Follow
"USING CLOUDFLARE TO BYPASS CLOUDFLARE
An attacker can setup a custom domain with Cloudflare and point the DNS A record to victims IP address. The attacker then disables all protection features for that custom domain in their tenant and tunnel their attack(s) through the Cloudflare infrastructure. This approach allows attackers to bypass the protection features by the victim."
https://certitude.consulting/blog/en/using-cloudflare-to-bypass-cloudflare/
