Hacker News

Show HN: Detect paid Cloudflare plans on any website via ECH

2025-09-1414:5915experiments.pawelpokrywka.com

This tool checks if a website uses a paid Cloudflare subscription. How does it work? Note: Results may vary between Cloudflare data centers, so testing from multiple locations (e.g., via VPN) helps…

This tool checks if a website uses a paid Cloudflare subscription. How does it work?
Note: Results may vary between Cloudflare data centers, so testing from multiple locations (e.g., via VPN) helps verify the status.

Read the original article

rapawel

Karma: 230
...
 @Hacker__News
@hacker._news

Comments

  • By rapawel 2025-09-1415:00

    Example website with paid subscription: Substack https://experiments.pawelpokrywka.com/cloudflare-subscriptio...

  • By phillipseamore 2025-09-1415:121 reply

    Seems like this might a wrong assumption (or CF changed something). Just tested one of my own sites that's on the free plan and it has "sni=plaintext".

    • By rapawel 2025-09-1415:29

      There are occasional false positives, but querying different Cloudflare data centers usually resolves this. I've found that switching VPN servers (which routes through different CF edge locations) eventually gives the correct result.

  • By wordglyph 2025-09-1415:251 reply

    My site https://wordglyph.xyz came back undetermined

    • By rapawel 2025-09-1415:38

      The tool only detects a subset of paid Cloudflare users - specifically those with the default ECH settings. If your site shows as undetermined, it likely means you're on a free plan or a paid plan with ECH enabled.

      From what I've observed:

      - Free plans: ECH is forcefully enabled (sni=encrypted)

      - Paid plans: ECH is disabled by default (sni=plaintext), but can be manually enabled

      The tool can only definitively distinguish between free plans and paid plans that use the default ECH settings.

HackerNews

About