DNS For Families (Block Malware) is Blocking a Legitimate Domain

Please excuse the malformed URL’s in this post, this forum won’t allow me to post more than 2 URL’s, so I’ve had to butcher them.

I am using the ‘Block Malware’ version of Cloudflare DNS-over-HTTPS for families (https:// security.cloudflare-dns .com/dns-query) in Microsoft Edge Chromium. However, a legitimate domain name is being blocked by CloudFlare DNS.

The owner of the domain have recently sent their users password reset emails, therefore it’s possible it’s related to an issue which triggered that password reset.

Steps to reproduce:

1) Go to https:// www.servizioelettriconazionale‍ .it/

2) Sign in with an email address and password

3) The page automatically redirects to https:// login.servizioelettriconazionale .it/login/samlsso

4) The page won’t load and displays the below ‘ERR_ADDRESS_INVALID’ error page in web browser:

Hmmm… can't reach this page
It looks like the webpage at https:// login.servizioelettriconazionale .it/login/samlsso might be having issues or it may have moved permanently to a new web address.
ERR_ADDRESS_INVALID

When checking the DNS responses in PowerShell, it shows that this subdomain is being blocked by the CloudFlare 1.1.1.2 and 1.1.1.3 family DNS servers (as per the below PowerShell results, it’s returning 0.0.0.0 and :: for the IPv4 and IPv6 address from those servers – indicating this subdomain is blocked).

The CloudFlare nameserver location is ‘LHR’.

PowerShell script:

# Name
$Name = "login.servizioelettriconazionale.it"

# DNS Servers
"8.8.8.8", "1.1.1.1", "1.1.1.2", "1.1.1.3" | ForEach-Object {
    Write-Host ("{0}DNS Server: {1}" -f "`n", "$_") -ForegroundColor Yellow
    Resolve-DnsName -Name "$Name" -Server "$_" | Format-List
}

PowerShell output:

DNS Server: 8.8.8.8

Name     : login.servizioelettriconazionale.it
Type     : CNAME
TTL      : 7006
Section  : Answer
NameHost : ivk66.x.incapdns.net


Name       : ivk66.x.incapdns.net
QueryType  : A
TTL        : 29
Section    : Answer
IP4Address : 107.154.112.77



DNS Server: 1.1.1.1

Name     : login.servizioelettriconazionale.it
Type     : CNAME
TTL      : 132
Section  : Answer
NameHost : ivk66.x.incapdns.net


Name       : ivk66.x.incapdns.net
QueryType  : A
TTL        : 30
Section    : Answer
IP4Address : 107.154.112.77



DNS Server: 1.1.1.2

Name       : login.servizioelettriconazionale.it
Type       : AAAA
TTL        : 60
DataLength : 16
Section    : Answer
IPAddress  : ::

Name       : login.servizioelettriconazionale.it
Type       : A
TTL        : 60
DataLength : 4
Section    : Answer
IPAddress  : 0.0.0.0



DNS Server: 1.1.1.3

Name       : login.servizioelettriconazionale.it
Type       : AAAA
TTL        : 60
DataLength : 16
Section    : Answer
IPAddress  : ::

Name       : login.servizioelettriconazionale.it
Type       : A
TTL        : 60
DataLength : 4
Section    : Answer
IPAddress  : 0.0.0.0

You can submit the hostname here:
https://report.teams.cloudflare.com/

I don’t think it’s miscategorized. They are a national energy provider, therefore they shouldn’t be on any of the block lists.

OK. I have submitted it under “Login Screens”.

1 Like