Consumer Services Release Notes

Radar DNS insights

Radar now introduces Top-Level Domain (TLD) insights, providing visibility into popularity based on the DNS magnitude metric, detailed TLD information including its type, manager, DNSSEC support, RDAP support, and WHOIS data, and trends such as DNS query volume and geographic distribution observed by the 1.1.1.1 DNS resolver.

The following dimensions were added to the Radar DNS API

• tld: Top-level domain extracted from DNS queries; can also be used as a filter.
• tld_dns_magnitude: Top-level domain ranking by DNS magnitude.

The following endpoints were added

• /tlds - Lists all TLDs.
• /tlds/{tld} - Retrieves information about a specific TLD.

Learn more about the new Radar DNS insights in our blog post, and check out the new Radar page.

CT Log Insights Update

Radar has expanded its Certificate Transparency (CT) log insights with new stats that provide greater visibility into log activity:

• Log growth rate: The average throughput of the CT log over the past 7 days, measured in certificates per hour.
• Included certificate count: The total number of certificates already included in this CT log.
• Eligible-for-inclusion certificate count: The number of certificates eligible for inclusion in this log but not yet included. This metric is based on certificates signed by trusted root CAs within the log's accepted date range.
• Last update: The timestamp of the most recent update to the CT log.

These new statistics have been added to the response of the Get Certificate Log Details API endpoint, and are displayed on the CT log information page.

Regional Data

Radar now introduces Regional Data, providing traffic insights that bring a more localized perspective to the traffic trends shown on Radar.

The following API endpoints are now available:

• Get Geolocation - Retrieves geolocation by geoId.
• List Geolocations - Lists geolocations.
• NetFlows Summary By Dimension - Retrieves NetFlows summary by dimension.
  All summary and timeseries_groups endpoints in HTTP and NetFlows now include an adm1 dimension for grouping data by first level administrative division (for example, state, province, etc.)
  A new filter geoId was also added to all endpoints in HTTP and NetFlows, allowing filtering by a specific administrative division.
  Check out the new Regional traffic insights on a country specific traffic page new Radar page.

Radar: Certificate Transparency (CT) insights

Radar now introduces Certificate Transparency (CT) insights, providing visibility into certificate issuance trends based on Certificate Transparency logs currently monitored by Cloudflare.

The following API endpoints are now available:

• /ct/timeseries: Retrieves certificate issuance time series.
• /ct/summary/{dimension}: Retrieves certificate distribution by dimension.
• /ct/timeseries_groups/{dimension}: Retrieves time series of certificate distribution by dimension.
• /ct/authorities: Lists certification authorities.
• /ct/authorities/{ca_slug}: Retrieves details about a Certification Authority (CA). CA information is derived from the Common CA Database (CCADB).
• /ct/logs: Lists CT logs.
• /ct/logs/{log_slug}: Retrieves details about a CT log. CT log information is derived from the Google Chrome log list.

For the summary and timeseries_groups endpoints, the following dimensions are available (and also usable as filters):

• ca: Certification Authority (certificate issuer)
• ca_owner: Certification Authority Owner
• duration: Certificate validity duration (between NotBefore and NotAfter dates)
• entry_type: Entry type (certificate vs. pre-certificate)
• expiration_status: Expiration status (valid vs. expired)
• has_ips: Presence of IP addresses in certificate Subject Alternative Names (SANs)
• has_wildcards: Presence of wildcard DNS names in certificate SANs
• log: CT log name
• log_api: CT log API (RFC6962 vs. Static)
• log_operator: CT log operator
• public_key_algorithm: Public key algorithm of certificate's key
• signature_algorithm: Signature algorithm used by CA to sign certificate
• tld: Top-level domain for DNS names found in certificates SANs
• validation_level: Validation level

Check out the new Certificate Transparency insights in the new Radar page.

Cloudflare Registrar now supports .ai and .shop domains. These are two of our most highly-requested top-level domains (TLDs) and are great additions to the 300+ other TLDs we support.

Starting today, customers can:

• Register and renew these domains at cost without any markups or add-on fees
• Enjoy best-in-class security and performance with native integrations with Cloudflare DNS, CDN, and SSL services like one-click DNSSEC
• Combat domain hijacking with Custom Domain Protection (available on enterprise plans)

We can't wait to see what AI and e-commerce projects you deploy on Cloudflare. To get started, transfer your domains to Cloudflare or search for new ones to register.