DNS Resolver

Overview

A new set of public DNS resolvers are available at dns.stevenz.net. So far it supports three protocols: DoH, DoT and traditional DNS. The server deployed several blocklists, so use with caution.

Specification


Since the underlying software is AdGuard Home, it has the following features.
Server Address: dns.stevenz.net
Protocols: DoT (853), DoH (443), DoQ (784), Regular DNS (53).
Features: DNSSEC-enabled, ECS-enabled, DNS Filter-enabled.

Filters

  1. AdGuard DNS filter https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
  2. CHN: anti-AD https://anti-ad.net/easylist.txt
  3. OISD – ABP https://abp.oisd.nl/
  4. Online Malicious URL Blocklist https://curben.gitlab.io/malware-filter/urlhaus-filter-agh-online.txt
  5. Peter Lowe’s List https://pgl.yoyo.org/adservers/serverlist.php?hostformat=adblockplus&showintro=1&mimetype=plaintext
  6. Spam404 https://raw.githubusercontent.com/Spam404/lists/master/main-blacklist.txt
  7. The Big List of Hacked Malware Web Sites https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hosts

Network

The servers runs on AdGuard home from Azure + BuyVM, and it’s intended to service visitors from Eastern US.
IPv4: Azure US East + BuyVM Las Vegas
IPv6: BuyVM Las Vegas
To use this service on devices that does not support hostname resolving, obtain IPv4 & IPv6 by resolving dns.stevenz.net first.
Unsure which server you connected to? Simply lookup server.dns.stevenz.net‘s TXT record and see!

Usage

If your device support sdns:// protocol(DNS Stamps), you can use following links:
DNS over TLS
DNS over HTTPS
DNS over QUIC
Otherwise:
DNS over TLS: tls://dns.stevenz.net
DNS over HTTPS: https://dns.stevenz.net/dns-query
Regular DNS: dns.stevenz.net
Private DNS: dns.stevenz.net
Apple: Signed MobileConfig with DoT and DoH

If you wish to install a DoH file for apple systems, you would want to DIY a .mobileconfig file.

Notice

Since the resolvers are public-facing and provided free of charge, the service is provided “AS-IS” without uptime guarantee.
If you are not happy with this fact, you are welcome to host your own servers with AdGuard Home.

In addition, ALL PTR lookups to private facing IP address will be blocked. I have no interest in the network infrastructure of your place.

Custom Blocklists

# Block Private Network PTR
||10.in-addr.arpa^
||16.172.in-addr.arpa^
||17.172.in-addr.arpa^
||18.172.in-addr.arpa^
||19.172.in-addr.arpa^
||20.172.in-addr.arpa^
||21.172.in-addr.arpa^
||22.172.in-addr.arpa^
||23.172.in-addr.arpa^
||24.172.in-addr.arpa^
||25.172.in-addr.arpa^
||26.172.in-addr.arpa^
||27.172.in-addr.arpa^
||28.172.in-addr.arpa^
||29.172.in-addr.arpa^
||30.172.in-addr.arpa^
||31.172.in-addr.arpa^
||168.192.in-addr.arpa^
# Block Special-Use Domain Names
||home.arpa^
||home^
||invalid^
||example^
||local^
||test^
||localhost^

Scroll to Top