Something similar happened to me a few months ago with Cloudflare. I set up a new domain to use Cloudflare's nameservers but did not immediately get around to setting it up on the admin panel. By the time I wanted to add the domain, someone else had already grabbed it and set up some sort of spam page.
Took a few emails to Cloudflare support to resolve this one. They also didn't seem to care much about the security implications when I questioned them about it.
Took a few emails to Cloudflare support to resolve this one. They also didn't seem to care much about the security implications when I questioned them about it.
So this is far from a DO-specific issue...