Better to hang onto it - you never know when you'll suddenly need 16 million IPv4 addresses for uh, car stuff.
zamadatix 118 days ago [-]
"Unused" isn't quite the right term here. "Misassigned if they were to design their network today" or something would be more apt.
I had a networking job where we had a /16 legacy assignment nearly completely used but only one /24 "in use" according to what you could see from the internet. We looked at how the space was worth about a million dollars at the time but found it was not really worth it to try to move off anyways. Unfortunately, a lot of the devices smattered across that space were embedded devices where we had to pay bespoke vendors to come change the IP assignments or devices with IPs statically coded into home grown applications and every other sort of nightmare you could imagine. It'd have taken many bodies for a year + the associated costs + any of the operational fallout. At the following job we had roughly the same number of employees as Ford and our 10/8 was very tight as a unified network.
I'm not saying it would be as hard for Ford to try to find sub-blocks worth selling off or anything, just highlighting that waaaaay more of that IP space is being used than it seems from that picture and they likely do have a lot similar piece of shit equipment/sensors/building control and whatnot as well.
yusyusyus 118 days ago [-]
wifi handing out public IPs? :)
zamadatix 117 days ago [-]
100%! I dearly missed how simple it was to correlate security & issue event tracing (even for guest users!) without NAT/PAT at the following job, what a treat that was.
Right as I was on the way out they finally started using 10/8 after merging with another large org that had a lot of branches (and a "normal" amount of public IPs for their size :)).
neom 118 days ago [-]
I really like how detailed the Government Directed Internet Outages are, when I saw that I wondered if that means the whole country was taken offline, or it's heavily filtered, or some regions within the countries are blocked or what, but if you click in a little, and use the timeline on the bottom, they give some interesting context. Cool.
timanderson 117 days ago [-]
The PaaS section seems odd to me too. AWS 63% followed by Vercel 7.9%. But Vercel runs on AWS I believe. Azure just 4.6% and no showing for GCP at all.
tigranbs 118 days ago [-]
Wow, the internet has grown 19%, which is surprising that it is still growing at that rate over the year.
esseph 118 days ago [-]
2.2 billion people without internet, and far more without "broadband".
Keep in mind that electrification isn't everywhere, either.
Havoc 118 days ago [-]
Cool that they publish reasonably detailed info! Couple points that stood out to me
* Perplexity beating Gemini for volume?
* Globo #1 in news...never heard of it (Latin Am. news)
* Only 4.2% http is from bots? Seems low relative to people's complaints about it on blogs
* >50% post quantum encrypted (of TLS1.3 I think, not overall)
chrisweekly 118 days ago [-]
4.2% for bots? Wat. No way.
In 2012 it was easily 50%. In the era of GenAI scraping it's surely only gone up.
ksec 118 days ago [-]
>* Globo #1 in news...never heard of it (Latin Am. news)
I was surprised as well. And then Snapchat ( is that still a thing ? ) is higher than X ?
Shopee larger than Temu?
I assume a lot of these are Cloudflare customer's specific, or 1.1.1.1 DNS user specific.
esseph 118 days ago [-]
There's a particular narrow age range demo that did everything on Snapchat and still use it as their primary way to talk to friends and send messages without giving out a phone number.
X, people fled their long ago. Staggering amount of bot v not traffic.
esseph 117 days ago [-]
*there, oops!
vachina 118 days ago [-]
Actually the entire study should be titled “Usage trends of Cloudflare users”. The internet is not Cloudflare.
RandyOrion 116 days ago [-]
The outage happened in Aug 19th-20th, China is directly linked to the misconfiguration of GFW. It's government directed, not so-called "technical problem".
Claude is coming up in 6th or 7th place and below in most countries including US, but in 2nd place in the world, how is it possible, what am i missing.
rootsu 118 days ago [-]
The data gathering method is 1.1.1.1 Cloudflare DNS resolver. It won't have the information about people who use any other DNS.
Jayakumark 117 days ago [-]
No i meant when you change country on top of cloudflare report, it comes up like 6th and 7th for most of countries i selected, but it comes to 2nd place suddenly when you select world.
vachina 118 days ago [-]
Yeah, a more meaningful study next would be the market share of DNS resolvers.
Not every metric published here can be used, because the observers are from the PoV of Cloudflare and cloudflare alone.
117 days ago [-]
timanderson 117 days ago [-]
Seems odd that C# does not figure in the top 10 programming languages, yet ASP.Net is the 4th most popular web framework with 10% share?
DoctorOW 117 days ago [-]
Even when it identifies the specific project, it doesn't know C#. I took some scans of some notable CMS websites (so the programming language is provably correct).
Yeah, it doesn't detect C# for some reason and for some of our own sites, it even failed to detect that those were built with .NET (as we intended;)).
DoctorOW 117 days ago [-]
> it even failed to detect that those were built with .NET (as we intended;)
Yeah, I'm pretty embarrassed to like a Microsoft product too.
nic547 117 days ago [-]
ASP.NET could mean a bunch of programming languages and I'm assuming that a ASP.NET Server doesn't disclose that.
It's probably safe to guess mostly C#, but that requires a different metric.
qingcharles 117 days ago [-]
'Tis true. I used to know an absolute ton of big sites that were written in 100% VB.NET ASP.NET. I'd still be writing all my backend in VB.NET if it wasn't a second tier .Net language these days.
mrsmrtss 117 days ago [-]
The 10% share for ASP.NET among the top 5,000 domains shows that .NET (and therefore also C#) is a very serious player in building web apps and APIs and for good reason. .NET is a solid, fast, secure, and mature technology, and it's only getting better. All other significant frameworks were JS based, which is no surprise to anyone, as a lot of modern sites are built as SPAs.
skatanski 117 days ago [-]
Are they using headers for identification? If so, it could be skewed by orgs masking some/all. I’m quite curious myself.
Love the 99.8% malicious traffic on .christmas. I guess literally no one has registered a legitimate .christmas domain.
vachina 118 days ago [-]
Likely because it is not on any client side blocklist (yet). Do not underestimate the power of Google Safe Browsing.
rldjbpin 117 days ago [-]
this is a goldmine of insights, albeit with the platform bias.
i am not even through the entire report but already spotted some dark horses running the web without much fanfare.
reisse 118 days ago [-]
Hah, AS16509 beats every other AS in bot traffic by a huge margin. I wonder if at least half of it is due to the major crypto exchanges hosted in AWS Tokyo behind Cloudflare.
embedding-shape 118 days ago [-]
Who cares, as long as the numbers go up, other numbers go up to, and everyone stays happy-ish.
nosequel 118 days ago [-]
Bold of them to not open with their 5-9's uptime.
89.9999%
118 days ago [-]
bflesch 117 days ago [-]
unfortunately the website is super laggy
nirui 118 days ago [-]
It is quite surprising that over half of the traffic hitting Cloudflare are still from desktop clients. Based on my observation, most normies are mobile-only users now. Maybe it's user demographic?
Established markets are more desktop heavy, and newer markets are more mobile heavy. Maybe an interesting info to watch out for if you're an app dev.
Also,
> Internet Outages... 174 major Internet disruptions observed globally
So uh... no percentage of impact for each event? ;-)
mmooss 118 days ago [-]
At work people mostly use desktops/laptops, IME.
36890752189743 118 days ago [-]
Verify you are human before you connect to my client, Cloudflare.
xnx 118 days ago [-]
No uptime % chart?
ramon156 118 days ago [-]
How else will you sell the 99.99%?
jesprenj 118 days ago [-]
vibecoded page? click the panel 3/5 and then panel 4/5. cell about .christmas tld persists. click on tile 5/5. three cells persist.
embedding-shape 118 days ago [-]
Human make mistakes and write buggy websites sometimes too, I've even done it myself once or twice.
wowthatsucks 118 days ago [-]
I noticed that too.
There's no option to disable the transition too (not even when hovering the tabs, which is very common). At first I liked how they used a grid and transitioned every cell - it's very info dense - but without being able to pause it becomes useless.
I had to keep clicking and waiting for the animation to end to keep reading.
There is no way that go is beating python for api client language popularity. Are they just measuring the fact that net/http has a default user agent?
mattacular 118 days ago [-]
They can detect golang pretty reliably by fingerprinting the requests they handle (ie. TLS handshake) unless the app developer has taken some explicit measures to counter it.
117 days ago [-]
Rendered at 19:36:07 GMT+0000 (UTC) with Wasmer Edge.
Better to hang onto it - you never know when you'll suddenly need 16 million IPv4 addresses for uh, car stuff.
I had a networking job where we had a /16 legacy assignment nearly completely used but only one /24 "in use" according to what you could see from the internet. We looked at how the space was worth about a million dollars at the time but found it was not really worth it to try to move off anyways. Unfortunately, a lot of the devices smattered across that space were embedded devices where we had to pay bespoke vendors to come change the IP assignments or devices with IPs statically coded into home grown applications and every other sort of nightmare you could imagine. It'd have taken many bodies for a year + the associated costs + any of the operational fallout. At the following job we had roughly the same number of employees as Ford and our 10/8 was very tight as a unified network.
I'm not saying it would be as hard for Ford to try to find sub-blocks worth selling off or anything, just highlighting that waaaaay more of that IP space is being used than it seems from that picture and they likely do have a lot similar piece of shit equipment/sensors/building control and whatnot as well.
Right as I was on the way out they finally started using 10/8 after merging with another large org that had a lot of branches (and a "normal" amount of public IPs for their size :)).
Keep in mind that electrification isn't everywhere, either.
* Perplexity beating Gemini for volume?
* Globo #1 in news...never heard of it (Latin Am. news)
* Only 4.2% http is from bots? Seems low relative to people's complaints about it on blogs
* >50% post quantum encrypted (of TLS1.3 I think, not overall)
I was surprised as well. And then Snapchat ( is that still a thing ? ) is higher than X ?
Shopee larger than Temu?
I assume a lot of these are Cloudflare customer's specific, or 1.1.1.1 DNS user specific.
X, people fled their long ago. Staggering amount of bot v not traffic.
See https://gfw.report/blog/gfw_unconditional_rst_20250820/en/
Not every metric published here can be used, because the observers are from the PoV of Cloudflare and cloudflare alone.
WordPress.org (PHP, correctly identified language and framework): https://radar.cloudflare.com/scan/88fcab24-5e27-4c77-8ace-94...
Orchard Core (C#, Modern .Net, correctly identified framework): https://radar.cloudflare.com/scan/88adbf69-c010-4074-a80f-03...
DotNetNuke (C#, .Net Framework, correctly identified framework): https://radar.cloudflare.com/scan/7889b8b9-4fed-43b6-8506-49...
Yeah, I'm pretty embarrassed to like a Microsoft product too.
i am not even through the entire report but already spotted some dark horses running the web without much fanfare.
89.9999%
Established markets are more desktop heavy, and newer markets are more mobile heavy. Maybe an interesting info to watch out for if you're an app dev.
Also,
> Internet Outages... 174 major Internet disruptions observed globally
So uh... no percentage of impact for each event? ;-)
There's no option to disable the transition too (not even when hovering the tabs, which is very common). At first I liked how they used a grid and transitioned every cell - it's very info dense - but without being able to pause it becomes useless.
I had to keep clicking and waiting for the animation to end to keep reading.
Design: 4/5 Usability: 1/5
There is no way that go is beating python for api client language popularity. Are they just measuring the fact that net/http has a default user agent?