Archive.today does not resolve with 1.1.1.1, works fine on other resolvers

MacBook-Pro:~ milk$ dig +short archive.today @1.1.1.1
127.0.0.3
MacBook-Pro:~ milk$ dig +short archive.today @8.8.8.8
185.246.154.96
MacBook-Pro:~ milk$ dig +short archive.today @9.9.9.9
46.45.185.30
MacBook-Pro:~ milk$ dig +short archive.today @185.228.168.9
178.32.222.191
MacBook-Pro:~ milk$ dig +short archive.today @176.103.130.130
51.38.113.224
MacBook-Pro:~ milk$ dig +short archive.today @198.101.242.72
46.45.185.30
MacBook-Pro:~ milk$ dig +short archive.today @208.67.222.222
51.38.113.224
MacBook-Pro:~ milk$ dig +short archive.today @64.6.64.6
46.45.185.30

If I do a recursive query myself I get the IP 185.246.154.96. Are all resolvers except Google’s wrong? What is happening here?

Yes they’re intentionally poisoning their DNS results when queried by a Cloudflare resolver. Apparently they have rejected our stance on privacy and believe that the best way to express that it by returning bogus responses to users who choose to use 1.1.1.1.

2 Likes

More specifically, Cloudflare doesn’t send client-subnet to the archive.today nameserver… in the cases above it may be the DNS resolvers send different levels of client-subnet information to the resolver which is why they get different answers.

All of the answers you are getting are “correct” in that they are the response returned to the DNS server(s) you are using when you make your query.

3 Likes