13 comments

[ 3.8 ms ] story [ 41.3 ms ] thread
I think that's pretty common, no? I put a hidden message in my headers a few years back.
If you ever look at headers on a Wordpress.com hosted site you'll get a job ad, check it out: http://gist.github.com/346227
curl -I http://wordpress.com/

HTTP/1.1 200 OK

Server: nginx

Date: Mon, 17 May 2010 07:17:29 GMT

Content-Type: text/html; charset=UTF-8

Connection: close

Last-Modified: Mon, 17 May 2010 07:17:26 +0000

Cache-Control: max-age=27, must-revalidate

Vary: Cookie

X-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.

X-Pingback: http://wordpress.com/xmlrpc.php

Link: <http://wp.me/1>; rel=shortlink

X-nananana: Batcache

Reddit changes their server line every now and then. Its usually fun stuff like that, or the line of other servers that they clearly don't use. Its entertaining to check it occasionally.
If you have any suggestions for new ones, let me know.

  Server: <script type="text/javascript">window.location="http://reddit.com/r/netsec";</script>
Those dirty reverse SQL injections!
Ah, reddit comments. Time to go wash my brain out with /b/.
Slashdot does Futurama quotes:

  HTTP/1.1 200 OK
  Server: Apache/1.3.41 (Unix) mod_perl/1.31-rc4
  X-Bender: I'm one of those lazy, homeless bums I've been hearing about.
and

  HTTP/1.1 200 OK
  X-Fry: Hooray, we don't have to do anything!
and

  HTTP/1.1 200 OK
  X-Fry: But this is HDTV. It's got better resolution than the real world.
etc.