frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Show HN: Detect paid Cloudflare plans on any website via ECH

https://experiments.pawelpokrywka.com/cloudflare-subscription-checker/
1•rapawel•1h ago
A tool that checks if any website uses a paid Cloudflare subscription by examining their public /cdn-cgi/trace endpoint. Cloudflare only allows disabling Encrypted Client Hello (ECH) in paid plans, so sni=plaintext indicates a paid subscription. Works on any Cloudflare-proxied site.

Comments

rapawel•1h ago
Example website with paid subscription: Substack https://experiments.pawelpokrywka.com/cloudflare-subscriptio...
phillipseamore•1h ago
Seems like this might a wrong assumption (or CF changed something). Just tested one of my own sites that's on the free plan and it has "sni=plaintext".
rapawel•1h ago
There are occasional false positives, but querying different Cloudflare data centers usually resolves this. I've found that switching VPN servers (which routes through different CF edge locations) eventually gives the correct result.
wordglyph•1h ago
My site https://wordglyph.xyz came back undetermined
rapawel•1h ago
The tool only detects a subset of paid Cloudflare users - specifically those with the default ECH settings. If your site shows as undetermined, it likely means you're on a free plan or a paid plan with ECH enabled.

From what I've observed:

- Free plans: ECH is forcefully enabled (sni=encrypted)

- Paid plans: ECH is disabled by default (sni=plaintext), but can be manually enabled

The tool can only definitively distinguish between free plans and paid plans that use the default ECH settings.

After 10 years of black hole science, Stephen Hawking is proven right

https://www.npr.org/2025/09/11/nx-s1-5537131/ligo-10-years-black-holes-hawking-theory-confirmed
1•jonbaer•37s ago•0 comments

The future is open: Answering the most common tech writing worries

https://passo.uno/tech-writing-optimism-reddit/
1•theletterf•1m ago•0 comments

3 Fatal overdoses in L.A. County linked to synthetic supplement

https://www.latimes.com/california/story/2025-09-13/synthetic-kratom-linked-to-3-fatal-overdoses-...
1•petethomas•3m ago•0 comments

Oregon mass layoffs approach Great Recession levels

https://www.oregonlive.com/business/2025/09/oregon-mass-layoffs-approach-great-recession-levels.html
1•rwc9•4m ago•0 comments

The Illusion of Diminishing Returns: Measuring Long Horizon Execution in LLMs

https://arxiv.org/abs/2509.09677
2•jonbaer•5m ago•0 comments

Rule 30 (1d) cellular automata feeding into Conway's Game of Life (2d)

https://usize.github.io/1d2d/
1•fugeesnfunions•5m ago•0 comments

I built a fitness app via spec coding with Kiro

https://devblac.github.io/post/building-a-gym-tracker-with-spec-coding/
2•blacher•10m ago•0 comments

External Secrets Operator resumes releases

https://github.com/external-secrets/external-secrets/issues/5084
1•nanibot•11m ago•0 comments

The Scientific Virtues

https://slimemoldtimemold.com/2022/02/10/the-scientific-virtues/
1•eamag•11m ago•0 comments

World emissions hit record high, but the EU leads trend reversal

https://joint-research-centre.ec.europa.eu/jrc-news-and-updates/world-emissions-hit-record-high-e...
1•saubeidl•12m ago•0 comments

Rock discovery contains 'clearest sign' yet of ancient life on Mars, NASA says

https://www.cnn.com/2025/09/10/science/nasa-mars-sapphire-falls-rock-sample
2•tzury•13m ago•0 comments

Can an Amazon AI voice guide you better than customer product reviews?

https://www.cnbc.com/2025/09/14/amazon-product-reviews-ai-customers-online-shopping.html
1•rntn•13m ago•0 comments

Elastic Projections

https://kunimune.blog/2023/12/29/introducing-the-elastic-projections/
1•andsoitis•17m ago•0 comments

2027: Race to AGI Game

https://thoughtwax.com/2027-race-to-agi/
1•3willows•22m ago•1 comments

Camneerg: The Mac Plus Web Server

https://www.spacerogue.net/Camneerg/
1•xk3•25m ago•0 comments

Russian 'YouTube' hides western movies on its front page

https://torrentfreak.com/pirates-hide-uploads-with-morse-code-rutube-hides-movies-on-its-front-pa...
1•gloxkiqcza•26m ago•1 comments

Wu Ming

https://en.wikipedia.org/wiki/Wu_Ming
1•bryanrasmussen•28m ago•0 comments

Gleam is my new obsession

https://ericcodes.io/blog/gleam-my-new-obsession.html
4•todsacerdoti•29m ago•0 comments

When Dementia Steals the Imagination of a Children's Book Writer

https://www.nytimes.com/2025/09/14/magazine/robert-munsch-author-children-books-dementia.html
1•anarbadalov•30m ago•0 comments

Bluetooth 8-Track Adapters Are a Thing (2022)

https://hackaday.com/2022/07/03/bluetooth-8-track-adapters-are-a-thing/
1•Ariarule•31m ago•0 comments

New AI hype "Our language models are so 'conscious' we need to give them rights"

https://garymarcus.substack.com/p/new-adventures-in-ai-hype-our-language
4•bryanrasmussen•31m ago•1 comments

Interactive Latent Flow Visualisation for Any LLM

https://argos-viz.fly.dev/
2•zarathrusta•31m ago•0 comments

Tailscale Systray for Linux

https://tailscale.com/kb/1597/linux-systray
1•jackhalford•32m ago•0 comments

Study finds alarming levels of PFAS in blood of those living near USAF base

https://www.theguardian.com/us-news/2025/aug/23/pfas-air-force-base
2•PaulHoule•34m ago•0 comments

Software Agents work. But only if you do

https://suriya.cc/general/gpt-code/
2•suriya-ganesh•35m ago•0 comments

House Just Passed a Bill Punishing "Politically Motivated" Boycotts of Israel

https://theintercept.com/2025/09/11/israel-boycott-bds-boebert/
7•like_any_other•35m ago•1 comments

Lost $300 due to an API key leak from "vibe coding" – Learn from my mistake

1•liulanggoukk•37m ago•0 comments

Apache HertzBeat Graduates as an Apache Top-Level Project

https://hertzbeat.apache.org/blog/2025/08/24/hertzbeat-graduation/
1•tomsun28•37m ago•0 comments

The Master System Girl: A Console with Cooties?

https://nicole.express/2025/sega-mistress-system.html
1•zdw•37m ago•0 comments

Show HN: Mirenku – local/offline anime tracker

https://mirenku.app
1•Aeturnis•39m ago•0 comments