This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 39%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJJ%3C/text%3E%3C/svg%3E)
So I was investigating my DNS traffic in my network and noticed several regularly outgoing dns queries for :
tlu.dl.delivery.mp.microsoft.com.a.bdydns.com
Can’t find much information about *bdydns.com but seems to belong to Baidu AI cloud services. I see I have other queries to that Microsoft domain but those are just resolved by legitimate Microsoft IPs etc, don’t understand why some of them have been redirected to China and Baidu.
Is this legitimate?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 61%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHP%3C/text%3E%3C/svg%3E)
Hi Jens.J
No, DNS queries to tlu.dl.delivery.mp.microsoft.com.a.bdydns.com are not legitimate Microsoft traffic. This suggests DNS hijacking or misconfiguration, possibly redirecting Microsoft update domains to Baidu-controlled infrastructure.
You're right to be concerned.
Harry.
