Skip to content

curl⚓︎

Bypass DNS lookups⚓︎

In curl 7.21.3+ you can specify the IP address for any host and port pair, bypassing any DNS lookups. For each host:port pair you want to override you specify --resolve <host:port:address>, where a ‘*’ wildcard as the host will resolve all DNS to the specified IP.

Bash
1
2
3
4
5
# specify google.com as 1.1.1.1 (CloudFlare)
curl --resolve google.com:443:1.1.1.1 -k https://google.com

# specify all domains as 1.1.1.1 (CloudFlare)
curl --resolve *:443:1.1.1.1 -k https://google.com

Swap one domain with another⚓︎

Similar to the --resolve option, in curl 7.49.0+ the --connect-to option works with DNS names. This is more suited to use with load balances or clusters where you want to send all traffic to a specific server. For each request to host1:port you connect to host2:port instead. To accomplish this, you specify --connect-to <host1:port:host2:port>, where you can leave an empty host and port to redirect all connections to a specific system.

Bash
1
2
3
4
5
# specify any requests to google.com:443 go to one.one.one.one:443
curl --connect-to google.com:443:one.one.one.one:443 -k https://google.com

# specify all requests to any domain go to one.one.one.one:443
curl --connect-to ::one.one.one.one:443 -k https://google.com

Host header⚓︎

While you can specify the Host: header to accomplish similar requests as the above methods, it doesn’t play as well with TLS and SNI.

Bash
1
curl -H "Host: one.one.one.one" http://1.1.1.1

Additional Resources⚓︎