httprecon project
advanced web server fingerprinting
"It's rediculously bad ass as far as finger printing goes." - HexaTex, MySpace Forum
Test: get_existing (GET / HTTP/1.1)
Fingerprint: choose the fingerprint

Legitimate GET request to fetch an existing ressource. Usually the content of the fetched ressource is shown.

bannerBanner of the web server, which is usually announced within the Server line.
protocol-nameName of the protocol at the beginning of the http header (usually HTTP).
protocol-versionVersion of the http protocol (common are 0.9, 1.0 and 1.1).
statuscodeThree digit status code of the processed request (e.g. 200 or 404).
statustextHuman readable explaination of the status code (e.g. Found or Forbidden).
header-spaceThe use of space characters after the line name.
header-capitalafterdashThe use of a capital letter after a dash within a line name.
header-orderThe order of the header lines within the response.
options-allowedThe announced http methods. Usually printed only in OPTIONS responses or forbidden requests.
options-publicSimilar to options-allowed, the announcement of allowed methods for public use.
options-delimitedThe used delimiter symbol for the listed methods within OPTIONS requests.
etag-legthThe length of the ETag as bytes.
etag-quotesThe use of what kind of quotes around the ETag announcement.
content-typeThe use of which Content-Type within the received response.
accept-rangeThe accepted data range by the web site (usually bytes).
connectionFurther demands for the given and further connections.
cache-controlDemands for the cache controlling by proxies and web browsers.
pragmaFurther details about proxies and cacheing.
vary-orderSet of request-header fields that fully determines if a cache is permitted to use the response.
vary-capitalizeThe use of capitalized letters within the vary definitions.
vary-delimiterDelimiter used to announce the Vary details.
x-powered-byOptional header which announces some additionally installed software packages.
htaccess-realmThe name of the htaccess authentication.

[back] [upload] [top]