I don’t see any redirects, but a 526 error indicating that the certificate on your origin (e.g. server behind Cloudflare) is invalid.
At which exact URL are you experiencing the mentioned redirect?
I’m trying to fix the domain zirkon.az myself, but apparently something went wrong.
But there is a problem with an incomprehensible redirect on this site too: stomatoloji.com
That hostname is not proxied by Cloudflare and the origin server is returbning a certificate that doesn’t match the domain name. You’ll want to review your webserver config and install an appropriate SSL certificate.
Please take a look at this:
C:\Users\DrFZ>curl -IL https://zirkon.az/
HTTP/1.1 200 OK
Date: Fri, 09 Jan 2026 07:12:39 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
link: https://collecroce.com/wp-json/; rel=“https://api.w.org/”
Server: cloudflare
cf-cache-status: DYNAMIC
I have absolutely no idea where the link: ****” came from. I don’t use WordPress on this site. I manually checked the .htaccess, and everything is clean. What do you recommend?
This usually means your host doesn’t have an entry for your domain in their configuration and it’s defaulting to the first site on the server.
Make sure the DNS record is set correctly, then check with your host.
Thanks for the recommendation. I’ll definitely do it.
The results are different with HTTP.
C:\Users\DrFZ>curl -IL http://zirkon.az/
HTTP/1.1 200 OK
Date: Fri, 09 Jan 2026 08:59:38 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
Nel: {“report_to”:“cf-nel”,“success_fraction”:0.0,“max_age”:604800}
Last-Modified: Fri, 26 Dec 2025 15:10:14 GMT
Cache-Control: max-age=3600, must-revalidate
Expires: Fri, 09 Jan 2026 09:00:38 GMT
Vary: Accept-Encoding,User-Agent
So, the results are different with HTTPS and HTTP. The unclear link only appears with HTTPS. What do you think about this?
Check with the host, The issue is likely that SSL hasn’t been set up on their side so your hostname isn’t configured in the virtual host settings for HTTPS, hence the SSL certificate not being correct, but it is for HTTP.
❯ curl -Ikv https://stomatoloji.com
* Host stomatoloji.com:443 was resolved.
* IPv6: (none)
* IPv4: 129.121.5.169
* Trying 129.121.5.169:443...
* Connected to stomatoloji.com (129.121.5.169) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* (304) (IN), TLS handshake, Unknown (8):
* (304) (IN), TLS handshake, Certificate (11):
* (304) (IN), TLS handshake, CERT verify (15):
* (304) (IN), TLS handshake, Finished (20):
* (304) (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / AEAD-AES256-GCM-SHA384 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
* subject: CN=collecroce.com
* start date: Dec 2 00:00:00 2021 GMT
* expire date: Dec 2 23:59:59 2022 GMT
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* using HTTP/2
* [HTTP/2] [1] OPENED stream for https://stomatoloji.com/
* [HTTP/2] [1] [:method: HEAD]
* [HTTP/2] [1] [:scheme: https]
* [HTTP/2] [1] [:authority: stomatoloji.com]
* [HTTP/2] [1] [:path: /]
* [HTTP/2] [1] [user-agent: curl/8.7.1]
* [HTTP/2] [1] [accept: */*]
> HEAD / HTTP/2
> Host: stomatoloji.com
> User-Agent: curl/8.7.1
> Accept: */*
>
* Request completely sent off
< HTTP/2 200
HTTP/2 200
< link: <https://collecroce.com/wp-json/>; rel="https://api.w.org/"
link: <https://collecroce.com/wp-json/>; rel="https://api.w.org/"
< content-type: text/html; charset=UTF-8
content-type: text/html; charset=UTF-8
< date: Fri, 09 Jan 2026 13:16:57 GMT
date: Fri, 09 Jan 2026 13:16:57 GMT
< server: Apache
server: Apache
It’s coming from another host on the same webservwr being returned because there isn’t an explicit definition for your domains for HTTPS and you’re using Full, not Full (Strict) for SSL. The fix is as described above.
I switched to “Full (Strict)”, but in this case it gave the error “Invalid SSL certificate, Error code 526”.
So the problem is definitely not with Cloudflare, but with the hosting?
Correct.