DNS Censorship Check
Added in v4.0.0, the censorship check detects if your ISP is manipulating DNS responses — a common technique used in Iran to block websites.How It Works
The tool resolves each domain through two paths simultaneously:- Your system DNS — whatever resolver your ISP provides
- A trusted DoH resolver — Cloudflare’s 1.1.1.1 over encrypted HTTPS
10.10.34.x).
Results
Each domain is classified as:| Status | Meaning |
|---|---|
| ✅ Clean | Both paths return the same IPs |
| 🔴 Poisoned | ISP returns different IPs than the trusted resolver |
| 🚫 Blocked | Resolution fails entirely or returns a censorship page |
| ⚠️ Error | Could not resolve through either path |
Censorship Mechanism Detection
When poisoning or blocking is detected, the tool also identifies the specific censorship technique being used:| Mechanism | Description | Suggestion |
|---|---|---|
| DNS Injection | Known censorship IPs returned (e.g., 10.10.34.x) | Use encrypted DNS (DoH/DoT proxy) |
| DNS Spoofing | Different IPs returned, but not known censorship IPs | Use encrypted DNS with TLS fragmentation |
| DNS Block | Local resolver dropped or refused the query entirely | Try Smart Proxy with auto-fallback |
| NXDOMAIN Forgery | Resolver returned “no such host” for an existing domain | Use encrypted DNS |
Interactive Mode
From the main menu, select [9] DNS Censorship Check:- Verify specific domains — Enter a domain to check
- Check common blocked sites — Tests a curated list of commonly censored domains (Twitter, YouTube, Telegram, etc.)
CLI Mode
Check a specific domain
Check commonly censored domains
What To Do If Poisoning Is Detected
If you see poisoned or blocked domains, consider:- Use the Smart Proxy —
dns-mns proxystarts an encrypted DNS proxy - Enable TLS fragmentation —
dns-mns proxy --fragment snito bypass DPI - Set encrypted DNS — Use DoH/DoT providers from the menu