No LBs, no healthchecks, no Argo tunnelling, no nothing as far as I can tell. TLS serving is enabled because we forgot to turn it off, but afaict there’s no path from our DNS to any Cloudflare serving infrastructure.
Analytics say there were 0 threats, so I’m assuming it was real traffic rather than an attack. On the free plan I get almost zero details, other than it was all HTTPS, 147,941 queries total, and happened from 00:00 through 05:00 this morning before vanishing back to zero.
I should add: this domain is getting large amounts (thousand of qps) of real traffic outside of Cloudflare, so it’s not just a domain that’s normally idle but happened to be configured for Cloudflare. It’s a domain with real traffic, and some of it seemingly was slurped up unilaterally by Cloudflare overnight, despite our configuration not telling anyone to do that.