diff --git a/dnscrypt_to_smartdns.py b/dnscrypt_to_smartdns.py
index 1b3a737..c1a3991 100644
--- a/dnscrypt_to_smartdns.py
+++ b/dnscrypt_to_smartdns.py
@@ -1,6 +1,8 @@
 import logging
 import subprocess
-from urllib.request import urlopen
+from http.client import HTTPException
+from urllib.error import URLError
+from urllib.request import urlopen, Request
 
 from dnscrypt import parse, DNSoverHTTPS
 
@@ -55,8 +57,50 @@ def get_not_china_doh_list():
     ))
 
 
-def get_smartdns_config():
+# def build_dns_query(domain, record_type):
+#     # require: dnspython
+#     import dns.message
+#     dnsq = dns.message.make_query(
+#         qname=domain,
+#         rdtype=record_type,
+#         want_dnssec=False,
+#     )
+#     return dnsq
+
+TESTED_URL = set()
+
+
+def doh_tester(hostname, path):
+    # www.google.com A
+    dnsq = b'\xf9\x04\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03www\x06google\x03com\x00\x00\x01\x00\x01'
+    url = 'https://' + hostname + path
+    if url in TESTED_URL:
+        return False
+    request = Request(url, data=dnsq)
+    request.add_header('accept', 'application/dns-message')
+    request.add_header('content-type', 'application/dns-message')
+    try:
+        with urlopen(request, timeout=3) as response:
+            response.read()
+            print('{url}\tok'.format(url=url))
+            TESTED_URL.add(url)
+            return True
+    except (URLError, TimeoutError, ConnectionError, HTTPException) as e:
+        print('{url}\tfailed\t{error}'.format(url=url, error=e))
+        TESTED_URL.add(url)
+        return False
+
+
+def get_final_doh_list():
     stamps = get_not_china_doh_list()
+    return list(filter(
+        lambda x: doh_tester(x.hostname, x.path),
+        stamps
+    ))
+
+
+def get_smartdns_config():
+    stamps = get_final_doh_list()
     lines = set(map(
         lambda x: 'server-https https://' + x.hostname + x.path + ' -group GFW -exclude-default-group',
         stamps