I just wanted to write this here so that it may help someone one day.
When IIS logs were checked, StatusCode was 200 and page was working correctly.
When we analyzed we noticed that we had a bug in a page and our server would return 280+ SET-COOKIE responses (one key duplicated 260 times plus normal site cookies). While this would work OK without CF proxy and browser would handle it correctly, we believe Cloudflare has a weird bug OR an undocumented protection against “cookie size” and would crash silently with an obscure 502 bad gateway.
So yes… There is the food for thought.