DNS changed to Google Proxy?

I have a domain name who’s been on Cloudflare for a long time. I started seeing errors all over the place and when I checked Cloudflare, I found my DNS has been changed to “Proxied” with an IP address that traces back to Google. All my pages were gone.

How does this happen?

Can you share the name of the domain?

It was innotechusa.com It’s a re-directed domain pointing over to a page on cds.com Now that I changed it back to DNS only instead of being Proxied it’s working fine. But how did it get set to Proxied in the first place?

I’ll investigate and be right back with info…

Hi @jerryw, I see the actions you took to unproxy the record. I looked as far back in your audit log as there is data available, but the data does not go further back than Jan of this year, so I cannot tell when the record was added nor when it was set to proxied, both happened prior to Jan of this year.

This could have been caused by user error or malice. As a justincase, you should change your password, change api key and enable 2FA to ensure no bad actors have access to your system.

I also tried to get a bit of history on the A record at securitytrails, but am encountering a session error, https://securitytrails.com/domain/innotechusa.com/history/a, will try later.

Obviously it’s not something I’m checking very often. We purchased that company years ago and just left the domain name up to help stragglers find their way to our company. I didn’t know there was a problem until Cloudflare sent me a report showing a 91% error rate. I haven’t touched that particular DNS in a long time.

I did update the server DNS points to last year but I didn’t need to make any changes on the server to get the site back. I just killed that Proxied option in the DNS.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.