I had a domain with MX records but no CNAME or A for the past couple years that I used just for email.
Within the past few weeks, someone appears to have forwarded http port 80 traffic to their server. About 24 hours ago, I became aware of this and enabled A and CNAME records and DNSSEC, transferring nameserver from Netlify to Cloudflare. However, I’m still seeing the HTTP traffic is to their server. My MX email has worked send/receive email throughout.
Affected domain: scivision.co should point to scivision.netlify.app
this is unwantedly forwarding HTTP to askelson.net with a “hacked” message.
I set Cloudflare nameserver up about 24 hours ago with DNSSEC enabled (checks “SECURE” via DNSviz).
Before that, I was using Netlify nameserver without DNS
A scivision.co 75.2.60.5
AAAA scivision.co 2600:1f18:2489:8200::c8
AAAA scivision.co 2600:1f18:2489:8202::c8
CNAME www scivision.netlify.app
MX scivision.co alt1.aspmx.l.google.com
MX scivision.co alt2.aspmx.l.google.com
MX scivision.co alt3.aspmx.l.google.com
MX scivision.co alt4.aspmx.l.google.com
MX scivision.co aspmx.l.google.com