DNSBUNKER is a hardened, privacy-first DNS resolver located in Germany. Designed to block ads, malware, and surveillance - with zero logs, zero compromise.
Encrypted Protocols
How to Use on Your Device
Go to Settings > Network & Internet > Advanced > Private DNS
Set the hostname to: dnsbunker.org
Uses DNS over TLS (DoT)
Use a tool like YogaDNS to configure encrypted DNS.
DoH endpoint: https://dnsbunker.org/dns-query
Supports DoH, DoH3, DoT, and DoQ
Configure using tools like systemd-resolved, stubby, dnscrypt-proxy
Supports DoH, DoT, and DoQ
Example for systemd-resolved: DNS=152.53.254.199#dnsbunker.org
Set the upstream DNS resolver:
DoT: dnsbunker.org
DoH: https://dnsbunker.org/dns-query
DNS Leak Protection
A DNS leak can expose your DNS traffic to your ISP or third parties, even if you're using an encrypted resolver.
Use one of these free tools to confirm that all DNS queries are going through DNSBunker:
DNS Nameserver Spoofability Test:
152.53.207.191
2a00:11c0:5f:362c::
If you see any other IPs in the test results, your device or network might be leaking DNS through fallback resolvers or your ISP.
DNS Evasion Prevention
Be advised:DNSBunker is actively blocking third-party encrypted DNS (DoH, DoH3, DoT, etc.) in order to prevent fallback from hardcoded DNS settings. This measure is in place to ensure the security and integrity of the DNS resolution process, and to prevent unauthorized or unintended redirection of traffic. Endpoints attempting to bypass DNSBunker’s settings using third-party encrypted DNS services will not be able to establish a connection through fallback methods.
Filter Intelligence
Only following Filters are in use:Did you encounter breakage? Does something not work? Or did you find something which should be blocked?
Please report any issues to Hagezi's repository!
Click here to report!