I noticed that Quad 9 is not able to respond to the spy.pet
query:
$ dig spy.pet @9.9.9.9 +short
;; communications error to 9.9.9.9#53: timed out
But Cloudflare DNS is able to do it:
$ dig spy.pet @1.1.1.1 +short
104.26.0.165
104.26.1.165
172.67.74.73
And to be sure, I checked another domain with the same TLD to rule out the option that Quad9 is unable to handle the .pet
TLD, but I received a correct answer…
$ dig hello.pet @9.9.9.9 +short
3.64.163.50
Does Quad9 censor DNS queries?
You are using, this option (9.9.9.9):
Recommended: Malware Blocking, DNSSEC Validation (this is the most typical configuration)
You can disable it, by setting the 9.9.9.10 IP:
Unsecured: No Malware blocking, no DNSSEC validation (for experts only!)
Why would they pair dnssec with a mandatory blocklist
Because that’s their thing. That’s the first thing that’s right in your face when you open their website. It’s like asking why AdGuard or even PiHole block DNS results.
I see
spy.net harvested Discord data. Quad9 is probably not amused. https://en.wikipedia.org/wiki/Quad9#Security_and_privacy
Okay. I figured it out.
9.9.9.9
has something they call Threat Blocking. I need to use 9.9.9.10 to keep using their DNS without Threat Blocking.But why are they blocking it?
Because it is a website created by a Kiwifarm transphobic individual who is scalping data from discord and selling access under the disguise of “seeing what your friends are up to” when in reality it is used to harass people.
Yo is this whole post a self-report?