A hobby Adblock DNS project with DoH, DoT, DoQ, DNSCryptv2 support.

You are not using Blahdns !!!

Announcements

No logs | No EDNS Client-Subnet | OpenNIC support | Ethereum Name Service | DNSSEC ready | Yggdrasil | Filtered ads, trackers, malware, prevent CNAME Cloacking


Our servers

Switzerland ๐Ÿ‡จ๐Ÿ‡ญ

DNS-over-HTTPS

IPv4-stamp:

IPv6-stamp:

DNS-over-TLS

IP address:
45.91.92.121
2a0e:dc0:6:23::2

tls_auth_name:
port: 853, 443 (Strict SNI, without SNI will drop)

DNSCrypt v2

port: 8443

IPv4 - DNSStamp:

IPv6 - DNSStamp:


Japan ๐Ÿ‡ฏ๐Ÿ‡ต

DNS over QUIC

quic://dot-jp.blahdns.com:784

DNS-over-HTTPS

https://doh-jp.blahdns.com/dns-query

IPv4-stamp:

sdns://AgMAAAAAAAAADjEzOS4xNjIuMTEyLjQ3ABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ

IPv6-stamp:

sdns://AgMAAAAAAAAAIFsyNDAwOjg5MDI6OmYwM2M6OTJmZjpmZTI3OjM0NGJdABJkb2gtanAuYmxhaGRucy5jb20KL2Rucy1xdWVyeQ

DNS-over-TLS

IP address:
139.162.112.47
2400:8902::f03c:92ff:fe27:344b

tls_auth_name: dot-jp.blahdns.com | port: 853, 443 (Strict SNI, without SNI will drop)

DNSCrypt v2

port: 8443

IPv4 - DNSStamp:

sdns://AQMAAAAAAAAAEzEzOS4xNjIuMTEyLjQ3Ojg0NDMghROpa8Tgg0uVDWO1AujT4tVNBJZrJgKTNOkHHboj_CsbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t

IPv6 - DNSStamp:

sdns://AQMAAAAAAAAAJVsyNDAwOjg5MDI6OmYwM2M6OTJmZjpmZTI3OjM0NGJdOjg0NDMghROpa8Tgg0uVDWO1AujT4tVNBJZrJgKTNOkHHboj_CsbMi5kbnNjcnlwdC1jZXJ0LmJsYWhkbnMuY29t


Singapore ๐Ÿ‡ธ๐Ÿ‡ฌ

DNS over QUIC

quic://dot-sg.blahdns.com:784

DNS-over-HTTPS

IPv4-stamp:

IPv6-stamp:

DNS-over-TLS

IP address:
192.53.175.149
2400:8901::f03c:92ff:fe27:870a

tls_auth_name:
port: 853, 443 (Strict SNI, without SNI will drop)

DNSCrypt v2

port: 8443

IPv4 - DNSStamp:

IPv6 - DNSStamp:


Germany ๐Ÿ‡ฉ๐Ÿ‡ช

DNS over QUIC

quic://dot-de.blahdns.com:784

DNS-over-HTTPS

IPv4-stamp:

IPv6-stamp:

DNS-over-TLS

IP address:
78.46.244.143
2a01:4f8:c17:ec67::1

tls_auth_name:
port: 853, 443 (Strict SNI, without SNI will drop)

DNSCrypt v2

port: 8443

IPv4 - DNSStamp:

IPv6 - DNSStamp:

Finland ๐Ÿ‡ซ๐Ÿ‡ฎ

DNS over QUIC

quic://dot-fi.blahdns.com:784

DNS-over-HTTPS

IPv4-stamp:

IPv6-stamp:

DNS-over-TLS

IP address:
95.216.212.177
2a01:4f9:c010:43ce::1

tls_auth_name:
port: 853, 443 (Strict SNI, without SNI will drop)

DNSCrypt v2

port: 8443

IPv4 - DNSStamp:

IPv6 - DNSStamp:

News

Thanks to these great projects, Blahdns was born.
1. knot-resolver: Go
2. Dnsdist: Go
3. HAProxy: Go
4. dns-over-https: Go


Useful tools
0. DNS leaks check Mullavad btnCheck
1. DNSSEC validation: Go
2. Internet.nl: Go
3. DNSSEC resolver algorithm test: Go
4. Cloudflare tools: Go | Go
5. Check my DNS: Go
6. DNS randomness: Go
7. DNS Spoofability test: Go
8. DNSTrace: Go
9. Threats search: Go
10. Whoer.net Go
11. EDNS test Go
12. Cloudflare SNI Test Go .. You should have DNSSEC + TLS1.3 section in Green color.
13. DNS Check Go

Browser or Device privacy leaks test
1. Browserleaks: Go
2. Device leak: Go
3. Creepy JS: Go
4. Webbkoll: Go
5. Hardenize Report: Go
6. STARTTLS check: Go
7. SSL Test: Go
8. DKIM, SPF, SpamAssassin Email Validator Go
9. LiquidWeb (DNS) Go
10. BunnyCDN Diagnostic report Go

DNS over HTTPS (DoH)
DNS over HTTPS is a new protocol designed to encrypt and secure DNS traffic over HTTPS.
It prevents DNS hijacking and ISPs from sniffing your traffic.
You can use will Infra on Android Phone, Mozilla firefox nightly, Chrome coming soon.
DNSCrypt v2 client does support DoH, see dnscrypt configuration example on Windows, macOS, iOS (DNSCloak)

Encrypted DNS - DNS over TLS
DNS over TLS support is available on all our services through port 853 (standard port, some service may support 443).
DNS over TLS encrypts and authenticates all your DNS traffic to protect your privacy and prevent DNS hijacking and sniffing.
Client software: Stubby | Unbound
How to get SPKI
Be sure you already install package apt install gnutls-bin
gnutls-cli --print-cert -p 853 dot-jp.blahdns.com | grep "pin-sha256" | head -1
OR kdig -d @dot-jp.blahdns.com +tls-ca +tls-host=dot-jp.blahdns.com blahdns.com
TLS1.3 support check
openssl s_client -connect dot-jp.blahdns.com:853
Will return message: New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 2048 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok) --- --- Post-Handshake New Session Ticket arrived: SSL-Session: Protocol : TLSv1.3 Cipher : TLS_AES_256_GCM_SHA384 For troubleshooting go HERE

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

Each device connected to the Internet has a unique IP address which other machines use to find the device. DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

FAQ

  • How to fix Chrome on Android phone leaking DNS, check HERE
  • Supported TLS v1.3, 1.2
  • We drop ANY type.
  • Why you building this porject? I started this project around 2016. During that time, with my private dns, I need an easy way to filter ads and tracker, so I rent a server and learn how to achive this.
  • Why you dont like huge traffic? I'm still a student. and I run this service with my pocket money and spare time. Just as a hobby to learn somehting new. buying big server or Anti-DDOS service will cost lot.

DNSSEC validation: https://dnssec.vs.uni-due.de

curl -H 'content-type: application/dns-message' -vL -v 'https://doh-jp.blahdns.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB' | hexdump -C

kdig example.org @dot-jp.blahdns.com +tls -p 853

Do Blahdns block CNAME Cloacking? Yes, click here to read more.

We do block Sentry, Rollbar, Bugsnag --

  • Bugsnag
  • Sentry CDN Javascript
    • Thanks for dt ans*** for 12 USD
    • Thanks for Andries Louw XXXX for 1000 TWD
    • Thanks for Andries Lou*** for 807 TWD
    • Thanks for Yann Fa*** for 25 USD(LTC)
    • Thanks for Daniel De*** for 10 USD
    • Thanks for Christoph Be*** for 5 USD
    • Thanks for Etienne Gu*** for 30 EUR
    • Thanks for Michael Ka*** for 3.33 EUR
    • Thanks for Adam Sr*** for 13 USD
    • Thanks for Tobiax R*** for 5 EUR
    • Thanks for Pekka de G*** for 15 USD
    • Thanks for Loren Pe*** for 3 USD
    • Thanks for Adam S*** for 2 USD
    • Thanks for Slawomir M*** for 5 USD
    • Thanks for Giuseppe Ma*** for 5 USD
    • Thanks for Austin Sa*** for 25 USD
    • Thanks for Jonni Rau*** for 25 USD
    • Thanks for Regin Ja*** for 50 EUR
    • Thanks for Kristian Ny*** Jen*** for 5 USD and 10 EUR
    • Thanks for Martin Lohr*** for 10 EUR
    • Thanks for Ferdinand Mu*** for 3 USD
    • Thanks for Mars*** for 5 USD
    • Thanks for Lawerence Le*** for 20 AUD
    • Thanks for ๅ„ชๆจน*** for 3 USD
    • Thanks for Ardi Ka*** for 5 SGD
    • Thanks for Kung J*** for 3 USD
    • Thanks for Braian Kap*** for 9 USD
    • Thanks for Lorenzo O*** for 20 USD
    • Thanks for Felix Hung*** for 3 USD
    • Thanks for Marco G*** for 10 USD
    • Thanks for mik*** for 10 EUR
    • Thanks for Tim *** for 20 TWD