Starting with version 9 (Pie), Android includes support for DNS over TLS (encrypted DNS lookups) which can be easily enabled in the Android settings, without requiring a 3rd party app.

To enable it:

1. Open Settings > Network & Internet > Advanced > Private DNS

2. Enter the private DNS service you would like to use. We recommend the following:

   • 1dot1dot1dot1.cloudflare-dns.com - belongs to Cloudflare, has very good latency
   • dns.quad9.net - belongs to quad9.net, has very good latency and includes filtering of malicious hosts by default, helping against malware

Save the settings and check at https://ipx.ac/run if you are using the correct DNS servers.