|/domain/cloudflare_?.txt||Split files (base domain)|
|ex_cloudflare_users.md||Domains which used Cloudflare in the past, not anymore|
|cloudflare_supporter.txt||who is using Cloudflare or endorsing Cloudflare. (URL only)|
|cloudflare_CIDR_v4.txt||IPv4 CIDR owned by Cloudflare|
|cloudflare_CIDR_v6.txt||IPv6 CIDR owned by Cloudflare|
|cloudflare_range_v4.txt||IPv4 range owned by Cloudflare|
|cloudflare_owned_ASN.txt||AS network owned by Cloudflare|
|cloudflare_owned_NS.txt||Name Server owned by Cloudflare|
|cloudflare_owned_domains.txt||Domains owned by Cloudflare|
|cloudflare_owned_onions.txt||Tor .onions owned by Cloudflare|
|cloudflare_members.md||Cloudflare employer, employee, ex-employee|
How to detect Cloudflare?
There are many ways to detect it:
emsisoft.com. 21599 IN NS bella.ns.cloudflare.com. emsisoft.com. 21599 IN NS dom.ns.cloudflare.com.
dev.qubes-os.org. 299 IN A 126.96.36.199 ASN AS13335 Cloudflare, Inc. Organization Cloudflare, Inc. Route 188.8.131.52/20
IMPORTANT: Please add only "Base Domain" if "community.example.com" is using Cloudflare add "example.com" if "www.example.co.uk" is using Cloudflare add "example.co.uk" if "example.net" is using Cloudflare add "example.net" ... to /split/cloudflare_e.txt
But the website X no longer using Cloudflare!
Are you sure? Remove it from /split/ list and add to "ex_cloudflare_users.md".
|/cidr_data/?.txt||CIDR, ASN, NS|
CDN_Code Z1 Amazon Z2 Akamai //Z3 Cloudflare Z4 Imperva Z5 Google Z6 Microsoft Z7 INAP Z8 Sucuri Z9 Fastly
Some websites combine other companies (e.g. Amazon AWS, Google Cloud, DDoS-GUARD) with the Cloudflare business model.
|/fqdn/attd.txt||Block Tor access Split files, Everything (FQDN)|
|hostility.md||Does NOT block Tor access Domain and Comment|
Some famous mail subscription service and some ISP websites are displaying "Maintenance" page if you visit them over Tor.
How can you trust their sites if they are not treating everyone equally?
About "Anti-Tor FQDN list" (attd*.txt) www.example.com ---> www.example.com denied/bullied Tor visitor. ?.akamaiedge.net ---> subdomain of akamaiedge.net is denied Tor user. * unique hostname will be masked as "?" for privacy reason senate.gov ---> base domain denied/harassed/challenged human who're using Tor.
If your website is on this list, you better talk with your network administrator.
But my website X no longer blocking Tor users!
Are you sure? There are two ways to remove yourself. First option is just remove it from the list and create a pull request. Second option is wait 1 year. Our system will revisit your website as a Tor user.
If you're not blocking Tor users, you will be removed automatically.
A or B will be enough. Thank you for your contribution.
Type A: Push to git
Type B: Just scan the FQDN
curl -x socks5h://127.0.0.1:9050 -k --http2 (API URL)is_antitor.php?f=www.cloudflare.com
Public API Details ℹ
Your contribution will be pushed to git automatically within a week.
This procedure will give you a stop_cloudflare fork with a privacy-respecting configuration to do pushes with SSH over Tor using
Below procedure is designed for Linux.
The first step covers Windows too, but these instructions probably
need more adaptations for Windows and other platforms.
aptitude install git tor ssh
PortableGitfrom Github & run
git.fuwafuwa.moeaccount (username "snowden" will be used for this example)
$ ssh-keygen -t rsa -N '' -C 'snowden at git' -f "$HOME"/.ssh/id_rsa_mrsnowden
host git.fuwafuwa.moe hostname git.fuwafuwa.moe ForwardX11 no ProxyCommand connect -4 -S 127.0.0.1:9050 $(tor-resolve %h 127.0.0.1:9050) %p host mrsnowden IdentityFile /home/user/.ssh/id_rsa_mrsnowden
git clone git@mrsnowden:you/stop_cloudflare.git
$project_root/stop_cloudflare/.git/configto include the account name and email address that will be on every commit, as well as the URL:
[user] email = email@example.com name = snowden [remote "origin"] url = git@mrsnowden:snowden/stop_cloudflare.git fetch = +refs/heads/*:refs/remotes/origin/* [remote "upstream"] url = git@mrsnowden:you/stop_cloudflare.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
git add . -u -n
$ git add . -u
git commit -m 'description of first change'
git push origin master
Whenever git operates on the stop_cloudflare project, all connections
to git are automatically over Tor with this configuration
.git/config references the virtual host
It is possible to edit any files on this repository using shared editor. If you wish to collaborate anonymously, contact and show us how much activism you have done. You'll need a computer (smartphone not possible)
Our mission is clear -
stay away from Cloudflare.
subdomain.example.com is cloudflared, we add
example.com to the database. (
subdomain.example.com is the sub-domain of
the owner of
example.com can create sub-domain)
whatever.example.com is not behind cloudflare we will raise a warning, because the base domain
The owner of
example.com can enable Cloudflare to
whatever.example.com at any time without user's notice. It can be done from
dash.cloudflare.com webpage or hitting
The owner is supporting
Cloudflare and this is severe
the owner completely stop using Cloudflare service for
example.com, we do not remove
example.com from the database.
"amazonpayments.com" $ getweb --headonly https://pages.amazonpayments.com/robots.txt cf-cache-status: HIT expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" alt-svc: h2="cflare******.onion:443"; ma=86400; persist=1 server: cloudflare cf-ray: XXXXXXXXXXX-YYY
the owner moved away from
cloudflare completely, you are welcome to add
example.com to the "ex_cloudflare_users.md" - after checking
example.com with online tool below.
Is MITM?" webpage.
gitlab.com and click
test for detailed scan.
If you got
--- Finish ---, the domain might stopped using Cloudflare.
We'll investigate and remove it if it is true.
You may prioritize your review request by contacting us if you are in a hurry.
Only a few Cloudflare user leave Cloudflare. False positive is uncommon.