History:
Installed Pi-hole three days ago on Raspberry Pi 3 B+ using DietPi image. Installed and configured unbound as well and all is working as expected according to dig returned results. Have NordVPN installed on Win10 client but not the Pi-hole DNS server. All site accessible except for Amazon. I noted using the Firefox browser there is no issue connecting to amazon so likely the DNS over https (DoH) bypasses the Pi-hole DNS server. Incognito sometimes brings up the page but most of the time without any images just text. Received message from amazon during my attempt to connect to their site and they wanted to confirm that is was me by requesting a returned text message. It seemed they questioned my identity. This was the first time I tried to connect to them since the install of the pi-hole DNS server. All other site have not had any issues connecting and rendering.
Expected Behaviour:
To be able to see the Amazon website or white list it so it may be viewable as it has prior to implementing Pi-hole. I have added it to the white list and I believe correclty. A good question would be if it is blacklisted will the white list over right the black list? I search the black list for Amazon and aws and found no returns. All other websites that I have visited since the deployment are working as expected.
Actual Behavior:
The amazon page sometimes loads after many refreshs or not at all. Sometimes only text appears but no background images are present. Amazon wanted to confirm and verify my identity with a CAPTCHA and a text message. I knew about Firefox's DoH solution so I downloaded and there where no issues rendering the amazon site. I do use NordVPN but it has not been a problem reaching Amazon in the past. Here is the Amazon nslookup on the Win10 client and you can see the NordVPN DNS listed IP address which I believe would be as expected. The Debugging Token is printed below as requested Thank you.
nslookup amazon.com
Server: UnKnown
Address: 103.86.99.99 → One of NordVPN listed DNS servers
Non-authoritative answer:
Name: amazon.com
Addresses: 54.239.28.85
176.32.103.205
205.251.242.103
Follow up 26Feb21
Interesting find is I am now able to launch amazon without any issue using chrome. However, the query log does not show any time entry for amazon.com. I have used the Firefox browser with DoH enabled to load Amazon.com prior to the problem. Perhaps the Amazon domain got cached in the Pi hole DNS this way? Does the query log not show items that are cached in the Pi hole DNS server system? All devices through the DHCP server (router) are pointing to only the Pi hole DNS server. Thank you.
[✓] Your debug token is: https://tricorder.pi-hole.net/0ggp0tsqlf