How to Check If a Domain Uses Cloudflare (4 Methods)
Learn how to check if a website is using Cloudflare with DNS lookups, HTTP headers, IP range checks, and hosting checker tools. Detect Cloudflare in seconds.
Cloudflare is the most widely used CDN and web security platform on the internet, protecting and accelerating over 20% of all websites according to W3Techs. Whether you're troubleshooting connectivity issues, researching a competitor's tech stack, or identifying CDN usage before a migration, knowing how to check if a domain uses Cloudflare is a common and practical need. In our testing, we've checked thousands of domains and found that Cloudflare detection is reliable when you use the right combination of signals.
Quick Answer: The fastest way to check if a website uses Cloudflare is to run a DNS lookup on the domain and check the nameservers. If the NS records end in
.ns.cloudflare.com, the domain is on Cloudflare. You can also check for theCF-Rayandcf-cache-statusheaders in HTTP responses, or look up the domain's IP address to see if it falls within Cloudflare's published IP ranges.
Why Detect Cloudflare?
Before diving into methods, here are the most common reasons people want to detect Cloudflare on a website:
- Troubleshooting — Cloudflare's proxy can mask origin server issues, making debugging harder
- Security research — Understanding a site's protection layer helps assess its security posture
- Competitor analysis — Knowing which CDN competitors use informs your own infrastructure decisions
- Migration planning — If you're moving a domain, knowing it's on Cloudflare affects the DNS migration process
- Penetration testing — Authorized security testers need to identify CDN layers to properly scope their assessment
- Performance benchmarking — Comparing your site's CDN choice against industry peers
Method 1: DNS Nameserver Check (Most Reliable)
The most definitive way to determine if a domain uses Cloudflare is to check its NS (nameserver) records. When a domain is added to Cloudflare, it must point its nameservers to Cloudflare's DNS infrastructure.
How to check nameservers
Using our DNS lookup tool:
- Enter the domain name (e.g.,
example.com) - Look at the NS records in the results
- If the nameservers end in
.ns.cloudflare.com, the domain is using Cloudflare
Command line method
dig NS example.com +shortCloudflare output:
aria.ns.cloudflare.com.
john.ns.cloudflare.com.
Non-Cloudflare output:
ns1.digitalocean.com.
ns2.digitalocean.com.
Cloudflare nameserver patterns
Cloudflare assigns each domain a pair of nameservers with personal names:
aria.ns.cloudflare.com/john.ns.cloudflare.combeth.ns.cloudflare.com/greg.ns.cloudflare.comlisa.ns.cloudflare.com/mark.ns.cloudflare.com
The naming pattern is always {first-name}.ns.cloudflare.com. If you see this pattern, the domain is definitively on Cloudflare.
Limitations
Some Cloudflare enterprise customers use CNAME setup (partial proxy) where the domain keeps its original nameservers but CNAMEs specific subdomains through Cloudflare. In this case, the NS records won't reveal Cloudflare — you'll need to check HTTP headers or IP ranges instead.
For a deeper understanding of DNS records and what they mean, see our guide on how DNS works.
Method 2: HTTP Response Headers
When Cloudflare proxies a website, it adds several distinctive headers to every HTTP response. These headers are a reliable indicator even when the CNAME setup hides Cloudflare at the DNS level.
How to check headers
curl -sI https://example.com | grep -i "cf-\|cloudflare\|server"Cloudflare-specific headers
| Header | Example Value | What It Means |
|---|---|---|
CF-Ray | 8a1b2c3d4e5f-IAD | Unique request ID + data center IATA code. Definitive Cloudflare indicator. |
cf-cache-status | HIT, MISS, DYNAMIC | Whether the response was served from Cloudflare's cache |
Server | cloudflare | The Server header explicitly says "cloudflare" |
CF-Connecting-IP | (not visible to client) | Passes the visitor's real IP to the origin (server-side only) |
cf-apo-via | tcache | Indicates Cloudflare's Automatic Platform Optimization is active |
Nel | (JSON policy) | Network Error Logging — Cloudflare enables this by default |
The CF-Ray header is the most reliable indicator. When we run this against sites we know use Cloudflare's CNAME setup, the CF-Ray header catches them every time even when DNS nameservers don't reveal Cloudflare. It appears on every response proxied through Cloudflare and includes the three-letter IATA airport code of the edge server that handled the request (e.g., IAD for Washington Dulles, NRT for Tokyo Narita).
Example output
HTTP/2 200
server: cloudflare
cf-cache-status: DYNAMIC
cf-ray: 8a1b2c3d4e5f6-IAD
If you see server: cloudflare and a CF-Ray header, the site is using Cloudflare.
Method 3: IP Range Check
Cloudflare publishes its complete list of IP ranges at cloudflare.com/ips. If a domain's A record resolves to an IP within these ranges, the domain is proxied through Cloudflare.
How to check
- Resolve the domain's IP address:
dig +short example.com A- Compare against Cloudflare's IPv4 ranges:
173.245.48.0/20
103.21.244.0/22
103.22.200.0/22
103.31.4.0/22
104.16.0.0/13
104.24.0.0/14
108.162.192.0/18
131.0.72.0/22
141.101.64.0/18
162.158.0.0/15
172.64.0.0/13
190.93.240.0/20
188.114.96.0/20
If the resolved IP falls within any of these CIDR blocks, the domain is behind Cloudflare's proxy.
Quick check with our tool
Try it yourself
Check any website's hosting
Enter a domain or IP to see hosting provider, DNS records, and more.
Our hosting checker resolves the domain's IP address and identifies the hosting provider. If the IP belongs to Cloudflare's network, the results will indicate Cloudflare as the detected provider — along with DNS records, SSL certificate details, and server location.
Method 4: Browser Developer Tools
You can detect Cloudflare directly in your browser without any external tools.
Steps
- Open the website in Chrome, Firefox, or Edge
- Press
F12orCmd+Option+I(Mac) /Ctrl+Shift+I(Windows) - Go to the Network tab
- Reload the page
- Click the first request (the main HTML document)
- Check the Response Headers section
What to look for
Server: cloudflare— The most obvious indicatorCF-Ray— Present on every Cloudflare-proxied responsecf-cache-status— Shows caching behavior (HIT, MISS, DYNAMIC, BYPASS)
This method works for any website you can visit in a browser and requires no command line knowledge. From our experience, it's the method most people find easiest to start with.
Cloudflare Proxy vs DNS-Only Mode
An important distinction: a domain can use Cloudflare's DNS without using Cloudflare's proxy. Cloudflare offers two modes for each DNS record:
| Mode | DNS Record | HTTP Proxy | Headers | IP Address |
|---|---|---|---|---|
| Proxied (orange cloud) | Managed by Cloudflare | Active — traffic routes through Cloudflare | CF-Ray, Server: cloudflare present | Resolves to Cloudflare IP |
| DNS-only (grey cloud) | Managed by Cloudflare | Inactive — traffic goes directly to origin | No Cloudflare headers | Resolves to origin IP |
When a record is in DNS-only mode, the nameservers still show *.ns.cloudflare.com, but the IP resolves directly to the origin server and no Cloudflare headers appear. The domain technically uses Cloudflare for DNS but not for CDN or security features.
Why Websites Use Cloudflare
Understanding why a site uses Cloudflare provides context for your analysis:
- DDoS protection — Cloudflare absorbs volumetric attacks before they reach the origin server
- CDN performance — Static assets are cached on 330+ global edge servers, reducing latency
- SSL/TLS — Free universal SSL certificates and automatic HTTPS (check SSL status)
- Web Application Firewall (WAF) — Blocks common attack patterns (SQLi, XSS, etc.)
- Bot management — Detects and mitigates automated traffic
- DNS management — Fast, globally distributed authoritative DNS with a user-friendly dashboard
- Cost — The free tier includes CDN, basic DDoS protection, and SSL for unlimited bandwidth
According to BuiltWith, Cloudflare is used by over 6 million active websites, making it the most popular CDN/proxy service globally.
Frequently Asked Questions
Can I find the real IP address behind Cloudflare?
When a domain is proxied through Cloudflare, the DNS resolves to Cloudflare's IPs, hiding the origin server. Finding the real IP requires techniques like checking DNS history, querying mail server (MX) records, or looking for subdomains that bypass the proxy. However, Cloudflare explicitly discourages attempts to bypass their protection.
Does using Cloudflare mean a website is more secure?
Cloudflare adds significant security layers — DDoS protection, WAF, bot management, and SSL. However, it's one component of a security strategy, not a complete solution. The origin server, application code, and hosting configuration still need proper security practices.
Is Cloudflare the same as a hosting provider?
No. Cloudflare is a reverse proxy and CDN, not a hosting provider (though they offer Cloudflare Pages for static sites). The origin server is still hosted elsewhere — on providers like AWS, DigitalOcean, or traditional hosts. Cloudflare sits between visitors and the origin, caching content and filtering traffic. Learn more about how to find out who hosts a website.
What percentage of websites use Cloudflare?
According to W3Techs, Cloudflare is used by approximately 20% of all websites with a known CDN, making it the most widely adopted CDN and reverse proxy service. Its market share has grown steadily due to the generous free tier and comprehensive feature set.
Looking Ahead
Cloudflare's expanding product suite — including R2 storage, Workers for serverless compute, and D1 databases — is making detection more nuanced. A domain may use Cloudflare for compute and storage without proxying HTTP traffic through its CDN, meaning traditional header and IP checks won't catch every integration. Encrypted Client Hello (ECH) is also on the horizon, which will encrypt the SNI field in TLS handshakes and make it harder to determine which domain a connection targets behind Cloudflare's proxy.
Wrapping Up
Detecting Cloudflare on a domain takes seconds using any of the four methods above. DNS nameserver records are the most definitive indicator for full-setup domains, while HTTP response headers (especially CF-Ray) catch both full and CNAME setups. For a quick check without any tools, browser developer tools work perfectly.
Enter any domain into our hosting checker to instantly see whether a site uses Cloudflare — along with complete DNS records, IP geolocation, SSL certificate details, and hosting provider information.
Related Articles
Written by
Piotr KulpinskiFounder of Hosting Checker and a web developer with over a decade of experience in DNS, hosting infrastructure, and domain management. Piotr builds tools that help developers and site owners understand their web stack.