# Bing using CloudFlare?



## drmike (Dec 3, 2013)

Well just was using Bing to search for something.


Please enable cookies.
Error 1001
DNS resolution error
What happened?

You've requested a page on a website (www.bing.com) that is on the CloudFlare network. CloudFlare is currently unable to resolve your requested domain (www.bing.com). There are two potential causes of this:
Most likely: if the owner just signed up for CloudFlare it can take a few minutes for the website's information to be distributed to our global network.
Less likely: something is wrong with this site's configuration. Usually this happens when accounts have been signed up with a partner organization (e.g., a hosting provider) and the provider's DNS fails.

So Bing is using CloudFlare?!?!?!?!

And they are pissed at me for no cookies and javascript.... Sorry folks.   F' off.


----------



## GIANT_CRAB (Dec 3, 2013)

Microsoft has their own CDN network.

Microsoft has their own trusted SSL.

They won't use Cloudflare... unless Microsoft bought the company!!!!111oneoneleven

ohsheet,topconspiracy,preparetinfoilhat

Also, why are you even using Bing? People (tinfoilers) are using DuckDuckGo.


----------



## tchen (Dec 3, 2013)

Dns poisoning. Which resolver are you using at opennic?


----------



## drmike (Dec 3, 2013)

tchen said:


> Dns poisoning. Which resolver are you using at opennic?


First I've seen of this 

*/etc/resolv.conf*


nameserver 198.100.146.51 #ns2.qc.ca.dns.opennic.glue Eric Boucher - OQND.qc 10ms away Logs: No log at all.
nameserver 76.74.205.228 #ns1.ca.dns.opennic.glue AlejandroMarquez Other: Stats: http://76.74.205.228:9999/
nameserver 74.122.198.48 #ns6.il.us.dns.opennic.glue xoxide 20ms away Default bind logging; well-formed queries not logged.




GIANT_CRAB said:


> Also, why are you even using Bing? People (tinfoilers) are using DuckDuckGo.


Foil hatters use StartPage    Nerds use DuckDuckGo.    I rotate between many of them.  Bad results in general on a matter lead me over to Bing to see if any better.


----------



## cubixcloud (Dec 3, 2013)

# dig bing.com A

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> bing.com A
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23077
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;bing.com. IN A

;; ANSWER SECTION:
bing.com. 3588 IN A 204.79.197.200

;; AUTHORITY SECTION:
bing.com. 172788 IN NS ns2.msedge.net.
bing.com. 172788 IN NS ns3.msedge.net.
bing.com. 172788 IN NS ns4.msedge.net.
bing.com. 172788 IN NS ns1.msedge.net.

;; ADDITIONAL SECTION:
ns1.msedge.net. 3588 IN A 204.79.197.1
ns2.msedge.net. 3588 IN A 204.79.197.2
ns3.msedge.net. 3588 IN A 131.253.21.1
ns4.msedge.net. 3588 IN A 131.253.21.2

Also www.bing.com


#dig www.bing.com A

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> www.bing.com A
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52803
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;www.bing.com. IN A

;; ANSWER SECTION:
www.bing.com. 599 IN CNAME any.edge.bing.com.
any.edge.bing.com. 599 IN A 204.79.197.200

;; AUTHORITY SECTION:
bing.com. 172658 IN NS ns3.msedge.net.
bing.com. 172658 IN NS ns4.msedge.net.
bing.com. 172658 IN NS ns1.msedge.net.
bing.com. 172658 IN NS ns2.msedge.net.

;; ADDITIONAL SECTION:
ns1.msedge.net. 3458 IN A 204.79.197.1
ns2.msedge.net. 3458 IN A 204.79.197.2
ns3.msedge.net. 3458 IN A 131.253.21.1
ns4.msedge.net. 3458 IN A 131.253.21.2

They seem to be using their own service.


```
# whois -h whois.arin.net  204.79.197.200
[Querying whois.arin.net]
[whois.arin.net]

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#


#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 204.79.197.200"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=204.79.197.200?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       204.79.195.0 - 204.79.197.255
CIDR:           204.79.196.0/23, 204.79.195.0/24
OriginAS:       AS8075
NetName:        ECN-NETWORK
NetHandle:      NET-204-79-195-0-1
Parent:         NET-204-0-0-0-0
NetType:        Direct Assignment
RegDate:        1994-12-15
Updated:        2013-08-20
Ref:            http://whois.arin.net/rest/net/NET-204-79-195-0-1
```


----------



## tchen (Dec 3, 2013)

drmike said:


> First I've seen of this
> 
> */etc/resolv.conf*
> 
> ...


Second one, ns1.ca.dns isn't on the list anymore.  If I was wearing my tinfoil hat, I'd change it


----------



## drmike (Dec 4, 2013)

Well that doesn't explain the bing.com / Cloudflare screen though.  

That second DNS server now doesn't answer/does nothing.   So doubt it's the culprit.

No tinfoil.   It's just foil, likely aluminum and has been since 1940's


----------



## raindog308 (Dec 4, 2013)

GIANT_CRAB said:


> Also, why are you even using Bing?


I use it because Microsoft pays me to use it.

$120 in Amazon gift certificates and counting.

As soon as they stop paying people to use it...I'm gone.


----------



## wlanboy (Dec 4, 2013)

Whois is funny too:


```
Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Server Name: BING.COM.SEO.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
   IP Address: 209.126.190.71
   Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
   Whois Server: whois.PublicDomainRegistry.com
   Referral URL: http://www.PublicDomainRegistry.com

   Server Name: BING.COM.CN
   Registrar: SHANGHAI MEICHENG TECHNOLOGY INFORMATION DEVELOPMENT CO., LTD.
   Whois Server: whois.cndns.com
   Referral URL: http://www.cndns.com

   Domain Name: BING.COM
   Registrar: MARKMONITOR INC.
   Whois Server: whois.markmonitor.com
   Referral URL: http://www.markmonitor.com
   Name Server: NS1.MSEDGE.NET
   Name Server: NS2.MSEDGE.NET
   Name Server: NS3.MSEDGE.NET
   Name Server: NS4.MSEDGE.NET
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Status: serverDeleteProhibited
   Status: serverTransferProhibited
   Status: serverUpdateProhibited
   Updated Date: 29-nov-2012
   Creation Date: 29-jan-1996
   Expiration Date: 30-jan-2019

>>> Last update of whois database: Wed, 04 Dec 2013 19:29:51 UTC <<<
```


----------



## tchen (Dec 4, 2013)

drmike said:


> Well that doesn't explain the bing.com / Cloudflare screen though.
> 
> That second DNS server now doesn't answer/does nothing.   So doubt it's the culprit.
> 
> No tinfoil.   It's just foil, likely aluminum and has been since 1940's


I just figured that server's been having problems and has since been delisted.  It might have come up long enough to resolve you a cloudflare ip in which case your browser's vhost header would just have confused Cloudflare's 404ish page.  Are you still getting this or has it passed already?


----------



## drmike (Dec 4, 2013)

tchen said:


> I just figured that server's been having problems and has since been delisted.  It might have come up long enough to resolve you a cloudflare ip in which case your browser's vhost header would just have confused Cloudflare's 404ish page.  Are you still getting this or has it passed already?


I still am totally unclear where CloudFlare IP got injected.  It's concerning/spoofing/false positive.

I haven't seen it again, but I am not very regular user of Bing.


----------



## VPSCorey (Dec 4, 2013)

Likely Bing is randomly sending traffic through CloudFlare and you happened to find a 404 that exposed what's going on.

Could just be an evaluation.


----------

