Removing malicious subdomain


TL;DR I want to remove sudbomain which I didn’t create anywhere (domain registrar, vps hosting, or Cloudflare).

Full question

Is it possible to know which service (domain registrar, vps hosting, or Cloudflare) added the following subdomain to my domain

When I noticed that these subdomains exist I immediately added them to Cloudflare and now the first subdomain points to Cloudflare but the second one still reveals IP of my VPS.
As it reveals my real IP of my server, it makes it useless to use Cloudflare as a protection against (D)DoS.

These subdomains do not exist in the DNS manager of my VPS server. Neither I can find any evidence of existence of these domains in my domain registrar.

Your DNS is being managed by Cloudflare. These values exist in the DNS control panel for Cloudflare.

You will also want to either remove your Mx record or host your mail somewhere other than your VPS. Cloudflare doesn’t proxy SMTP traffic.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.