List of DNS over HTTPS resolvers on the internet

The DoH Internet Servers dataset comprises a verified list of Internet servers offering DNS over HTTPS (DoH) service. The list was created by active scanning of the IPv4 address space. The scanning was done two times in April 2021 and in January 2022. Together, the list contains 1987 different IP addresses with their reverse DNS record (if available), supported DoH method, and TLS 1.3 support. 

The scanning was done in three phases:

1. We scanned the IPv4 address space for opened port 443 using masscan. 
2. IP addresses found in the previous step were scanned for DoH support using a custom Nmap-NSE script.
3. The IP addresses found in previous steps were reached by a slower python script that also validated responses, obtained domain names.

Scanning limitation: The main limitation of our scanning was that it could not find DoH resolvers hosted on infrastructures hosting multiple services behind a single IP address. In such cases, an SNI, or HTTP Host header, or HTTP/2 :authority header is needed for a successful request. Since we did not have the SNI, it was impossible to provide it. 

Used Scripts:

NMap: https://github.com/cejkato2/dns-doh.nse
Python: https://github.com/hynekkar/DoH-Checker