Industry stats Updated Jun 2026 All domains worldwide 392.5M registered names +6.5% YoY Verisign · Q1 2026 .com + .net total 176.1M names in zone Verisign · Q1 2026 .com + .net 11.5M newly registered · 76.3% renewed Verisign · Q1 2026 Country-code TLDs 146.3M names +2.4% YoY Verisign · Q1 2026 New gTLDs 49.6M names · 30.9% renewed +3.7% QoQ Verisign · Q1 2026 Legacy gTLDs 20.5M names · 67.6% renewed +14.6% YoY Verisign · Q1 2026 WordPress 41.5% of all sites · 59.3% of CMS sites W3Techs · 17 Jun 2026 Shopify 5.2% of all sites · 7.5% of CMS sites W3Techs · 17 Jun 2026 Wix 4.3% of all sites · 6.1% of CMS sites W3Techs · 17 Jun 2026 Squarespace 2.5% of all sites · 3.5% of CMS sites W3Techs · 17 Jun 2026 Joomla 1.2% of all sites · 1.7% of CMS sites W3Techs · 17 Jun 2026 Webflow 0.9% of all sites · 1.2% of CMS sites W3Techs · 17 Jun 2026 Drupal 0.7% of all sites · 1% of CMS sites W3Techs · 17 Jun 2026 No CMS detected 30% of all sites W3Techs · 17 Jun 2026 Nginx on 33%–39% of sites W3Techs · Mar–Apr 2026 Apache on 24%–29% of sites W3Techs · Mar–Apr 2026 LiteSpeed gaining share among web servers W3Techs · Mar–Apr 2026 DMARC adoption 937.9K valid records +79% in 3 yrs EasyDMARC · 2026 YTD Fortune 500 95% publish DMARC · 80% enforced EasyDMARC Fortune 500 62.7% use strict reject policy EasyDMARC Inc. 5000 15.2% use strict reject policy EasyDMARC Deal CVC Capital Partners → Namecheap · CVC Capital Partners acquired a majority stake in Namecheap in September 2025, valuing the company at ~$1.5B (including debt). 2025 Deal team.blue (Hg-backed) → Loopia Group · team.blue (Hg-backed) acquired Loopia Group (Nordics) in 2025. 2025 Deal Miss Group (Perwyn-backed) → Web4U s.r.o. · Perwyn-backed Miss Group acquired Web4U s.r.o. (Prague-based web hosting and domain registration provider) in 2025. This is Miss Group’s 14th acquisition under Perwyn ownership. 2025 Deal group.one → Webglobe · group.one acquired Webglobe (Slovakia/Czechia/Serbia) in 2025. 2025 Deal hosting.com → FastComet, A2 Hosting · hosting.com (formerly World Host Group) acquired FastComet in April 2025 and A2 Hosting in January 2025, rebranding A2 Hosting under the hosting.com name. 2025 Industry stats Updated Jun 2026 All domains worldwide 392.5M registered names +6.5% YoY Verisign · Q1 2026 .com + .net total 176.1M names in zone Verisign · Q1 2026 .com + .net 11.5M newly registered · 76.3% renewed Verisign · Q1 2026 Country-code TLDs 146.3M names +2.4% YoY Verisign · Q1 2026 New gTLDs 49.6M names · 30.9% renewed +3.7% QoQ Verisign · Q1 2026 Legacy gTLDs 20.5M names · 67.6% renewed +14.6% YoY Verisign · Q1 2026 WordPress 41.5% of all sites · 59.3% of CMS sites W3Techs · 17 Jun 2026 Shopify 5.2% of all sites · 7.5% of CMS sites W3Techs · 17 Jun 2026 Wix 4.3% of all sites · 6.1% of CMS sites W3Techs · 17 Jun 2026 Squarespace 2.5% of all sites · 3.5% of CMS sites W3Techs · 17 Jun 2026 Joomla 1.2% of all sites · 1.7% of CMS sites W3Techs · 17 Jun 2026 Webflow 0.9% of all sites · 1.2% of CMS sites W3Techs · 17 Jun 2026 Drupal 0.7% of all sites · 1% of CMS sites W3Techs · 17 Jun 2026 No CMS detected 30% of all sites W3Techs · 17 Jun 2026 Nginx on 33%–39% of sites W3Techs · Mar–Apr 2026 Apache on 24%–29% of sites W3Techs · Mar–Apr 2026 LiteSpeed gaining share among web servers W3Techs · Mar–Apr 2026 DMARC adoption 937.9K valid records +79% in 3 yrs EasyDMARC · 2026 YTD Fortune 500 95% publish DMARC · 80% enforced EasyDMARC Fortune 500 62.7% use strict reject policy EasyDMARC Inc. 5000 15.2% use strict reject policy EasyDMARC Deal CVC Capital Partners → Namecheap · CVC Capital Partners acquired a majority stake in Namecheap in September 2025, valuing the company at ~$1.5B (including debt). 2025 Deal team.blue (Hg-backed) → Loopia Group · team.blue (Hg-backed) acquired Loopia Group (Nordics) in 2025. 2025 Deal Miss Group (Perwyn-backed) → Web4U s.r.o. · Perwyn-backed Miss Group acquired Web4U s.r.o. (Prague-based web hosting and domain registration provider) in 2025. This is Miss Group’s 14th acquisition under Perwyn ownership. 2025 Deal group.one → Webglobe · group.one acquired Webglobe (Slovakia/Czechia/Serbia) in 2025. 2025 Deal hosting.com → FastComet, A2 Hosting · hosting.com (formerly World Host Group) acquired FastComet in April 2025 and A2 Hosting in January 2025, rebranding A2 Hosting under the hosting.com name. 2025
SaaS AI Tools Cloudflare

Cloudflare launches Precursor for client-side bot detection

New engine uses continuous behavioral signals to improve bot management precision.

Cloudflare launches Precursor for client-side bot detection
Zulfugar Karimov · Unsplash

Cloudflare has released a new bot management engine designed to detect automated traffic through continuous analysis of client-side behavior. Named Precursor, the system converts real-time interaction patterns into detection signals, aiming to improve accuracy in identifying bots without disrupting human users. The launch reflects growing demand for solutions that address sophisticated automation while preserving user experience in web applications and APIs.

How Precursor works

The engine operates by monitoring how users interact with web interfaces throughout an entire session. Unlike traditional bot detection methods that rely on static snapshots or server-side logs, Precursor evaluates dynamic client-side signals to build a behavioral profile. This approach allows the system to detect advanced automation techniques that may evade conventional checks, such as headless browsers or scripted interactions that mimic human behavior. Cloudflare states that the continuous validation process reduces false positives, which can lead to unnecessary challenges or blocks for legitimate users.

Precursor integrates with Cloudflare’s existing bot management framework, providing additional visibility into user journeys. The system does not replace existing detection layers but supplements them with client-side telemetry. This layered approach enables operators to fine-tune policies based on behavioral patterns rather than relying solely on IP reputation or request signatures. The company has not disclosed specific technical details about the signal processing or machine learning models used in the engine.

Implications for operators

For infrastructure providers and web application owners, Precursor offers a potential improvement in bot mitigation without increasing friction for end users. The system’s focus on session-level behavior could help address challenges posed by automation that adapts to traditional detection methods, such as credential stuffing or content scraping. However, the effectiveness of client-side monitoring depends on the quality of the signals collected and the ability to distinguish between legitimate automation (e.g., accessibility tools) and malicious bots.

Cloudflare’s announcement does not include benchmarks comparing Precursor’s performance to existing solutions, nor does it specify deployment requirements beyond integration with Cloudflare’s network. Operators considering the tool will need to evaluate its impact on false positives and negatives within their specific environments. The company has positioned Precursor as part of its broader security portfolio, suggesting that it may be bundled with existing bot management offerings rather than sold as a standalone product.

What to watch

Adoption of Precursor will likely depend on real-world performance data, particularly in high-risk sectors such as e-commerce, financial services, and content publishing. Operators may also monitor how the system handles edge cases, such as users with assistive technologies or environments with strict privacy controls that limit client-side telemetry. Cloudflare has not announced plans for third-party audits or independent testing of the engine’s accuracy, which could influence trust among enterprise customers.

The launch comes amid increasing regulatory scrutiny of bot mitigation practices, particularly in regions with strict data protection laws. Client-side monitoring raises privacy considerations, as it involves collecting behavioral data from end users. Cloudflare has not detailed how Precursor complies with frameworks like GDPR or CCPA, though the company’s existing privacy policies may apply. Operators deploying the tool will need to assess its alignment with their own compliance obligations.

Companies mentioned

Cloudflare

Discussion · coming soon

Be the first to join the thread when community discussion launches.