Sign in Subscribe

DNS over HTTPS (DoH) Servers

DTM

1 min read

I recently conducted some research into DNS over HTTPS (DoH) that is documented here. When it came to identifying any publically available DoH servers available on the Internet I found the best resource to be the curl wiki page to be the best place to start and is probably the most well maintained resource.

I found a few more so I have merged them into the below list and also put together a simple script to do a test GET query against each resolver.

Below is the list of potential endpoints:

  • dns.google.com
  • cloudflare-dns.com
  • 1.1.1.1
  • mozilla.cloudflare-dns.com
  • dns9.quad9.net
  • dns10.quad9.net
  • dns.quad9.net
  • doh.cleanbrowsing.org
  • dns.dnsoverhttps.net
  • doh.crypto.sx
  • doh.powerdns.org
  • doh.securedns.eu
  • doh.ibr.cs.tu-bs.de
  • doh.eieidns.com
  • doh.blahdns.com
  • doh.de.blahdns.com
  • doh.defaultroutes.de
  • doh.bugdns.com
  • doh.datt.pw
  • doh.ntu.ssooss.win
  • dns.dnsoverhttps.net
  • dns.dns-over-https.com
  • dns.rubyfish.cn
  • doh.qis.io
  • public.dns.iij.jp
  • dns.nextdns.io
  • dns.switch.ch
  • jp.tiar.app

The test script is available at the below URL: https://gist.github.com/dtmsecurity/a849e985e6a0b61aeb54890ebcfa55eb

If you run the script you will see that a small number resolvers do not support GET style queries.

Sign up for more like this.

Enter your email
Subscribe
For informational and educational purposes only.

"Sometimes, hacking is just someone spending more time on something than anyone else might reasonably expect." @JGamblin