you must usesudo discoveryutil udnsflushcaches;sudo discoveryutil mdnsflushcachesinstead. - You’ll be prompted to enter your administrator password before executing the command.
Android & iOS
Here’s how to clear your device’s DNS cache on Android:
- Open Google Chrome.
- Type
chrome://net-internals/#dnsinto the search bar. This will open the Chrome Net Internals page. - Tap on “Clear Host Cache” in the DNS section of the page.
- This will clear your device’s DNS cache.
Here’s how to clear your device’s DNS cache on iOS:
- Go to Settings > Safari > Advanced > Website Data.
- You’ll see a list of all websites that have stored data on your device.
- Tap on “Remove All Website Data”.
Who Else Can Track Your Internet History?
We’ve covered how WiFi owners, schools, and employers can access your browsing history. However, there are a range of other third parties that can see your internet history, including:
Internet Service Providers (ISPs)
Your ISP provides your connection to the internet and all the data that passes through it. This means they can access your browsing history and track your online activity. Exactly how much data your ISP collects depends on the country you are in and their specific privacy policies.
This is true for both home WiFi networks and mobile data networks. If you’re using mobile data, your ISP can technically see everything you do online unless you add a layer of encryption.
In the US, the FTC (Federal Trade Commission) has recently spoken out against big ISPs — such as Comcast, Verizon, AT&T, and Google Fiber — for the amount of customer data they collect, the lack of disclosure about data collection, and the lack of options for consumers to opt-out.
The data collected that the FTC singled out as “troubling” included browsing history and app usage.
Government Agencies
Government agencies or law enforcement may be able to track your internet history. This is often through legal means, such as obtaining a warrant for accessing specific user data from an ISP.
For example, the controversial USA PATRIOT Act has provisions that allow government agencies in the US to access browsing history and other internet activity information without notifying or obtaining permission from the individual being monitored.
Search Engines
Popular search engines like Google track a considerable amount of internet activity through users’ searches and usage of other Google-owned services like Gmail, YouTube, and Google Maps.
Google also uses cookies to track user activity on other websites, which can then be used to target ads and personalize search results. Other popular search engines like Bing and Yahoo also track user activity.
Concern about search engines tracking user data has led to the development of privacy-centric search engines like DuckDuckGo, which claims not to track or store user data.
Social Media Platforms
Social media platforms like Facebook, Twitter, and Instagram collect vast amounts of user data for targeted advertising and other purposes. This can include tracking user browsing history through social media plugins embedded in websites.
