We have sites that are added via the API to Cloudflare.
For most all of these sites (90% I would guess) their nameservers are the standard:
But occasionally they are:
When the nameservers are set as the amanda/andy and should be jule/leif the redirects happen (images attached of what is seen).
[type or paste code here](https://www.dropbox.com/s/md8krpl7p5xg1ol/redirects-on-cloudflare.mp4?dl=0)
To the customer it looks like this is some sort of hacked website, etc.
Can you help me understand what is happening? And why the site redirects to something so spammy?
Also, when I asked a similar question before about the 2 different sets of nameservers it was explained that as long as the sites are all added to the same account then the nameservers should all be the same. Is there a reason why these would be different at certain times and is there a way to detect that via the API?