httprecon project / database / get_nonexisting / vary-order

httprecon project

advanced web server fingerprinting

"httprecon is a tool for advanced web server fingerprinting, likely to increase web server probes as the tool is examined and included into other tools." - Brent Huston, MSI State of Security

Test: get_nonexisting (GET /404test.html HTTP/1.1)
Fingerprint: vary-order

Set of request-header fields that fully determines if a cache is permitted to use the response.

	Implementation	Vary-order
	AOLserver 4.0.10	Accept-Encoding
	Apache 1.3.26	negotiate,accept-language
	Apache 1.3.33	Accept-Encoding
	Apache 1.3.34	Accept-Encoding
	Apache 1.3.37	*
	Apache 2.0.52	Accept-Encoding,User-Agent
	Apache 2.0.53	accept-language,accept-charset
	Apache 2.0.54	Accept-Encoding
	Apache 2.0.54	accept-language,accept-charset
	Apache 2.0.55	Accept-Encoding
	Apache 2.0.59	accept-language,accept-charset
	Apache 2.0.63	User-Agent,Accept-Encoding
	Apache 2.2.11	Accept-Encoding
	Apache 2.2.2	Accept-Encoding
	Apache 2.2.2	accept-language,accept-charset
	Apache 2.2.3	accept-language,accept-charset
	Apache 2.2.4	Accept-Encoding,Cookie,User-Agent
	Apache 2.2.4	User-Agent
	Apache 2.2.6	accept-language,accept-charset
	Apache 2.3.0	Accept-Encoding
	BaseHTTPServer 0.3	Host
	Compaq HTTP Server 9.9	negotiate,accept-language
	Microsoft IIS 6.0	Accept-Encoding
	Microsoft IIS 6.0	Accept-Encoding,User-Agent
	Mongrel 1.0	Accept-Encoding
	Oracle Application Server 10g 10.1.2.2.0	Host
	Oracle Application Server 10g 10.1.3.1.0	accept-language
	Roxen 4.5.145	*
	Zeus 4.3	Accept-Encoding
	Zeus 4.41	*
	Zope 2.10.4	Accept-Encoding
	Zope 2.7.6	Cookie
	Zope 2.8.4	Accept-Encoding
	Zope 2.8.6	Accept-Encoding
	Zope 2.9.6	Accept-Encoding
	Zope 2.9.6	Accept-Encoding,User-Agent
	and-httpd 0.99.11	Accept,Accept-Encoding,Accept-Language
	lighttpd 1.4.18	Accept-Encoding,Cookie
	lighttpd 1.4.19	Accept-Encoding,User-Agent
	nginx 0.5.33	Accept-Encoding
	nginx 0.6.20	Accept-Language
	nginx 0.7.35	Accept-Encoding,User-Agent

[back] [upload] [top]