Unable to resolve www.coinbase.com with 1.1.1.1

The is the output of dig from my machine:

maple3142:/mnt/c/Users/maple3142 $ dig A 1.1.1.1 +trace www.coinbase.com

; <<>> DiG 9.11.3-1ubuntu1.8-Ubuntu <<>> A 1.1.1.1 +trace www.coinbase.com
;; global options: +cmd
.                       6388    IN      NS      f.root-servers.net.
.                       6388    IN      NS      g.root-servers.net.
.                       6388    IN      NS      h.root-servers.net.
.                       6388    IN      NS      i.root-servers.net.
.                       6388    IN      NS      j.root-servers.net.
.                       6388    IN      NS      k.root-servers.net.
.                       6388    IN      NS      l.root-servers.net.
.                       6388    IN      NS      m.root-servers.net.
.                       6388    IN      NS      a.root-servers.net.
.                       6388    IN      NS      b.root-servers.net.
.                       6388    IN      NS      c.root-servers.net.
.                       6388    IN      NS      d.root-servers.net.
.                       6388    IN      NS      e.root-servers.net.
.                       6388    IN      RRSIG   NS 8 0 518400 20191216050000 20191203040000 22545 . Ry0e3dGnfRwwyyywc2kpIVv7xcc7qbJNthS8+nhoz835geccqoeR4p0A uIF38Cl+Xsy7X0cr7CoAeSOXRAnFR0hPNhtCauziNgyrY77/bN/b+Xcu DqOVVQ/6OB5SOvEzpQ8WYxAHfHGDfmRhfeIDZsnDPbHbLXhu5CkPlhtX Qi9kTM53EUhZbJHBQ9SztSQhp6D5VlB+5YAWRPHS6w0oNbwurPZMlB/2 fMDQmeLkBE/Zg5S9NIJapmzoYUYjtItrEmzRyeHJQsVut6L7eAnukd5P bz6cTd14xVxwsvKmmxE7q5l/6KZaMGZRyqdUMvzq5iQ1Vs8hetaEgHoY Aaunbw==
;; Received 717 bytes from 192.168.0.1#53(192.168.0.1) in 4 ms

.                       86400   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400
.                       86400   IN      RRSIG   SOA 8 0 86400 20191216050000 20191203040000 22545 . bhjkHW1VkJT9l2wcFLx9jzepSZh1uXI46g/VRY6vFC3yMeIwTmt1eAnf p3mqbNexzgWv9bvocHsvJfI/QLxyFFV8HnN2rXi+A1EydSla/VwNm+km FfhRwP56TTFUnhZWja44Jk++LGz2zftJ4MUak0a/6YXL57hUyHvMRCS/ pYTB+dX/7egUMSZ4w47c1cx+Fg8UzfjKkUp3EGq9lFWOowYJUYqjlBTI DsI6n60sFkBewUqHbECptaHxIao8QSII4ytjSaT2GAN9LAeEDkTuEwe+ QZ0zthuDadsohVDa4SS1tvFZ5M9C9HRcL1Iw1DgJzyPrxBJFuheoda/Y uRvMmw==
.                       86400   IN      NSEC    aaa. NS SOA RRSIG NSEC DNSKEY
.                       86400   IN      RRSIG   NSEC 8 0 86400 20191216050000 20191203040000 22545 . YiR3KiVmd8QMQo7hAE1vsbPnuNqVSorP92BtBv1MnaQymn2RE16NZRxa L3Y4TKYNsypeiJDgiDElcDsp2TJcQgukaxsZnq3cw4uZ7DU86lxQv5lr 7CSYJup6E9zxfxVZnqOn+7VaubnEu79GhV6gVpflIByGwCY8jETBNk7h LIAdbMvTIcxseaAl2z4RE4OfT7BVAZj3vJOHzvKaeLgYnj4JhTdV8tgS EqTNct1lMMCzRHwV1Monwy7BkLYUX6tBx4KZhSkRUqn3G1k1EVCEHNUy k5gKTd7j2efg4gxjpZRsEMXuewt0YiI7EBblmXTffus5wNFTmYh3BUKR E+2goA==
;; Received 708 bytes from 192.5.5.241#53(f.root-servers.net) in 4 ms

# Then it stuck here, no response at all

But query using dns over https successfully resolve it:

maple3142:/mnt/c/Users/maple3142 $ curl -H 'accept: application/dns-json' 'https://cloudflare-dns.com/dns-query?name=www.coinbase.com&type=A'
{"Status": 0,"TC": false,"RD": true, "RA": true, "AD": false,"CD": false,"Question":[{"name": "www.coinbase.com.", "type": 1}],"Answer":[{"name": "www.coinbase.com.", "type": 1, "TTL": 300, "data": "104.16.8.251"},{"name": "www.coinbase.com.", "type": 1, "TTL": 300, "data": "104.16.9.251"}]}

1.1.1.1 debug info: https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiTm8iLCJyZXNvbHZlcklwLTEuMS4xLjEiOiJZZXMiLCJyZXNvbHZlcklwLTEuMC4wLjEiOiJZZXMiLCJyZXNvbHZlcklwLTI2MDY6NDcwMDo0NzAwOjoxMTExIjoiTm8iLCJyZXNvbHZlcklwLTI2MDY6NDcwMDo0NzAwOjoxMDAxIjoiTm8iLCJkYXRhY2VudGVyTG9jYXRpb24iOiJUUEUiLCJpc1dhcnAiOiJObyIsImlzcE5hbWUiOiJDbG91ZGZsYXJlIiwiaXNwQXNuIjoiMTMzMzUifQ==

What does this return?

dig A 1.1.1.1 www.coinbase.com
maple3142:/mnt/c/Users/maple3142 $ dig A 1.1.1.1 www.coinbase.com

; <<>> DiG 9.11.3-1ubuntu1.8-Ubuntu <<>> A 1.1.1.1 www.coinbase.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4444
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;1.1.1.1.                       IN      A

;; AUTHORITY SECTION:
.                       6402    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 4 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Tue Dec 03 20:10:54 CST 2019
;; MSG SIZE  rcvd: 111

;; connection timed out; no servers could be reached

Considering that DoH appears to work but plain DNS not, my guess would be your ISP blocks requests regular DNS requests to Cloudflare.

What does this return?

dig A 8.8.8.8 www.coinbase.com
; <<>> DiG 9.14.6 <<>> A 8.8.8.8 www.coinbase.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29614
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;8.8.8.8.                       IN      A

;; AUTHORITY SECTION:
.                       82700   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 5 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 03 20:36:47 CST 2019
;; MSG SIZE  rcvd: 111

;; connection timed out; no servers could be reached

Yeah, maybe my ISP is really blocking some dns request to some specific domain.

So this works?

dig A 1.1.1.1 www.example.com
dig A 8.8.8.8 www.example.com

Yeah, they do.

$ dig A 1.1.1.1 www.example.com

; <<>> DiG 9.14.6 <<>> A 1.1.1.1 www.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 724
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;1.1.1.1.                       IN      A

;; AUTHORITY SECTION:
.                       86393   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 22 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 03 20:46:22 CST 2019
;; MSG SIZE  rcvd: 111

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8101
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.example.com.               IN      A

;; ANSWER SECTION:
www.example.com.        17320   IN      A       93.184.216.34

;; Query time: 5 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 03 20:46:22 CST 2019
;; MSG SIZE  rcvd: 60
$ dig A 8.8.8.8 www.example.com

; <<>> DiG 9.14.6 <<>> A 8.8.8.8 www.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 30892
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;8.8.8.8.                       IN      A

;; AUTHORITY SECTION:
.                       69348   IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019120300 1800 900 604800 86400

;; Query time: 17 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 03 20:46:22 CST 2019
;; MSG SIZE  rcvd: 111

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12368
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;www.example.com.               IN      A

;; ANSWER SECTION:
www.example.com.        8916    IN      A       93.184.216.34

;; Query time: 5 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Dec 03 20:46:22 CST 2019
;; MSG SIZE  rcvd: 60