Analytics Release Notes

Routing

Radar now features an expanded Routing section with dedicated sub-pages, providing a more organized and in-depth view of the global routing ecosystem. This restructuring lays the groundwork for additional routing features and widgets coming in the near future.

The single Routing page has been split into three focused sub-pages:

• Overview — Routing statistics, IP address space trends, BGP announcements, and the new Top 100 ASes ranking.
• RPKI — RPKI validation status, ASPA deployment trends, and per-ASN ASPA provider details.
• Anomalies — BGP route leaks, origin hijacks, and Multi-Origin AS (MOAS) conflicts.

The routing overview now includes a Top 100 ASes table ranking autonomous systems by customer cone size, IPv4 address space, or IPv6 address space. Users can switch between rankings using a segmented control.

The RPKI sub-page introduces a RPKI validation view for per-ASN pages, showing prefixes grouped by RPKI validation status (Valid, Invalid, Unknown) with visibility scores.

The IP address space chart now displays both IPv4 and IPv6 trends stacked vertically and is available on global, country, and AS views.

Check out the Radar routing section to explore the data, and stay tuned for more routing insights coming soon.

Radar ships several improvements to the URL Scanner that make scan reports more informative and easier to share:

• Live screenshots — the summary card now includes an option to capture a live screenshot of the scanned URL on demand using the Browser Rendering API.
• Save as PDF — a new button generates a print-optimized document aggregating all tab contents (Summary, Security, Network, Behavior, and Indicators) into a single file.
• Download as JSON — raw scan data is available as a JSON download for programmatic use.
• Redesigned summary layout — page information and security details are now displayed side by side with the screenshot, with a layout that adapts to narrower viewports.
• File downloads — downloads are separated into a dedicated card with expandable rows showing each file's source URL and SHA256 hash.
• Detailed IP address data — the Network tab now includes additional detail per IP address observed during the scan.

Explore these improvements on the Cloudflare Radar URL Scanner.

Logpush now supports higher-precision timestamp formats for log output. You can configure jobs to output timestamps at millisecond or nanosecond precision. This is available in both the Logpush UI in the Cloudflare dashboard and the Logpush API.

To use the new formats, set timestamp_format in your Logpush job's output_options:

• rfc3339ms — 2024-02-17T23:52:01.123Z
• rfc3339ns — 2024-02-17T23:52:01.123456789Z

Default timestamp formats apply unless explicitly set. The dashboard defaults to rfc3339 and the API defaults to unixnano.

For more information, refer to the Log output options documentation.

We are introducing

Logo Match Preview, bringing the same pre-save visibility to visual assets that was previously only available for string-based queries. This update allows you to fine-tune your brand detection strategy before committing to a live monitor.

What’s new:

• Upload your brand logo and immediately see a sample of potential matches from recently detected sites before finalizing the query
• Adjust your similarity score (from 75% to 100%) and watch the results refresh in real-time to find the balance between broad detection and noise reduction
• Review the specific logos triggered by your current settings to ensure your query is capturing the right level of brand infringement

If you are ready to test your brand assets, go to the
Brand Protection dashboard ↗
to try the new preview tool.

New dataset

• MCP Portal Logs: A new dataset with fields including ClientCountry, ClientIP, ColoCode, Datetime, Error, Method, PortalAUD, PortalID, PromptGetName, ResourceReadURI, ServerAUD, ServerID, ServerResponseDurationMs, ServerURL, SessionID, Success, ToolCallName, UserEmail, and UserID.

New fields in existing datasets

• DEX Application Tests: HTTPRedirectEndMs, HTTPRedirectStartMs, HTTPResponseBody, and HTTPResponseHeaders.
• DEX Device State Events: ExperimentalExtra.
• Firewall Events: FraudUserID.
• Gateway HTTP: AppControlInfo and ApplicationStatuses.
• Gateway DNS: InternalDNSDurationMs.
• HTTP Requests: FraudEmailRisk, FraudUserID, and PayPerCrawlStatus.
• Network Analytics Logs: DNSQueryName, DNSQueryType, and PFPCustomTag.
• WARP Toggle Changes: UserEmail.
• WARP Config Changes: UserEmail.
• Zero Trust Network Session Logs: SNI.

For the complete field definitions for each dataset, refer to Logpush datasets.

Cloudflare Workflows retry per-step

Cloudflare Workflows allows you to configure specific retry logic for each step in your workflow execution. Now, you can access which retry attempt is currently executing for calls to step.do() :

await
step.do("my-step", async (ctx) => {
// ctx.attempt is 1 on first try, 2 on first retry, etc.
console.log(`Attempt ${ctx.attempt}`)
}) ;

You can use the step context for improved logging & observability, progressive backoff, or conditional logic in your workflow definition.

Note that the current attempt number is 1-indexed. For more information on retry behavior, refer to Sleeping and Retrying.

Real-time transcription in RealtimeKit now supports 10 languages with regional variants

in RealtimeKit now supports 10 languages with regional variants, powered by
Deepgram Nova-3 running on
Workers AI .

During a meeting, participant audio is routed through
AI Gateway to Nova-3 on Workers AI — so transcription runs on Cloudflare's network end-to-end, reducing latency compared to routing through external speech-to-text services.

Set the language when
creating a meeting via
ai_config.transcription.language :

{
"ai_config" : {
"transcription" : {
"language" : "fr"
}
}
}

Supported languages include English, Spanish, French, German, Hindi, Russian, Portuguese, Japanese, Italian, and Dutch — with regional variants like
en-AU , en-GB , en-IN , en-NZ , es-419 , fr-CA , de-CH , pt-BR , and
pt-PT . Use
multi for automatic multilingual detection.

If you are building voice agents or real-time translation workflows, your agent can now transcribe in the caller's language natively — no extra services or routing logic needed.

• Transcription docs
• Nova-3 model page
• Workers AI
• AI Gateway

Region filtering

All location-aware pages now support filtering by region, including continents, geographic subregions (Middle East ↗, Eastern Asia ↗, , etc.), political regions (EU ↗, African Union ↗), and US Census regions/divisions (for example, New England ↗, US Northeast ↗).

Traffic volume by top autonomous systems and locations

A new traffic volume view shows the top autonomous systems and countries/territories for a given location. This is useful for quickly determining which network providers in a location may be experiencing connectivity issues, or how traffic is distributed across a region.

The new AS and location dimensions have also been added to the Data Explorer ↗ for the HTTP, DNS, and NetFlows datasets. Combined with other available filters, this provides a powerful tool for generating unique insights.

Finally, breadcrumb navigation is now available on most pages, allowing easier navigation between parent and related pages.

Check out these features on Cloudflare Radar ↗ .

REST API rate limits for Workers Paid plans

REST API rate limits for Workers Paid plans have been increased from 3 requests per second (180/min) to 10 requests per second (600/min). No action is needed to benefit from the higher limit.

The REST API lets you perform common browser tasks with a single API call, and you can now do it at a higher rate.

If you use the Workers Bindings method, increases to concurrent browser and new browser limits are coming soon. Stay tuned.

For full details, refer to the Browser Rendering limits page.