Cloudflare knows which visitors to challenge (also referred to as suspicious visitors) based on a variety of data sources. Specifically, Cloudflare leverages threat data from Project Honey Pot and a variety of other third-party sources to identify online threats. In addition, Cloudflare uses the collective intelligence of the websites on its system to identify new threats that arise. So if a new threat is identified on one site, Cloudflare can automatically protect the rest of the Cloudflare community. The types of threats that Cloudflare identifies is broad and includes email harvesting, SQL injection, cross-site scripting, comment spam, credential hacking, denial of service attacks and so on.