My domain baiak-legend.com has its DNS hosted on Cloudflare

Dear Cloudflare Support Team,

My domain baiak-legend.com has its DNS hosted on Cloudflare. However, when accessing baiak-legend.com, I am being redirected to a malicious website

I hope this message finds you well. I am writing to bring to your attention a critical issue with my domain, baiak-legend,com, which has its DNS hosted on Cloudflare.

I have recently discovered that when attempting to access baiak-legend,com, visitors are being redirected to a potentially harmful or malicious website.

This issue poses a significant threat to the integrity and security of my domain and its visitors.

I urgently request your assistance in investigating and resolving this matter as soon as possible. It is crucial to ensure that the domain is no longer redirecting users to any unauthorized or harmful content. Additionally, I would appreciate any insights or recommendations you may have to prevent such incidents from occurring in the future.

Please let me know if there is any further information or action required from my end to facilitate the resolution process. I am available and willing to provide any necessary support to resolve this issue promptly.

Thank you for your immediate attention to this matter. I look forward to your prompt response and resolution of this critical issue.

Best regards, Team Baiak Legend

If your site is redirecting to an unknown URL in some circumstances then it is possible your Cloudflare account has been compromised. There have been a few cases where malicious Redirect Rules have been added to accounts that trigger a redirect.

You should secure your account by resetting your password, configuring 2FA and rotating your API keys & tokens.

You should also review the audit log to see what malicious configuration has been added and revert it.

In previous cases it has been a Redirect Rule such as this that has been added:

2 Likes

It’s exactly what @domjh said, remove the rule called vz.

Screenshot 2023-11-01 at 11.55.48 AM

2 Likes

Hello! Thank you very much for checking my problem.
I deleted the rule named VZ, but I still get redirected to the malicious website cdn.discordapp,com
Do I have to wait?

Your site is no longer redirecting. It might be that the redirect is cached in your browser, try a private window.

Did you also follow the steps to secure a compromised account?

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.