search
ITPTToolsGithub

CacHeIT

CacHeIT available herearrow-up-right is a timing-based tool that identifies potential reverse proxy/CDN caching behavior on a list of URLs.

For each target URL, the script:

  1. Sends an initial HTTP request (baseline measurement).

  2. Sends multiple follow-up requests.

  3. Compares response times.

  4. Checks for known cache-related response headers (e.g. CF-Cache-Status, X-Cache, Akamai-Cache-Status).

  5. Reports URLs that likely returned a cached response.

If the median response time of subsequent requests is significantly lower than the baseline (based on a configurable threshold), the script flags the URL as potentially cached.

Detected cache-related headers are included in the output.

hashtag
Detection Logic

A URL is considered potentially cached when:

median_hit_time <= threshold × baseline_time

Default threshold: 0.5 (50%)

In addition to timing analysis, the script inspects response headers such as:

  • CF-Cache-Status

  • X-Cache

  • X-Cache-Hits

  • Akamai-Cache-Status

  • Age

  • X-Proxy-Cache

When present, these headers are reported alongside the URL.

hashtag
Installation

hashtag
Run the Script

hashtag
input.txt

hashtag
Command line

Argument
Description
Default

-i

Input file containing URLs

input.txt

-o

Output file for results

cache_detection_results.txt

-t

Timing ratio threshold

0.5 (very aggressive)

-r,--hits

Number of HTTP requests after the baseline to detect HITs

2

hashtag
Output

cache_detection_results.txt:

with the following format:

PreviousInformation Gathering PassiveNextCrawlStrike

Last updated