The secret life of your web browser revealed!

Not everyone is aware that there's a hidden conversation going on between your web browser and ALL the sites you visit. Known as HTTP header messages they are all the info your browser freely gives out every time you connect to ANY web site without even being asked. As you will see, some of this info you might rather keep to yourself. Some soft like The Proxomitron will not only lets you view all those messages, but also lets you alter, add, or delete them. If security is important to you, make it your business to know what your browser is telling the world and have it say only what you want! The order of the varibles will vary from server to server. Of course, Java, Java Script, Active X will gather a lot more info off your PC incuding but not limited to IP number, Email addresses, they can look at what files you have on your PC, run exes without your permittion, ets



GET, HEAD, PUT POST are the base request commands of the HTTP protocol. This first line would suffice to request the wanted information.
SERVER_PROTOCOL: will show which version of HTTP you are using, usually HTTP1.0 or HTTP1.1
HTTP_XROXY_CONNECTION : usually Keep-Alive
HTTP_ACCEPT_CHARSET: iso-8859-1,*,utf-8
HTTP_REFERER_FROM: shows the page you came from, where you came from before or the last page you visited before the current one, or if you came from a link. Typed URLs and bookmarks usually result in this variable being left blank. http:\/\/(www\.)?$mydomain\//);
HTTP_USER_AGENT : shows which browser type you are using, your browser version and also the O/S you use
HTTP_HOST: the remote server's name you are accesing
SERVER_PORT: shows the web server's listening port. usually 80, 8080, 3128 (if you are on HTTP)
SERVER_SOFTWARE: the remote server's O/S (Apache/1.2.4 for example)
SCRIPT_NAME: what kind of scripts the remote server is running if any (/cgi-bin/show-http-headers)
REMOTE_ADDRESS : or REMOTE_HOST : will show your IP number, or if you are usign a proxy, it's IP number
HTTP_REMOTE_HOST : will show your host name and address -country, ets
IDENT-Lookup: Username: will show yor PC's name, your operating system: your charset:
REMOTE_PORT: shows the port the remote server uses
SERVER_NAME: the DNS name of the server you are accessing
SERVER_ADMIN: usually the email address of the webmaster
HTTP_COOKIE: If your browser finds a cookie in his cookie file matching the domain of this server it will send it along with every request. This server also tries to set up a cookie in your browser. If this is successfully done, you can see this cookie in your request when RELOADing this page.
HTTP_X_FORWARDED_FROM: or HTTP_FORWARDED: if you use a proxy, it will show here
shows where you've been routed from. proxy can forward real ip here, In order to remain anonymous the you DO NOT want your real IP showing, only the proxy's.(trully anon proxies will NOT show HTTP_FORWARDED or HTTP_X_FORWARDED_FOR variables,
HTTP_FORWARDED : shows the path you use in connecting to a web server this line shows exactly where you're coming from. reveals proxy used VIA : reveals use of proxy
HTTP_VIA : if you are usign a proxy, the name will show up here
HTTP_ACCEPT: will show what kind of images your browser will accept such as: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, image/png, */* These are the MIME-types accepted by your browser, sometimes with a quality factorappended.
CLIENT_IP : your IP can be revealed by proxy
HTTP_FROM : sometimes IP proxied from is revealed here, so make sure you look at that option when evaluating how secure a proxy is!
ACCEPT-LANGUAGE: or HTTP_ACCEPT_LANGUAGE: Here your browser may indicate which languages it prefers. ISO-country-codes are used to accomplish this. So "en" is english, "de" is german, "ru" is russian, etc
SCRIPT_NAME: if the server wil run any scripts like cgi, ets.

for more info, you might wanna read:
or just examine the variables listed on an ENV test page like the ones at: All right, so what can you DO to protect your self then? It's simple-use a software like Proxomtron to alter your headers or have a FireWall soft For info on firewalls read the firewall FAQ or the Surf Up review of available firewall products that has screen shots. The most used firewalls right now are BlackIce, Signal 9 and to some extent AtGuard.