Why can any domain resolved by Cloudflare be discovered by others?

What is the name of the domain?

example

What is the issue you’re encountering

I have a domain ending in .cc, registered with Cloudflare. Yesterday, I resolved a DNS record for a domain like sfsfm2du3gfsdlfds4gf.example.com, a long, randomly inputted domain name. However, today I found access records from both domestic and international IPs. Why is this happening?  I have a NAS at home, accessed via Cloudflare’s Zero Trust Tunnels with email verification added. I have around a dozen or twenty subdomains. Previously, I noticed that all my tunnel domains had access records from international IPs. I initially thought it was due to brute-force enumeration attacks until yesterday, when I randomly resolved a domain to the server and still found access records in the Cloudflare firewall from others, which puzzled me.  All my DNS records are proxied by Cloudflare.

What is the current SSL/TLS setting?

Off

I don’t want to publicly disclose my domain name on the forum. If the official personnel need it, I will send it privately

If an SSL certificate was generated that includes the subdomain, either by Cloudflare or when you create an origin certificate, the certificate details can be found in transparency logs. Bots that watch these will then hit your site when a certificate is issued.

Enter your subdomain at https://crt.sh to see.

2 Likes

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.