this is DNS so the capabilities are only changing the backend IP to another one *with a valid TLS cert*
Discussion
or actually nvm, another way this could work is a *transparent* TLS proxy so it's basically VPN-lite
that is probably it. it gives you a fake IP for the server, that exits to the real server from a "good" location
No, you lost it again 😂
Verification services are mostly contracted external services.
NextDNS simply blocks the verification site and returns a "I've passed my age verification test" back to the target site.
This is why it only works when sites sub-contract their age verification service, which tbf, most do.
Yep, that’s it.
Similar to Pi-hole DNS, but with a bit more intelligence.