Might be worth checking your ssl urls.
We have a .eu domain on a shared hosting server and have nothing on it at the moment except a html idex page and it works fine.
We are using cloudflare but if you type https we get a site selling software securities. ssl is not configured on the server for that domain so how come someone can hijack the domain.
Could it be an issue with cloudflare