No logs | No EDNS Client-Subnet | OpenNIC support | Ethereum Name Service | DNSSEC ready | Yggdrasil | Filtered ads, trackers, malware, prevent CNAME Cloacking
IPv4-stamp:
IPv6-stamp:
IP address:
45.91.92.121
2a0e:dc0:6:23::2
tls_auth_name:
port: 853, 443 (Strict
SNI, without SNI will drop)
IPv4 - DNSStamp:
IPv6 - DNSStamp:
IPv4-stamp:
IPv6-stamp:
IP address:
212.52.0.122
2406:ef80:4:1537::1
tls_auth_name:
port: 853, 443 (Strict
SNI, without SNI will drop)
IPv4 - DNSStamp:
IPv6 - DNSStamp:
quic://dot-sg.blahdns.com:784
IPv4-stamp:
IPv6-stamp:
IP address:
103.167.150.45
2406:ef80:2:5ee4::1
tls_auth_name:
port: 853, 443 (Strict
SNI, without SNI will drop)
IPv4 - DNSStamp:
IPv6 - DNSStamp:
quic://dot-de.blahdns.com:784
IPv4-stamp:
IPv6-stamp:
IP address:
78.46.244.143
2a01:4f8:c17:ec67::1
tls_auth_name:
port: 853, 443 (Strict
SNI, without SNI will drop)
IPv4 - DNSStamp:
IPv6 - DNSStamp:
quic://dot-fi.blahdns.com:784
IPv4-stamp:
IPv6-stamp:
IP address:
95.216.212.177
2a01:4f9:c010:43ce::1
tls_auth_name:
port: 853, 443
(Strict
SNI, without SNI will drop)
IPv4 - DNSStamp:
IPv6 - DNSStamp:
DNS over HTTPS (DoH)
DNS over HTTPS is a new protocol designed to encrypt and secure DNS traffic over HTTPS.
It prevents DNS hijacking and ISPs from sniffing your traffic.
You can use will Infra on Android Phone, Mozilla firefox nightly, Chrome coming soon.
DNSCrypt v2 client does support DoH, see dnscrypt configuration
example on Windows, macOS, iOS (DNSCloak)
Encrypted DNS - DNS over TLS
DNS over TLS support is available on all our services through port 853 (standard port, some service
may
support 443).
DNS over TLS encrypts and authenticates all your DNS traffic to protect your privacy and prevent DNS
hijacking and sniffing.
Client software: Stubby
| Unbound
The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).
DNS over HTTP/3 Udp over QUIC protocol
docker run -it --rm ymuski/curl-http3 curl --http3 -H 'accept: application/dns-message' -v 'https://doh-fi.blahdns.com/dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
Curl Dns-over-HTTPS TCP HTTP/2
curl -H 'content-type: application/dns-message' -vL -v
'https://doh-jp.blahdns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C
kdig DNS over TLS
kdig example.org @dot-jp.blahdns.com +tls -p 443
kdig @doh-jp.blahdns.com +https=doh-jp.blahdns.com/dns-query example.com.
kdig @doh-jp.blahdns.com +https=doh-jp.blahdns.com/dns-query +https-get example.com.
kdig -d @dot-jp.blahdns.com +tls-ca +tls-host=dot-jp.blahdns.com example.com.
Do Blahdns block CNAME Cloacking? Yes, click here to read more.
Method 1
Be sure you already install package apt install gnutls-bin
gnutls-cli --print-cert -p 853 dot-jp.blahdns.com | grep "pin-sha256" | head -1
Method 2
kdig -d @dot-jp.blahdns.com +tls-ca +tls-host=dot-jp.blahdns.com blahdns.com