Domain getting redirected to another domain

my domain “smartcaventures (dot) com” are getting redirected to “clickfunnels(dot)com” when the CNAME is proxied on Cloudflare.

If not proxied, it is loading my website at perfectly.

Very strange

Something is indeed strange.

First of all, to clarify the redirect chain, the apex domain actually forwards to first

that specific redirect might actually be coming from Cloudflare (but I can’t tell for sure); if that’s not a redirect you want, check Page Rules and Bulk Redirects to see where it’s coming from

After the redirect to is where it gets weird. In SOME cases, there’s a 302 redirect to But I can tell from the HTTP headers that this redirect is actually coming from the origin server, not being generated by Cloudflare. It has a cookie on it & it’s got all kinds of headers from the server that you wouldn’t see on a Cloudflare-initiated redirect

HTTP/2 302
date: Sat, 09 Jul 2022 08:28:11 GMT
content-type: text/html; charset=utf-8
cf-ray: 727faf49d9e462ab-ORD
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
expect-ct: max-age=604800, report-uri=""
pragma: no-cache
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 5d2db2b7d0dca2efa01feb63ac87318b
x-runtime: 0.202336
set-cookie: __cf_bm=ILUNOPb9XK22l7bvG7a0lSi5g34VK6Zq_qZOf4mZGiw-1657355291-0-AYTx3kRxrZMzRTdUaK8z9hMH7rKSpKzkH78Mx2Kvjmn9MQ78VjNQANAxfVz0Np2rPdfk9jdG/w59YteBhBppEvZIhADDad0R4eVl45kJkepY; path=/; expires=Sat, 09-Jul-22 08:58:11 GMT;; HttpOnly; Secure; SameSite=None
server: cloudflare

In order to even see that 302 Redirect with Curl, I had to spoof my user agent to look like a browser. If I run curl normally, I get a 403 Forbidden.

Possible malware on the server?

Where you do you have the A records for your apex domain AND your www subdomain pointing to? Are they pointing to the same server? Currently you have the apex domain forwarding to www, is that what you wanted?

Does “Phusion Passenger Enterprise” mean anything to you?

You say the problem goes away when you unproxy the DNS. But which DNS record, the apex domain or the www? Or do you have to unproxy both?

Thank you for your reply and analysis.

Yes I have redirected non www to www with Cloudflare rules

I have previously hosted this site with AWS EC2 instance on Linux Bitnami Wordpress instance.

Also I have integrated previously Ezoic with Cloudflare when the site was hosted on AWS upto 2 days back

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.