Awsstatic.com domain being blocked

Anyone else having trouble on aws documentation websites when using the new 1.1.1.2 / 1.0.0.2 DNS resolvers for malware blocking? Looks like AWS is serving their site styling via these domains and they’re being blocked

> C:\Users\>nslookup a0.awsstatic.com 1.0.0.1
> Server:  one.one.one.one
> Address:  1.0.0.1
> 
> Non-authoritative answer:
> Name:    a0.awsstatic.com
> Address:  13.224.0.153
> 
> 
> C:\Users\>nslookup a0.awsstatic.com 1.1.1.1
> Server:  one.one.one.one
> Address:  1.1.1.1
> 
> Non-authoritative answer:
> Name:    a0.awsstatic.com
> Address:  13.224.0.153
> 
> 
> C:\Users\>nslookup a0.awsstatic.com 1.1.1.2
> Server:  UnKnown
> Address:  1.1.1.2
> 
> Non-authoritative answer:
> Name:    a0.awsstatic.com
> Addresses:  ::
>           0.0.0.0
> 
> 
> C:\Users\>nslookup a0.awsstatic.com 1.1.1.3
> Server:  UnKnown
> Address:  1.1.1.3
> 
> Non-authoritative answer:
> Name:    a0.awsstatic.com
> Addresses:  ::
>           0.0.0.0
> 
> 
> C:\Users\>nslookup a0.awsstatic.com 1.0.0.2
> Server:  UnKnown
> Address:  1.0.0.2
> 
> Non-authoritative answer:
> Name:    a0.awsstatic.com
> Addresses:  ::
>           0.0.0.0
> 
> 
> C:\Users\>nslookup a0.awsstatic.com 1.0.0.3
> Server:  UnKnown
> Address:  1.0.0.3
> 
> Non-authoritative answer:
> Name:    a0.awsstatic.com
> Addresses:  ::
>           0.0.0.0
2 Likes

For some reason, it’s being flagged as Command and Control & Botnet in my Gateway dashboard.

Though here: https://radar.cloudflare.com/categorization-feedback/a0.awsstatic.com

It’s only categorized as “Content Servers.”

@kkrum is the only staff I know who dabbles in that area and might know why there’s a discrepancy.

5 Likes

2 days later and 1.1.1.2 and 1.1.1.3 still blocking Amazon content server a0.awsstatic.com resolution. 1.1.1.1 resolves fine.

Just to keep this alive, I am having trouble accessing the AWS Console. I had to disable 1.1.1.3 as my nameserver and go to 1.1.1.1. Looks like it is categorised as content servers.

I am also seeing this same thing. I’ve had to disable 1.1.1.2 on my network.

I am experiencing the same issue: whenever “Command and Control & Botnet” is enabled for blocking, domain a0.awsstatic.com will get blocked, even though its category (“Content Servers”) is not set for blocking.

1.1.1.2/.3 seems to be blocking certain .css and .js files from loading on AWS home page.

The effected files are:
https://a0.awsstatic.com/libra-css/css/1.0.368/style-awsm.css
https://a0.awsstatic.com/libra/1.0.367/libra-head.js

I’m unable to post two further links due to a silly rule which limits me to listing two links in my first post(??)

Can this be looked at please? I would like to continue using 1.1.1.3 as my home DNS.

Thank You

Broken links can be seem here

Same here … 1.1.1.2 is not working for me with AWS websites. Please resolve so I can continue to use CloudFlare’s DNS.

I don’t suppose anybody has opened a ticket, have they?

Best thing to do here is to submit a report that the domain(s) in question are miscategorised - all you need to do is fill out this form and the team will review:

1 Like

yeahbut…it’s showing categorized as one thing, but blocked as another.

2 Likes

Ah - missed that part @sdayman - indeed send in a ticket to Support on this. I’ve already flagged it internally.

2 Likes

Looks like this has been fixed. Thank you very much for your assistance.

2 Likes

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.