Website is using Cloudflare
- Cloudflare users | List Directory
|/domain/cloudflare_?.txt||Split files (base domain)|
|ex_cloudflare_users.txt||Domains which used Cloudflare in the past, not anymore|
|cloudflare_supporter.txt||who is using Cloudflare or endorsing Cloudflare. (URL only)|
- Cloudflare Corporation | List Directory
|cloudflare_CIDR_v4.txt||IPv4 CIDR owned by Cloudflare|
|cloudflare_CIDR_v6.txt||IPv6 CIDR owned by Cloudflare|
|cloudflare_range_v4.txt||IPv4 range owned by Cloudflare|
|cloudflare_owned_ASN.txt||AS network owned by Cloudflare|
|cloudflare_owned_NS.txt||Name Server owned by Cloudflare|
|cloudflare_owned_domains.txt||Domains owned by Cloudflare|
|cloudflare_owned_onions.txt||Tor .onions owned by Cloudflare|
|cloudflare_members.txt||Cloudflare employer & employee|
How to detect Cloudflare?
There are many ways to detect it:
- Add-on "Bloku Cloudflaron MITM-Atakon" will help your Cloudflare collection.
- Add-on "Ĉu ligoj estas vundeblaj al MITM-atako?" will tell you which link is Cloudflared.
- Visit a website via Tor or VPN, and you will be greeted by "Attention Required! Cloudflare" webpage.
- Use "Is MITM?" webpage. Clearnet / Tor
- Dig "NS record" of the domain.
emsisoft.com. 21599 IN NS bella.ns.cloudflare.com. emsisoft.com. 21599 IN NS dom.ns.cloudflare.com.
dev.qubes-os.org. 299 IN A 184.108.40.206 ASN AS13335 Cloudflare, Inc. Organization Cloudflare, Inc. Route 220.127.116.11/20
IMPORTANT: Please add only "Base Domain" if "community.example.com" is using Cloudflare add "example.com" if "www.example.co.uk" is using Cloudflare add "example.co.uk" if "example.net" is using Cloudflare add "example.net" ... to /split/cloudflare_e.txt
But the website X no longer using Cloudflare!
Are you sure? Remove it from /split/ list and add to "ex_cloudflare_users.txt".
Website is NOT using Cloudflare
- Non-Cloudflare CDN users | List Directory
|/domain/(cdnName).txt||Split files (FQDN)|
- Add-on "Kiu retejo malakceptis min?" will help your domain collection.
- Above is how Siteground-hosted(INAP;Singlehop) sites often appear to Tor visitors when timeouts/tarpitting doesn't occur.
About "CDN FQDN list" www.example.com ---> www.example.com is using CDN. ?.akamaiedge.net ---> subdomain of akamaiedge.net is using CDN. * unique hostname will be masked as "?". senate.gov ---> base domain is using CDN.
Some websites use other companies with the CloudFlare business model.
This is a collection of websites that ban Tor exits, other than through Cloudflare(e.g. showing access denied pages, systematic timing out connections, ...).
Website is rejecting Tor visitor
- Anti-Tor users | List Directory
|/fqdn/anti_tor_fqdn.txt||Split files (FQDN)|
- Add-on "Kiu retejo malakceptis min?" will help your domain collection.
- Add-on "Ĉu ĉi tiuj ligoj blokos Tor-uzanton?" will tell you which link rejected Tor visitor.
- Some news websites are lying to Tor users. You can read their website if you are not using Tor nor VPN. If you visit their website over Tor, they just say "Sorry, article not found". How can you trust their news if they are not treating everyone equally?
About "Anti-Tor FQDN list" www.example.com ---> www.example.com denied/bullied Tor visitor. ?.akamaiedge.net ---> subdomain of akamaiedge.net is denied Tor user. * unique hostname will be masked as "?". senate.gov ---> base domain denied/harassed/challenged human who're using Tor.
If your website is on this list, you better talk with your network administrator.
But the website X no longer blocking Tor users!
Are you sure? There are two ways to remove yourself. First option is just remove it from the list and create a pull request. Second option is wait 1 year. We will revisit your website as a Tor user. If you're not blocking us, you will be removed.
If your website is using Cloudflare, there's a higher chance that we receive rejection webpage. Do not use cloudflare.
How to add your data
A or B will be enough. Thank you for your contribution.
- Type A: Push to OpenPrivacy
- Log in to OpenPrivacy.
- Click "Fork" button. (top-left corner)
- Edit text file.
- Click Double-arrow button to create a new pull request.
- Type B: Just scan the FQDN
- [Cloudflare/CDN] Scan FQDN on "Is MITM?" webpage. (or just use "MITM test" API, "Detect CDN" API)
[Anti-TOR] Just use "Is it blocking Tor?" API.
- It will be pushed to OpenPrivacy automatically within a week.
How to setup git
This procedure will give you a stop_cloudflare fork with a privacy-respecting configuration to do pushes with SSH over Tor using git.openprivacy.ca("CDB"). This procedure is designed for linux. The first step covers Windows too, but these instructions probably need more adaptations for Windows and other platforms.
aptitude install git tor ssh
- Windows: Download
- install Git, SSH(Not Windows), and Tor (if you haven't already)
- create a
git.openprivacy.caaccount (username "snowden" will be used for this example)
- create an SSH key pair
$ ssh-keygen -t rsa -N '' -C 'snowden at codeberg' -f "$HOME"/.ssh/id_rsa_codeberg-snowden
host git.openprivacy.ca hostname git.openprivacy.ca ForwardX11 no ProxyCommand connect -4 -S 127.0.0.1:9050 $(tor-resolve %h 127.0.0.1:9050) %p host codeberg-snowden IdentityFile /home/user/.ssh/id_rsa_codeberg-snowden
- codeberg.org > settings > SSH/GPG Keys > add key (paste from clipboard)
- fork it (top right corner)
- go to the directory you want the project to be rooted in (hereafter we'll call it
- anonymously download your fork: $
git clone git@codeberg-snowden:crimeflare/cloudflare-tor.git
$project_root/cloudflare-tor/.git/configto include the account name and email address that will be on every commit, as well as the URL:
[user] email = BM-yadayadayada6fgnLfybVnCcWf25AGZcgg@bitmessage.ch name = snowden [remote "origin"] url = git@codeberg-snowden:snowden/cloudflare-tor.git fetch = +refs/heads/*:refs/remotes/origin/* [remote "upstream"] url = git@codeberg-snowden:crimeflare/cloudflare-tor.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
- make your first change
git add . -u -n
- check that the files listed are what you changed and intend to push upstream
- if yes:
$ git add . -u
git commit -m 'description of first change'
git push origin master
- make a new pull request
Whenever git operates on the cloudflare-tor project, all connections
to codeberg are automatically over Tor with this configuration
.git/config references the virtual host
About Cloudflare base domain list
Our mission is clear -
stay away from Cloudflare.
subdomain.example.com is cloudflared, we add
example.com to the database. (
subdomain.example.com is the sub-domain of
the owner of
example.com can create sub-domain)
whatever.example.com is not behind cloudflare we will raise a warning, because the base domain
The owner of
example.com can enable Cloudflare to
whatever.example.com at any time without user's notice. It can be done from
dash.cloudflare.com webpage or hitting
The owner is supporting
Cloudflare and this is severe
the owner completely stop using Cloudflare service for
example.com, we do not remove
example.com from the database.
"Amazon.com" $ getweb --headonly https://pages.payments.amazon.com/robots.txt cf-cache-status: HIT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" alt-svc: h2="cflare******.onion:443"; ma=86400; persist=1 server: cloudflare cf-ray: XXXXXXXXXXX-YYY
the owner moved away from
cloudflare completely, you are welcome to add
example.com to the "ex_cloudflare_users.txt" - after checking
example.com with online tool below.
Open "Is MITM?" webpage.
testofor detailed scan.
If you got
---Finish---, the domain might stopped using Cloudflare. We'll investigate and remove it - or not. (wait some days and scan again to see whether the domain is removed)
Only a few Cloudflare user leave Cloudflare. False positive is uncommon.