Browser Security Headers
Lots of new HTTP headers have been proposed by various browser vendors and Internet companies, here we look at how popular and widely deployed those measures are. This information is periodically updated to see how the adoption changes over time.
Forgot Your Obfuscation?
Numerous websites obfuscate their "Server" or "X-Powered-By" headers, but some forget to also hide the information for mobile browsers. By requesting the website with different user agents, these inconsistencies can be detected and corrected.
Different user agent, different server
Based on the user agent, mobile devices can be sent to completely different servers for the same website and URL. For example, desktop clients for microsoft.com get sent to an instance of IIS 7.5 while mobile browsers are sent to an IIS 7.0 server.
Last updated on: 22 Sep, 2012
Top 10 Websites
Top 10 Headers