Cloudflare

Server-side fingerprint: the response header reveals the technology behind the page. Visible in DevTools → Network → response headers.

Server: ^cloudflare$

cf-cache-status:

cf-ray:

Cookies set by the platform. Visible in DevTools → Application → Cookies.

__cfduid

<meta> tag injected into the document. Visible by viewing the page source.

<meta name="image" content="//cdn\.cloudflare">

Window-level global the technology installs on page. Reproducible by typing the path into the DevTools console.

window.CloudFlare

A DOM selector that only this technology's pages render. Verified at runtime by the content script.

img[src*='//cdn.cloudflare']

How do I check if a website is using Cloudflare?

Open the page in Chrome, click the Sourcemap Explorer toolbar icon, and read the Stack tab. The popup matches Cloudflare's fingerprint signals (response headers, asset URL prefixes, runtime globals, sourcemap paths) and flags it whenever any combination is found. The same checks can be reproduced manually in DevTools — see the "How we detect" section above.

What Cloudflare version can Sourcemap Explorer detect?

Cloudflare ships as a hosted cdn rather than a bundled npm package, so version-specific detection isn't always possible. Where the platform leaks a version in response headers (`X-Powered-By`, `Server`, generator meta tags) we surface it; otherwise we report presence only.

Where can I read more about Cloudflare?

Official site: https://www.cloudflare.com. For Sourcemap Explorer's detection guide, see the deep-dive link below or the related guides in the cross-link section.