====== DoT DoH ======
[[https://support.mozilla.org/en-US/kb/canary-domain-use-application-dnsnet|Firefox Canary domain]]. If it returns an IP, DoH will be used
use-application-dns.net
[[https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-servers|Public list of DoH servers]].
===== Google DoH =====
Official [[https://developers.google.com/speed/public-dns/docs/doh|documentation]]
Interactive web page [[https://dns.google|here]]. Add ''-v'' for verbose mode.
curl -H "accept: application/dns-json" "https://dns.google/resolve?name=www.google.com&type=A"
Note: There is also a human-friendly web interface at https://dns.google/. This web app displays JSON results in a browser but does not implement an API; do not confuse its https://dns.google/query? URLs with the two API URLs.
It will return the following
{"Status":0,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"www.google.com.","type":1}],"Answer":[{"name":"www.google.com.","type":1,"TTL":128,"data":"172.217.16.228"}]}
Which breaks out to
{
"Status":0,
"TC":false,
"RD":true,
"RA":true,
"AD":false,
"CD":false,
"Question":
[
{
"name":"www.google.com.",
"type":1
}
],
"Answer":
[
{
"name":"www.google.com.",
"type":1,
"TTL":128,
"data":"172.217.16.228"
}
]
}
===== Cloudflare DoH =====
Add ''-v'' for verbose mode.
curl -H "accept: application/dns-json" "https://cloudflare-dns.com/dns-query?name=www.google.com&type=A"
Response is the same as for Google (above) but doesn't have the extra . at the end of the domains.
===== Quad9 DoH =====
curl -H "accept: application/dns-json" "https://dns.quad9.net/dns-query?name=www.google.com&type=A"
===== Infoblox B1TD DoH =====
Following RFC, the endpoint should receive a base64 encoded HTTP friendly DNS packed.
https://f11a1d22-ebec-2222-1111-52992759684b.doh.threatdefense.infoblox.com/dns-query?dns=AAABAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB
Test with dog
dog lookup.dog -H @https://f11a1d22-ebec-2222-1111-52992759684b.doh.threatdefense.infoblox.com/dns-query