Cloudflare Reports 19% Internet Traffic Growth in 2025 and Unprecedented DDoS Attacks

Cloudflare’s sixth annual “Radar 2025” year-in-review report says global internet traffic grew 19% in 2025, with the most significant growth occurring from August.

“AI agents are breaking web economics, but Cloudflare says x402 can help The company’s Chief Strategy Officer said that more than half of internet traffic is now non-human, but that the x402 Foundation is building the rails for a "golden age of content”

@coindesk

The company also reported that it recorded “more than 25 attacks DDoS record” in the same period, and it framed the year as one marked by “The AI Boom, the Post-Quantum Era, and Unprecedented DDoS Attacks.”

@coindesk

In its own blog release, Cloudflare said its network spans “330 cities in more than 125 countries/regions,” and that it processes “an average of more than 81 million HTTP requests per second” and “more than 129 million HTTP requests per second at peak times.”

Cloudflare added that it responds to “approximately 67 million DNS queries per second (authoritative + resolver),” using those web and DNS observations to produce near real-time insights.

The report’s methodology is described as consistent with prior years, and it states that the data covers “from January 1 to December 2, 2025.”

It also says the microsite makes trends for “more than 200 countries/regions” available, while “Smaller or less-populated localities are excluded due to insufficient data.”

Across the same Cloudflare year-in-review materials, the company highlighted that “Starlink traffic doubled in 2025,” including traffic from “more than 20 new countries/regions.”

Cloudflare’s year-in-review materials and related reporting converge on a central claim: internet traffic is increasingly non-human, driven by AI crawling and automation.

In the CoinDesk account of a Consensus conference discussion, Cloudflare Chief Strategy Officer Stephanie Cohen said “more than half of internet traffic is now non-human,” and she tied that shift to AI agents that “scrape a webpage, summarize content and keep the source user inside a chatbot or automated workflow instead of sending a person back to the original site.”

CoinDesk

CoinDesk also reported that Cloudflare’s network is processing “a billion HTTP 402 ‘payment required’ responses every day,” linking the company’s infrastructure to a proposed payments approach for automated agents.

The Cloudflare Radar blog post similarly states that “The share of human-generated web traffic encrypted with post-quantum cryptography has risen to 52%,” while its AI section highlights that “AI-driven crawling of user actions increased more than 15-fold in 2025.”

It adds that “Googlebot alone accounted for 4.5%” of HTML request traffic, and that “AI crawlers were the user agents most frequently denied access in robots.txt files.”

The Media Leader’s local write-up of the same Radar 2025 report says the year “highlights sustained growth in global traffic, the rapid rise of AI-related usages,” and it describes “more than a fifteen-fold increase in crawls triggered directly by user actions.”

Siècle Digital’s local piece frames the same Cloudflare findings as a mismatch between traffic growth and human usage, stating that “Alone, bots would account for nearly 30% of global web traffic,” and it says “Googlebot remains the dominant crawler, responsible for about 4.5% of HTML requests on sites protected by Cloudflare.”

Alongside the AI-driven traffic shift, Cloudflare’s Radar 2025 materials emphasize encryption and connectivity metrics as part of the year’s technological changes.

“Selon le bilan annuel de Cloudflare, le trafic internet a augmenté de 19 % cette année”

itdaily.fr

The itdaily.fr report says “le chiffrement post-quantique sécurise désormais 52 % du trafic internet « humain »,” and it ties that figure to Cloudflare’s analysis of traffic on its network and via its DNS resolver “1.1.1.1.”

In the Cloudflare blog’s own recap, the company states that “The share of human-generated web traffic encrypted with post-quantum cryptography has risen to 52%,” and it places that within a broader “Post-Quantum Era” framing.

Connectivity is described in the Radar 2025 blog post as well, which says “Almost half of the 174 major Internet outages observed worldwide in 2025 were caused by regional and national Internet connectivity outages imposed by governments.”

The same blog post adds that “Globally, fewer than a third of dual-stack requests were made via IPv6, while in India, more than two-thirds were.”

It also reports that “European countries recorded some of the highest download speeds, all above 200 MB/s,” and it says “Spain consistently ranked among the top in Internet quality metrics.”

The Media Leader’s local write-up echoes the outage framing, stating that “Internet outages, often tied to government decisions, accounted for nearly half of the 174 major interruptions recorded worldwide in 2025.”

Cloudflare’s reporting also portrays 2025 as a year of security intensification, particularly through large-scale DDoS activity and increased mitigation.

The itdaily.fr article says Cloudflare “a enregistré plus de 25 attaques DDoS record,” and it frames those as part of the year’s “tendances internet les plus marquantes.”

Siècle Digital

In the Cloudflare blog’s “Year in Review” description, the company highlights “Unprecedented DDoS Attacks,” and it says the report incorporates “the hypervolume size of DDoS attacks” among new datasets.

The Media Leader’s local write-up adds that the year was marked by “a surge in so-called hyper-volumetric DDoS attacks, some exceeding 30 Tbps,” and it describes security as central, saying “In 2025, 6% of the global traffic passing through Cloudflare was mitigated for security or compliance reasons.”

That same local piece says attacks primarily target organizations in the “People and Society” sector, including “NGOs, civic institutions, and religious organizations,” and it states that “the volume of malicious emails now exceeds 5% of analyzed emails.”

Siècle Digital similarly reports that “About 6% of global traffic observed by Cloudflare required mitigation in 2025, whether from DDoS or other vectors.”

The Cloudflare blog itself also ties security to its observability approach, stating that it uses data from “traffic, bots, security, connectivity, and DNS observed on the Internet.”

The sources also connect Cloudflare’s traffic and security measurements to a proposed mechanism for managing automated agents through payments and verification.

“The 2025 Year in Review is now available, our sixth Cloudflare Radar report, which analyzes the Internet trends and patterns we observed over the past year, based on the broad view of Cloudflare's network”

The Cloudflare Blog

In the CoinDesk report, Chief Strategy Officer Stephanie Cohen said Cloudflare’s network processes “a billion HTTP 402 ‘payment required’ responses every day,” describing the HTTP 402 status code as part of the technical foundation for x402.

The Cloudflare Blog

CoinDesk quotes Cohen explaining the concept as “Think about it as a billion voices saying, I want to keep producing whatever I'm producing, but I need to be paid for it in order to keep doing that,” and it describes x402 as an open agent-payments framework Cloudflare is developing with Coinbase.

The same CoinDesk piece says Cohen credited Coinbase and Stripe as co-creators of the x402 Foundation and pointed to a “recent Cloudflare integration with Visa and Experian as the next layer of the agentic-payments stack.”

Cohen’s framing is that the shift in web economics is structural, with “More than half of the traffic on the overall Internet today is non-human,” and she says that non-human traffic is growing faster than human traffic.

She also described a historical ratio change, saying “A decade ago, she said, crawlers visited a site twice and sent back one human visitor,” and that today the ratio is “tens of thousands to one for AI companies that are scraping your site.”

The CoinDesk report ends with Cohen’s stated goal: “We believe that, if we do this right, there will be a ‘golden age of content,’” where “high-quality original content is valued.”