Thank you for the logs! They are very useful.
It seems the captive portal checks are triggered by the cert errors when connecting to the nextDNS DoH server.
2021-03-25 05:29:56.195 ⁃ nsHttpChannel ⁃ 1b0ccf000 ⁃ released ⁃ status=805a2ff4 ⁃ http-status=n/a ⁃ url=https://firefox.dns.nextdns.io/
2021-03-25 05:29:56.260536 UTC - [Parent 30658: Main Thread]: V/nsHttp nsHttpChannel::OnStopRequest [this=1b0ccf000 request=13ffd77e0 status=805a2ff4]
It seems you have the following prefs set:
The bootstrap address is set to the cloudflare IP, but the URI is set to nextdns.
That means we connect to the cloudflare server and expect a response with the nextdns certificate, which triggers a cert error.
Normally after a few of these failures we'd stop using TRR, but the confirmationNS is set to skip, so we keep doing it, and each cert error triggers a captive portal check.
Please clear these two prefs:
Things should be back to normal afterwards.