diff --git a/app/build.gradle b/app/build.gradle
index 0947ac9b..c4a4782d 100755
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -182,6 +182,7 @@ dependencies {
     leakCanaryImplementation 'com.squareup.leakcanary:leakcanary-android:2.7'
 
     implementation "com.squareup.okhttp3:okhttp:4.9.1"
+    implementation 'com.squareup.okhttp3:okhttp-dnsoverhttps:4.9.1'
     implementation 'com.github.AppIntro:AppIntro:6.0.0'
 
     storeImplementation 'com.google.android.play:core:1.10.0'
diff --git a/app/src/main/java/com/frostnerd/smokescreen/Globals.kt b/app/src/main/java/com/frostnerd/smokescreen/Globals.kt
index 10170423..288f2f1c 100755
--- a/app/src/main/java/com/frostnerd/smokescreen/Globals.kt
+++ b/app/src/main/java/com/frostnerd/smokescreen/Globals.kt
@@ -21,7 +21,11 @@ import com.frostnerd.encrypteddnstunnelproxy.quic.AbstractQuicDnsHandle
 import com.frostnerd.encrypteddnstunnelproxy.quic.QuicUpstreamAddress
 import com.frostnerd.encrypteddnstunnelproxy.tls.AbstractTLSDnsHandle
 import kotlinx.android.synthetic.main.dialog_privacypolicy.view.*
+import okhttp3.HttpUrl.Companion.toHttpUrl
+import okhttp3.OkHttpClient
+import okhttp3.dnsoverhttps.DnsOverHttps
 import okhttp3.internal.toHexString
+import java.net.InetAddress
 import java.util.*
 
 
@@ -138,4 +142,11 @@ fun createQuicEngineIfInstalled(context: Context, quicOnly:Boolean, vararg addre
     return if (QuicEngineImpl.providerInstalled) {
         QuicEngineImpl(context, quicOnly, *addresses)
     } else null
+}
+
+fun okhttpClientWithDoh(): OkHttpClient {
+    val clientForDoh = OkHttpClient()
+    val dns = DnsOverHttps.Builder().client(clientForDoh).url("https://1.1.1.1/dns-query".toHttpUrl())
+        .bootstrapDnsHosts(InetAddress.getByName("1.1.1.1"), InetAddress.getByName("1.0.0.1")).build()
+    return OkHttpClient.Builder().dns(dns).build()
 }
\ No newline at end of file
diff --git a/app/src/main/java/com/frostnerd/smokescreen/SmokeScreen.kt b/app/src/main/java/com/frostnerd/smokescreen/SmokeScreen.kt
index f4bc4daf..38f38b10 100755
--- a/app/src/main/java/com/frostnerd/smokescreen/SmokeScreen.kt
+++ b/app/src/main/java/com/frostnerd/smokescreen/SmokeScreen.kt
@@ -269,7 +269,7 @@ class SmokeScreen : Application() {
             if(configServer.isNotBlank() && configServer.startsWith("http") && !configServer.contains("@")) {
                 log("Dynamically retrieving Sentry DSN from $configServer")
                 val request = Request.Builder().url(configServer).build()
-                OkHttpClient.Builder().build().newCall(request).enqueue(object : Callback {
+                okhttpClientWithDoh().newCall(request).enqueue(object : Callback {
                     override fun onFailure(call: Call, e: IOException) {
                         log("Sentry DSN retrieval failed with error: ${e.message}")
                     }
diff --git a/app/src/main/java/com/frostnerd/smokescreen/service/RuleImportService.kt b/app/src/main/java/com/frostnerd/smokescreen/service/RuleImportService.kt
index a458e2a3..719ce2a0 100644
--- a/app/src/main/java/com/frostnerd/smokescreen/service/RuleImportService.kt
+++ b/app/src/main/java/com/frostnerd/smokescreen/service/RuleImportService.kt
@@ -68,7 +68,7 @@ class RuleImportService : IntentService("RuleImportService") {
     }
 
     private val httpClient by lazy(LazyThreadSafetyMode.NONE) {
-        OkHttpClient()
+        okhttpClientWithDoh()
     }
 
     override fun attachBaseContext(newBase: Context) {