A database migration caused the www.cloudflare.com name to get directed (along with a small number of other names). Didn't affect api.cloudflare.com or dash.cloudflare.com, etc.
Totally our doing and not a hack of any kind. Team is writing this up and we'll blog about what went wrong.
Thanks. Curious: Were DNSSEC validating clients failing to redirect to clickfunnels.com too, or was the misconfiguration on Cloudflare's end such that they weren't?
If it wasn't DNS, then I guess it must have been the reverse-proxy? In that case, if clickfunnels had uploaded their own public CA (or hosted it on pages.dev, which doesn't add sni.cloudflaressl.com to common-name/dns-name), would the redirection still have been without browser errors?
Totally our doing and not a hack of any kind. Team is writing this up and we'll blog about what went wrong.
Sorry about this error.