A simple tool to check whether your website is blocked in Indonesia or not. Try it now at indiwtf.com

Secure and fast DoH Servers for Intra App to protect your privacy online

Keep your online activity private with our secure and fast DNS service.

Get Started DNS for Family

Available on all devices and networks.

Liputan6 logo

Using DNS over TLS

We provide DNS over TLS support on standard port 853. To start using PureDNS with DNS over TLS, you can use the following address.

puredns.org

Learn how to configure DNS over TLS on your device with the setup guide below.

Using DNS over HTTPS

DNS over HTTPS support is available on standard port 443. Our DoH servers support HTTP/2 for fast lookup results and to avoid blocking from ISPs.

https://puredns.org/dns-query

Using DNS over QUIC

DNS over QUIC is known to be much faster than DNS over TLS, and is now available under port 853/UDP.

To use PureDNS with DoQ, you may want to use a client like AdGuard Home or dnsproxy.

quic://puredns.org

Using DNS over Tor

We support DNS over Tor so that users are able to query domains anonymously. Now available at

purednsxr4shjkobosrqf7qebwzch3e4ignfr4beq34ngr4nkp2z32id.onion

To use the PureDNS Hidden Resolver service please refer to setup guide below.

Using DNSCrypt

PureDNS can be used with DNSCrypt as a client by using DNS Stamps. Use the following DNS stamp in your DNSCrypt configuration.

sdns://AgcAAAAAAAAAAAALcHVyZWRucy5vcmcKL2Rucy1xdWVyeQ

You can verify the DNS stamp above using this tool provided by the official DNSCrypt team.

Using Plain DNS

While we don't recommend using unencrypted DNS (standard port 53) for your personal internet, there are some of us who want this support as part of their implementation; like using PureDNS on Routers. Use the IP addresses below to start using PureDNS.

For IPv4
3.0.86.126
3.1.94.218
For IPv6
2406:da18:ce3:9803:7106:3bbb:f9df:c955
2406:da18:ce3:9801:6aa2:5634:9873:71fe

Private DNS

Requires Android 9 or higher
  1. Go to SettingsNetwork & internetAdvancedPrivate DNS.
  2. Select the Private DNS provider hostname option.
  3. Enter puredns.org and click Save.

Intra

Get Intra app on the Google Play

  1. Install Intra app from the Play Store.
  2. Go to SettingsDNS over HTTPS ServerCustom server URL.
  3. Enter https://puredns.org/dns-query and click Accept.

iOS and iPadOS

Requires iOS/iPadOS 14 or higher.
  1. Download our Apple Configuration Profile to enable Encrypted DNS feature.
  2. You can download configuration for DoH and/or DoT.
  3. Go to Settings → General → VPN & Device Mangement
  4. Tap the Downloaded Profile.
  5. Tap Install in the upper-right corner, then follow the onscreen instructions.

Knot Resolver

  1. Install Knot Resolver.
  2. Use the following in /etc/knot-resolver/kresd.conf:
policy.add(policy.all(policy.TLS_FORWARD({
  {'3.0.86.126', hostname='puredns.org'},
  {'3.1.94.218', hostname='puredns.org'},
  {'2406:da18:ce3:9803:7106:3bbb:f9df:c955', hostname='puredns.org'},
  {'2406:da18:ce3:9801:6aa2:5634:9873:71fe', hostname='puredns.org'}
})))

Stubby

  1. Install Stubby.
  2. Use the following in stubby.yml:
round_robin_upstreams: 1
  upstream_recursive_servers:
  - address_data: 3.0.86.126
  tls_auth_name: "puredns.org"
  - address_data: 3.1.94.218
  tls_auth_name: "puredns.org"
  - address_data: 2406:da18:ce3:9803:7106:3bbb:f9df:c955
  tls_auth_name: "puredns.org"
  - address_data: 2406:da18:ce3:9801:6aa2:5634:9873:71fe
  tls_auth_name: "puredns.org"

Unbound

  1. Install Unbound.
  2. Use the following in unbound.conf:
forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 3.0.86.126#puredns.org
  forward-addr: 3.1.94.218#puredns.org
  forward-addr: 2406:da18:ce3:9803:7106:3bbb:f9df:c955#puredns.org
  forward-addr: 2406:da18:ce3:9801:6aa2:5634:9873:71fe#puredns.org

DNSCrypt

  1. Install DNSCrypt.
  2. Use the following in dnscrypt-proxy.toml:
server_names = ['PureDNS']

[static]
  [static.'PureDNS']
  stamp = 'sdns://AgcAAAAAAAAAAAALcHVyZWRucy5vcmcKL2Rucy1xdWVyeQ'

cloudflared

  1. Install cloudflared.
  2. Use the following in /usr/local/etc/cloudflared/config.yml:
proxy-dns: true
proxy-dns-upstream:
  - https://puredns.org/dns-query

DNS over HTTPS

Windows 11
  1. Open the Settings app.
  2. Go to Network & internet.
  3. Click on Wi-Fi (or Ethernet).
  4. Click on Hardware properties, or ignore this step if you clicked on Ethernet.
  5. Click the Edit button next to DNS server assignment.
  6. Select Manual.
  7. Enable IPv4.
  8. Enter 3.0.86.126 as Preferred DNS, then select On (manual template) and enter https://puredns.org/dns-query
  9. Enter 3.1.94.218 as Alternate DNS, then select On (manual template) and enter https://puredns.org/dns-query
  10. Click Save.

YogaDNS

  1. Install YogaDNS.
  2. Go to ConfigurationDNS ServersAdd.
  3. Enter PureDNS in the User friendly name.
  4. For Protocol you can select DNS over HTTPS.
  5. Specify the URL with https://puredns.org/dns-query.
  6. Click Check to quickly test the server and click OK.

See more details on how to configure YogaDNS.

macOS

Requires macOS Big Sur or newer.
  1. Download our Apple Configuration Profile to enable Encrypted DNS feature.
  2. You can download configuration for DoH and/or DoT.
  3. Open the downloaded .mobileconfig file.
  4. Open System Preferences.
  5. Go to Profiles.
  6. Click Install.

Google Chrome

  1. Go to Settings.
  2. In the Privacy and security section, click on Security.
  3. In the Advanced section, enable Use secure DNS.
  4. Select With: Custom, then enter https://puredns.org/dns-query.

Firefox

  1. Open Preferences.
  2. Scroll down to the Network Settings section and click on Settings.
  3. Scroll down and check Enable DNS over HTTPS.
  4. Select Custom, enter https://puredns.org/dns-query and click OK.

Microsoft Edge

  1. Open Settings.
  2. Go to the Privacy, search, and services section.
  3. Under Security, enable Use secure DNS to specify how to lookup the network address for websites.
  4. Select Choose a service provider, then enter https://puredns.org/dns-query.

Brave

  1. Open Settings.
  2. In the Privacy and security section (under Additional settings), go to Security.
  3. In the Advanced section, enable Use secure DNS.
  4. Select With: Custom, then enter https://puredns.org/dns-query.

IPv4 & IPv6

  1. Sign in to your router's web-based administration, usually at the following address: http://192.168.1.1.
  2. Find the DNS settings inside the interface.
  3. Change addresses (if any), with IPv4:

    3.0.86.126
    3.1.94.218

    or with IPv6 use addresses below:

    2406:da18:ce3:9803:7106:3bbb:f9df:c955
    2406:da18:ce3:9801:6aa2:5634:9873:71fe
  4. Click Save (or similar).

pfSense

  1. Navigate to ServicesDNS Resolver and on the tab General Settings scroll down to the Custom Options box.
  2. Enter the following lines:
forward-zone:
  name: "."
  forward-tls-upstream: yes
  forward-addr: 3.0.86.126#puredns.org
  forward-addr: 3.1.94.218#puredns.org
  forward-addr: 2406:da18:ce3:9803:7106:3bbb:f9df:c955#puredns.org
  forward-addr: 2406:da18:ce3:9801:6aa2:5634:9873:71fe#puredns.org

MikroTik

Run the following:

/tool fetch url=https://curl.se/ca/cacert.pem
/certificate import file-name=cacert.pem
/ip dns set servers=
/ip dns static add name=puredns.org address=3.0.86.126 type=A
/ip dns static add name=puredns.org address=3.1.94.218 type=A
/ip dns static add name=puredns.org address=2406:da18:ce3:9803:7106:3bbb:f9df:c955 type=AAAA
/ip dns static add name=puredns.org address=2406:da18:ce3:9801:6aa2:5634:9873:71fe type=AAAA
/ip dns set use-doh-server="https://puredns.org/dns-query" verify-doh-cert=yes

DNS over TLS

Tor usually runs on port 9050 by default. To use our hidden resolver, we recommend using the socat command.

PORT=853; socat TCP4-LISTEN:${PORT},reuseaddr,fork SOCKS4A:127.0.0.1:purednsxr4shjkobosrqf7qebwzch3e4ignfr4beq34ngr4nkp2z32id.onion:${PORT},socksport=9050

Now you can try to test it by sending a query using the kdig command.

kdig -d +tls +tls-hostname=puredns.org @127.0.0.1 -p 853 puredns.org