dog supports the new DoH (DNS-over-HTTPS) transport system. Queries using DoH will be sent over port 443, the standard HTTPS port, by default.

The purpose of sending DNS queries over HTTPS is, like DNS-over-TLS, to prevent eavesdropping or modification of the query or response as it travels across the public Internet. By using the same port and protocol as the HTTPS traffic used for the Web, DNS traffic can blend in, and avoid being detected or blocked.

To send queries over HTTPS, pass the -H or --https command-line option.

dog example.com --https @https://cloudflare-dns.com/dns-query


Unlike the other transport types, the HTTPS protocol requires an entire URL, complete with path and protocol, as the nameserver.

Note: looking up the IP address of the nameserver is performed by your OS, not by dog.