Domain redirects to spam site when Cloudflare proxy is enabled

What is the name of the domain?

What is the issue you’re encountering

Hi Community, I’m facing a serious issue with my domain: r2.securetrading1.com. Here’s what’s happening: I have an A record set for r2.securetrading1.com pointing directly to my server IP. When Cloudflare proxy is disabled (DNS only), everything works fine — the domain correctly points to my server. When Cloudflare proxy is enabled, the domain suddenly redirects to a spam Telegram group link, which I never configured. It looks like there’s either a misconfiguration or something wrong with the Cloudflare proxy behavior for my domain. I’ve verified the server setup, DNS records, and there’s no redirection configured from my end. This only happens when the orange cloud (proxy) is enabled. Any ideas what might be causing this? Could this be due to a cached redirect, a hijacked domain, or an issue with the Cloudflare IP being misused? Thanks in advance for any help.

What feature, service or problem is this related to?

DNS records

Likely your account has been compromised to add the redirect…
https://cf.sjr.dev/tools/check?c075d0c969d847acb468a824f308df2b#connection-server-https

Check for unexpected page rules and redirect rules:
https://dash.cloudflare.com/?to=/:account/:zone/rules/redirect-rules (scroll down to check bulk redirects as well)
https://dash.cloudflare.com/?to=/:account/:zone/rules/rules

Check for changes to your account in the audit log:
https://dash.cloudflare.com/?to=/:account/audit-log

Resecure your account:

• change the password
• set up 2FA
• change your global API key and any tokens; look for newly created tokens

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.