All of our "A" records are proxied on CF, yet they show the original IP in DNS lookups

We have proxied all of our “A” records on CF and yet when we run the DNS Lookup tool on the MX toolbox website, we see 2 “A” records for our domain, one that lists the proxied IP and one that lists the actual IP. Both IP addresses are attributed to Cloudflare, Inc. (AS13335)
How is this possible?
Further, when we do a simple “ping” from a command prompt for our domain, the actual IP is reported. Isn’t this supposed to report the proxied IP?
Is something amiss with CF? Isn’t the proxying of the “A” records supposed to mask the actual IP of the domain?
Thanks for any help!

What’s the domain?

babycity dot com

Neither of those IP addresses should be your actual IP address. Cloudflare always returns two A, and two AAAA Proxy IP addresses for redundancy. As you say they’re all on AS13335, those shouldn’t be your host.


Agreed, but if the entries are marked with a gold cloud “Proxied”, then shouldn’t any DNS scan always return a Cloudflare IP instead of the actual?
Would you recommend we delete the entries (which were originally imported automatically by CF when we set up the account) and manually re-enter them in order to “clean them up” and hopefully truly proxy them?


You should point your IPs to the correct origin of you are using a 3rd party service and the IPs point to Cloudflare then they are proxy ing the traffic. If you are using workers then Cloudflare is your origin. If you are pointing somewhere else you should figure out the correct origin before you change your nameservers and they point to an invalid host.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.