HTTP headers contain metadata and descriptive information about the request and response. You can potentially learn a lot about a server by inspecting the HTTP headers it serves with a response. You can learn the following things about the server:
- Caching system
- Authentication
- Operating system
- Web server
- Response type
- Framework or content management system
- Programming language
- Spoken language
- Security headers
- Cookies
Not every web server will return all of those headers, but it is helpful to learn as much as you can from the headers. Popular frameworks such as WordPress and Drupal will return an X-Powered-By header telling you whether it is WordPress or Drupal and what version.
The session cookie ...