dnscrypt-proxy actually uses 1.0.0.1 and dns[.]cloudflare[.]com; I don’t know what other clients do. But the point is that SNI leaks that fact that you are trying to use DoH, so the connection can be reset.
-
-
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Is this why they're plugging ESNI in their blogs?
-
Doesn’t ESNI already require a secure DNS connection to be established?
- 2 more replies
New conversation -
-
-
Use https:\\1[.]1[.]1[.]1 doesn’t help either. The IP is visible in the SNI information sent by your client.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.