Cloudflare DoH returns incorrect results

Cloudflare DoH seems to return invalid results, example:

~/Desktop $ curl https://dns.cloudflare.com/dns-query?name=zerossl.com -D- -H "accept: application/dns-json"
HTTP/2 200
server: cloudflare
date: Sun, 09 Apr 2023 13:37:23 GMT
content-type: application/dns-json
access-control-allow-origin: *
content-length: 249
cf-ray: 7b5324fbdd520e20-AMS

{"Status":0,"TC":false,"RD":true,"RA":true,"AD":false,"CD":false,"Question":[{"name":"zerossl.com","type":1}],"Answer":[{"name":"zerossl.com","type":1,"TTL":300,"data":"188.114.96.0"},{"name":"zerossl.com","type":1,"TTL":300,"data":"188.114.97.0"}]}
$ dig zerossl.com @1.1.1.1

; <<>> DiG 9.10.6 <<>> zerossl.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16684
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;zerossl.com.			IN	A

;; ANSWER SECTION:
zerossl.com.		300	IN	A	104.21.41.211
zerossl.com.		300	IN	A	172.67.151.123

;; Query time: 64 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Sun Apr 09 15:37:42 CEST 2023
;; MSG SIZE  rcvd: 72

Testing these:

$ curl https://zerossl.com --resolve zerossl.com:443:104.21.41.211 -I
HTTP/2 200
date: Sun, 09 Apr 2023 13:40:45 GMT
content-type: text/html
last-modified: Fri, 07 Apr 2023 09:24:13 GMT
x-amz-version-id: plOZBTLKi8H41whkIvVHDk8BJWtqo7hP
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 cf45fdeb5348a5648604f5f9e4f2b8a8.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: Dw_FHqZt0N-4hWvyHR0hXH4oPTfDeJfRz-CgL1-tssqzNEPyuUYu6Q==
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAN2sgrBOMnV8qnCcvZIS9q9nrBB90IWTFIFmJrNrFlorEZpj3YV57LiqsnFu%2FC%2Fq9SQ1ipXvyT%2B%2B8sI9LBSC%2B7DVy2%2FGM2LtLdW4Xl09u5k6XHBgwLF0jgkis1Z5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b5329ea5bcb0a74-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


$ curl https://zerossl.com --resolve zerossl.com:443:188.114.97.0 -I
curl: (7) Failed to connect to zerossl.com port 443 after 202 ms: Couldn't connect to server

Hello @nicgayerie :wave: I hate to tag individual people however this issue seems to be similar to the one from a year ago:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.