Skip to content

rqzbeh/cf-domain-ip

BranchesTags

Repository files navigation

cf-domain-ip

Automated Cloudflare IP and domain intelligence updates. Update Cloudflare IP and domain intelligence

Usage

python3 check_domains.py --domains domain.txt --allowlist ip.txt

Optional flags:

  • --accepted-only — print only accepted domains.
  • --json — output results as JSON.
  • --workers N — number of concurrent worker threads for domain resolution (default: 20).
  • --accepted-output PATH — write accepted domains to a separate file (does not modify domain.txt).

What this repository tracks

  • ip.txt: current merged Cloudflare IPv4 CIDRs used as allowlist input.
  • manual_ipv4.txt: operator-pinned IPv4 addresses/CIDRs always retained in ip.txt by automation.
  • domain.txt: curated input domain list (read-only by automation).
  • checked_domains.txt: generated accepted domains after checking against ip.txt.
  • data/ip/current/*: official, ASN-derived, merged, added, removed, and summary outputs.
  • data/ip/snapshots/<timestamp>/*: timestamped snapshots of merged IP ranges.
  • data/domains/current/*: best-effort discovered domain outputs and summaries.
  • data/domains/snapshots/<timestamp>/*: timestamped domain snapshots.

Data sources

  • Official Cloudflare IP ranges: https://api.cloudflare.com/client/v4/ips
  • ASN-derived prefixes via BGPView for configured Cloudflare ASNs.
  • Best-effort domain discovery via curated input + public certificate APIs (crt.sh, certspotter).

Automation

GitHub Actions workflow:

  • .github/workflows/update-cloudflare-data.yml
  • Runs on schedule (daily + weekly) and on manual dispatch.
  • Regenerates IP/domain artifacts.
  • Builds checker input from both curated (domain.txt) and discovered (data/domains/current/discovered_domains.txt) domains.
  • Preserves previous checked_domains.txt when a run temporarily resolves zero accepted domains.
  • Publishes checked_domains.txt to the checked-domains-latest GitHub release tag on every run.
  • Uses summary.md as the release notes body.
  • Opens/updates a PR only when changes are detected.

Important limitations

  • No public API can provide a complete list of all domains behind Cloudflare CDN.
  • Domain discovery outputs are best effort and non-exhaustive.
  • ASN-derived data is cross-checked with official Cloudflare ranges and may include mismatches that require review.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

checked-domains-latest Latest
Apr 18, 2026

Packages

 
 
 

Contributors

Languages