Yes they’re intentionally poisoning their DNS results when queried by a Cloudflare resolver. Apparently they have rejected our stance on privacy and believe that the best way to express that it by returning bogus responses to users who choose to use 1.1.1.1.
More specifically, Cloudflare doesn’t send client-subnet to the archive.today nameserver… in the cases above it may be the DNS resolvers send different levels of client-subnet information to the resolver which is why they get different answers.
All of the answers you are getting are “correct” in that they are the response returned to the DNS server(s) you are using when you make your query.
Yesterday it seemed to be working in Latvia for me. https://www.digwebinterface.com also showed me the correct IP with Cloudflare. Today it seems to be poisoned again. I noticed that the behaviour has changed though. First the domains archive.today, archive.is, archive.li and archive.fo returned the IPs 127.0.0.1, 127.0.0.2. 127.0.0.3 and 127.0.0.4. Now, they all seem to return 127.0.0.3 – including archive.vn, archive.md and archive.ph when queried over 1.1.1.1.
So the IETF standard that they’re asking you to implement where, IIRC, you provide only the /24 (subnet) is unreasonable from a privacy standpoint? Please explain in a little more detail. Is there a compromise solution where at least the IP info is accurate to a continent or country level? That seems to be all they need.
I use their sites often and I’m having to turn off my use of Cloudflare for DNS resolutions. Again.
I had done it before, months ago.
I just re- installed your iOS app, having forgotten for a moment why I had uninstalled it, Ran into the roadblock again and have turned it off again. Not happy.