Cloudflare
Cloudflare is the most widely deployed CDN, WAF and DDoS-mitigation network on the public web, proxying a large share of all HTTP traffic. Because it terminates connections at the edge, a scan of a Cloudflare-fronted site often captures a Cloudflare challenge, CAPTCHA or block page rather than the origin’s real content.
For security analysis that edge layer cuts both ways. It hides the origin IP and shields sites from many automated tools, but it is also heavily abused: phishing kits and malware landing pages routinely sit behind Cloudflare to dodge takedowns and crawlers. Treat the presence of Cloudflare as a routing fact, not a safety signal — the verdict comes from what the page actually does.
Commonly deployed alongside Cloudflare
Of the 78,223 public scans where Cloudflare was detected, these are the technologies most often present on the same site. The share is the percentage of Cloudflare sites that also ran each one.
| Technology | Category | Share of Cloudflare sites |
|---|---|---|
| Cloudflare Bot Management | wappalyzer | 83.67% |
| HTTP/3 | wappalyzer | 63.71% |
| Open-Graph-Protocol | miscellaneous | 32.53% |
| HSTS | wappalyzer | 31.92% |
| X-UA-Compatible | miscellaneous | 28.88% |
| jQuery | wappalyzer | 26.99% |
| Google Analytics | wappalyzer | 23.47% |
| JQuery | miscellaneous | 22.95% |
| PHP | wappalyzer | 18.84% |
| MetaGenerator | miscellaneous | 17.41% |
| WordPress | cms | 17% |
| MySQL | wappalyzer | 16.84% |
| Google Tag Manager | wappalyzer | 16.46% |
| cdnjs | wappalyzer | 15.28% |
How ScanMalware detects Cloudflare
Cloudflare is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Cloudflare is present, but how it is being used. Open the full search interface for Cloudflare →
Recent public scans featuring Cloudflare
A rolling sample of recent public scans where Cloudflare was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| David James Elliott Wedding: What Fans Should Know About the Actor’s Private Ceremony https://langkahwavestories-dp7i6dvoz1z0.edgeone.app/david-james-elliott-wedding.html | 2026-06-15 |
| Daniel Noboa: Ecuador's Youngest President Driving Economic Reform and Security https://diplomaticwatch.com/daniel-noboa-ecuadors-youngest-president-driving-economic-refo… | 2026-06-15 |
| Daniel Noboa elected president of Ecuador https://www.xalqqazeti.az/en/dunya/221610-daniel-noboa-elected-president-of-ecuador | 2026-06-15 |
| Suche – Microsoft Bing https://shibboleth.idm.home.nyu.edu/president-of-ecuador | 2026-06-15 |
| Updated UFC Rankings in 2025 by Martial Nerd https://www.martialnerd.com/ufc-rankings | 2026-06-15 |
| UFC Fighters Rankings | Official Fighter Standings | FightPulse https://www.fightpulse.net/rankings | 2026-06-15 |
| Attend 11-13 Cavendish Square, London W1G 0AN: A Practical Guide for Value‑Focused Buyers https://cestastiquinhositus-dp9g5yloanru.edgeone.app/attend-11-13-cavendish-square-london-… | 2026-06-15 |
| 502 Bad Gateway http://www.bundesarchiv.ch | 2026-06-15 |
Frequently asked questions about Cloudflare
- Does using Cloudflare mean a website is unsafe?
- No. Cloudflare is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Cloudflare can be perfectly safe or actively malicious.
- How many sites using Cloudflare has ScanMalware scanned?
- Cloudflare has been detected in 78,223 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Cloudflare?
- Across scanned sites, Cloudflare is most often seen alongside Cloudflare Bot Management, HTTP/3 and Open-Graph-Protocol. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.