On January 29th, I received an email from Cloudflare notifying me that my account was accessed from a new IP. However, due to my busy schedule, I ignored the email.
This morning I checked my two websites on Cloudflare, and they both redirected to the page: https://iplogger.com/redacted
Then I checked the audit log and found there was a new ruleset created, as shown in the following image:
So, the problem is that someone created a new ruleset by redirecting my website when accessed through Windows. If you experience this, try taking the following actions:
- Enter the dashboard and select your website
- On the sidebar, select “Redirect rules” in the “Rules” dropdown
- If there are rules that you don’t recognize, just delete them.
To see details, click “Edit”.
I think this happened because someone accessed my Cloudflare account. After some searching, this action was performed from Germany, whether true or not. My advice, change the password and use 2 factor authentication.
I hope this helps.