Wrong DNS resolution

What are the wrong IPs? 

The incorrectly returned IPs are: 
3.70.44.70
52.28.207.170

The incorrectly returned IPs are: 
3.70.44.70
52.28.207.170

Those are the DNS block page redirect IPs. 
So to speak: The FQDN you try to reach is blocked, therefore we offer this IP to block it. 
This is a record, blocked by DNS due the category: 

Going to this IP: try http:// 52.28.207.170/

Thx Luca!
Interesting that even a ping to the external fqdns give's back these IPs.
And the questions is why these IP adresses (our own domain with a-records for customer firewalls) are categorized as "don't go to there".
I would like to see these things in the logs which should be available soon - I hope.

What policy did you use? 

Parked Domains are blocked in the default. 

Hi OlafPelzer 

 Thanks for your email. We shall check why the feedback is not working.

 We analysed the issue reported and analysis as below:

Sophos4u.de is categorised as Parked domain. As per the policy configured (Keep it clean rule), Parked domains are blocked and hence, a different IP (which redirects to block page) is observed.

There are two ways you can allow this domain:

Option 1:

• Select “Let me specify” rule under Policy -> Threats and liabilities -> “Let me specify” from drop down -> Parked domains -> Allow from drop down.
• This will allow all Parked domains.

 Option 2:

• Create a Domain list under “Domains” page with “sophos4u.de” domain.
• Enable “Filtering by custom domain lists” under Policy. Add the Domain list created and select “Allow” as the action to override the category.
• This will allow only sophos4u.de and its subdomains.

Please let us know if you need any further help. Thanks again for enrolling and trying out DNS Protection EAP.