About YOU
Information that your browser and my server sent me.
©2008, Bob Beeman
Updated 2009-07-18 @ 10:27 EDT (UT-4)
Read More www.bee-man.us Important Notice

The items below are detected by your JavaScript environment.
If you have JavaScript disabled, they will be blank.
Your Date, Time, and Time Zone   more
Read from the clock and data in your computer.
Your Screen Resolution   more     pixels
Your Screen Color Depth   more
Your Browser Plugins and their File Names   more
The items below are sent in your HTTP headers and received by my server.
Every web page you go to gets this info, and there is nothing you can do about it.
Your Computer, OS, and Browser   more CCBot/2.0 (http://commoncrawl.org/faq/) 
Your IP Address   more
or the IP address of your outermost firewall.
54.226.148.122 
Your Host Name   more
or the Host Name of your outermost firewall.
ec2-54-226-148-122.compute-1.amazonaws.com 
Your port #   more
On your computer or outermost firewall.
35285 
Page Requested   more
The page your browser requested
/about_you/index.php 
Referrer   more
The URL of the page with the link that sent you here.
 
Request Method   more
The HTTP Method Your Browser Used for this Request.
GET 
Query String   more
Everything after the question mark in the page URL.
 
Encoding Methods   more
Encoded data types your browser says it will accept.
x-gzip, gzip, deflate 
Languages   more
Languages you will accept with preference indicated.
en-us,en-gb,en;q=0.7,*;q=0.3 
HTTP Data Accepted   more
The kinds of data encoding that you will accept.
text/html,application/xhtml+xml,
application/xml;q=0.9,*/*;q=0.8 
HTTP Character Sets Accepted   more
The kinds of character encoding that you will accept.
 
Your Social Security Number

Relax: its a joke.
One of my evil friends suggested I should put this here.
Shame on you Mr. Stockdale!
XXX-XX-XXXX
Digits masked by Xs for privacy
Other Stuff
There are lots of other things that can be discovered by JavaScripts that run on web pages. Unfortunately (or fortunately, depending on you viewpoint) due to the "browser wars" between Microsoft and Netscape, JavaScripts work differently on different browsers. Thus it is tough to do a general-purpose page like this that covers everything, and I have only shown a small sample of what is possible.

Even well-intentioned, honest people can write JavaScripts and ActiveX controls to get more info out of your computer. For example, JavaScripts can read out the position of your mouse on the page or in a specific document, detect mouse clicks, find out which plug-ins your browser has, etc. etc. etc.

I try to be honorable and honest, so I don't do "Port Scans" to check whether particular ports on your computer are "Open", "Closed", or "Stealth", as this could be interpreted as hacking. I'm such a nice guy I don't even put cookies on your computer.

Unfortunately, not everybody is a "nice guy". People who are up to no good have a lot of time to devote to inventing nasty tricks, and can get much more info from browsers and Operating Systems that they target. In fact, more info than they were intended to be able to get by those who developed the subject browsers and operating systems. One manifestation of this is the writing of web pages, scripts and programs of ALL kinds that have intentional errors. These errors can, in some cases, cause your browser or operating system to do unpredictable things. These are generally called "exploits", as they are exploiting, for evil purposes, some problem that someone has discovered with a given browser or operating system.

Many security experts recommend that you turn off JavaScript for casual browsing. Of course then a lot of things won't work. Catch-22.

And then there's ActiveX, used by Windows machines (but not Macs or others) that has been described by some security experts as the biggest security disaster ever. But I won't go there.


Discussion

Date, Time, & Time Zone
The date and time from your computer clock and the time zone information (expressed as minutes offset from UT (Universal Time: Standard time in Greenwich England) is shown here. The time zone information is presented here as minutes of offset from UT with negative values (earlier) for Time Zones West of Greenwich (0 degrees Longitude) and positive values for Time Zones East of Greenwich. The Time Zone is not calculated from your clock value, but is directly read from info that you entered about your time zone when you initially set up your computer. If you have your computer set for Automatic Daylight Savings adjustments, this is reflected in the time zone info.

The date is represented in standard ISO format: Year-month-day. Get used to it.
The Time from your computer clock is represented in 24 hour format.
Your Time Zone from UT in minutes (East +, West -).

Like your IP address, your time and time zone can be used to find your approximate physical location. This is especially true if you live in one of those areas that is offset by a fraction of an hour from UT.

Your Screen Resolution
Your computer's screen is a collection of picture elements (pixels) arranged in rows and columns. The number of rows and columns in your computer's display is shown here.

Your Screen Color Depth
Each pixel on your computer screen is represented by a number of bits. The number of colors that can be represented by each pixel is 2 raised to the power of the number of bits per pixel.

Your Browser Plugins and their File Names
Your browser has "plug-ins" or extra files to help it interpret some kinds of files, such as Java Applets, Flash animations, PDF files, etc. Shown here are your browser's plugins and their file names. You can find these files in your computer's file system if you do a little snooping.

Plug-ins are numbered starting from zero and that's how I show them here. Why count from zero? Its like counting birthdays. Your zeroth birthday is the day you are born. Your 1st birthday is when you are one year old, your 2nd birthday is when you are two years old...

Your Computer, OS, and Browser
This is the "User Agent" string defined in the specification for http: the HyperText Transport Protocol. It is used to identify your browser to the web page so that they can make any necessary adjustments to the page to be delivered. Lots of people use these to find out what % of their hits come from various types of equipment. It can also be useful to "bad guys" who want to attack your computer. At present, if this indicates you are using a Mac, you are unlikely to be attacked. In the long run, while Macs are harder to attack (UNIX-based, no ActiveX, built in stateful firewall, oddball services off by default, etc.) there are no guarantees...

Your IP Address
The IP address is the actual address on the internet to which your computer is connected. Each IP packet contains a "To" address and a "from" address. The address displayed here was captured by my server from the "from" address in the IP packet you sent to request this page. Normally, each internet user needs an individual IP address so that information can be uniquely returned to that user. If you are behind some kind of shared firewall (as at many public schools) tricks are played to represent each user by a combination of port # and IP address and the relationships appear random from outside the firewall, but are carefully maintained inside the firewall to make sure everyone gets the right information.Think of it as being like your "phone number" on the internet. Unlike phone numbers, however, your ISP will generally give you a different address each time you log on (for dial-up users) or periodically (every few days) otherwise. You have to pay extra to always have the same IP address. The current version of IP (Internet Protocol) is version 4, so you will often see references to "IPv4". IPv4 addresses have 32 bits, allowing about 4 billion addresses worldwide. These 32 bit addresses are represented as 4 decimal numbers separated by periods (or full-stops, if you prefer). Each of the decimal numbers runs from 0 through 255, which is the range of values that can be represented in each group of 8 bits.

Databases and services are available that identify the ranges of IP addresses used by each Internet Service Provider (ISP) and in which locations they are used. So any web site operator that really wanted to know where you are physically located could probably determine this within a few dozen kilometers. Doing this costs money, but not big money, so you should assume that anyone running a website who really wants to know your approximate physical location can discover this.

Your Host Name
The name connected with your IP address. This may include your IP address and the name of your ISP. If you have any hosting services enabled on your computer, such as FTP of HTTP this can possibly be used to access your computer remotely.

Your Port #
Inside the data area of an IP packet is another packet, which in general could be either a TCP (Transmission Control Protocol) packet or a UDP (User Data Protocol) packet. TCP checks to see if packets were received at the far end and re-sends them if they were lost. It also protects against accidental duplication of packets. UDP provides a more basic service, and doesn't check for errors. Web page transactions always use TCP.

Both TCP and UDP have an additional pair of "port" numbers (destination and source), which are 16-bit numbers (decimal values 0 through 65535) and are basically treated as an extension of your IP address. Port numbers are assigned by the Internet Assigned Numbers Authority (IANA) as follows:

       0 -  1023: Well-known ports.  Used for defined services.
    1024 - 49151: Registered ports.  Should be registered before being used.
   49152 - 65535: Dynamic and/or private ports.  No rules.
Port 80, for example, is used on servers for incoming web page requests using HTTP. When you request a web page you send a request "to" port 80 on the server. You send this "from" a port on your computer which has a number at or above 49152. When the server returns the web page, it returns it "to" your IP address and the port number that you used for your request. The "from" port number in this reply is 80, since you used this in your original request.

When you request images or other info that may be on a page, each of these is requested "from" a different port number on your computer and returned to that port by the server. This allows you to request multiple items that make up a web page simultaneously from the same server without your computer (or the server) being confused. Normally, port numbers on your computer advance by one with each request until reaching 65535, at which point the next request will jump back to around 49152.

Page Requested
When you requested this page via HTTP this is the page you requested. Note that if you requested a directory:

    http://www.bee-man.us/about_you/

you will probably see the actual page here:

    http://www.bee-man.us/about_you/index.php

The "index.php" was appended to your request by my server because this is the default first page in a directory for UNIX-based web servers. For Windows-based servers the default first page is "default.html". If there is no default page, you will receive an index of all the documents in that directory, if permitted by the web server. Web sites that wish to hide the contents of directories will make sure that there is a default page in the directory, even if it is a blank page. That way nosy people can't list directories. Some web servers don't allow retrieval of indexes of folders, and some allow it to be configured by each web master.

The part of the URL which identifies the web site is case-insensitive. These two URLs are equivalent:

    http://www.bee-man.us
    HTTP://WWW.BEE-MAN.US

But the part after the web site may or may not be case-sensitive, depending on the server. My hosting company (ICDsoft) uses UNIX-based servers and so the following are NOT equivalent:

    http://www.bee-man.us/about_you
    http://www.bee-man.us/ABOUT_YOU

If you try to point your browser to the one with caps, you will get a "404" (page not found).

Referrer
If you clicked on a link on another page which sent you here, the URL of that page will be here, if your browser is set up to provide this information. If you got here by typing in the URL or using a bookmark, then this should be blank.

HTTP Request Method
The HTTP protocol has a number of methods that are built in. The most common is "GET" which is intended to "GET" a web page or other info. If you are returning info to the web page (e.g., posting to a forum, filling out a form) your browser would use "POST" or "PUT". Other methods include "HEAD" which requests only the headers (your browser does this invisibly to see if the page contents are the same as what it has stored from the last time you visited that page), "DELETE", "LINK", and "UNLINK", which are not generally used (and will not work!) for ordinary users.

Query String
The query string is everything after the question mark "?" in the page URL. The exception to this is that the first "#" character and everything after it is not included in the Query String, as this represents an internal link within a page, and not a Query String.

Since you probably didn't put a question mark in the URL when you requested this page, this will be blank. To see what would happen if you did, go to the address field in your browser and type (or copy and paste):

    http://www.bee-man.us/about_you?gandalf

When you do this, and refresh the page, you should see "gandalf" as the query string.

This is often used as a trivial way to send data to web sites without the hassle of using the PUT or POST methods of HTTP. Yahoo's stock quotes work this way. I have placed a link below to get stock price quotes from Yahoo for Apple Computer (aapl), ibm (ibm) and Microsoft (msft) using their respective ticker symbols:

    http://finance.yahoo.com/q/cq?s=aapl+ibm+msft&d=v1

Click the link to see what happens. As you can see from the above, the query string for this request is:

    s=aapl+ibm+msft&d=v1

Some characters, such as space and any other characters outside the range 33-127 (decimal), need to be encoded specially. This is done because URLs are limited to certain characters, and characters that are not allowed are encoded as a "%" sign followed by two hexadecimal (base 16) digits indicating the character number. Space is ASCII character number 32, which is 20 in hexadecimal (two 16s and no ones) and so is encoded as "%20. This of course implies that the "%" character (ASCII 37) must itself be encoded as "%25", or else ambiguities will arise. For example, if you didn't always encode "%" signs, the characters "%20" would be the encoding of both "%20" and "% " (percent space). In actuality you would encode "% " as %25%20" and you would encode "%20" as %2520". When working with computers and data, ambiguities are deadly.

Query Strings can interact with caches. Many web pages are cached (stored locally) by your ISP. This is done to avoid continually retrieving popular but distant web sites over expensive long links. When you request such a page it is served from the ISPs cache, not from the site itself.

Sophisticated web sites have info in the HTTP headers of their site about when the site was last refreshed and when the next update is to be expected. These headers are very small compared to the size of the pages themselves. This allows the ISP to check these headers periodically so that they know when changes occur. This means that you almost always get an up-to-date page, despite caching. It also means that things like web-site hit counters are often not accurate, since many site views don't actually go to the site.

Obviously, web sites which depend on information from you, like Yahoo's stock quotes, cannot be cached. To do so reliably would require the ISP to have access to all of the databases and program logic on the site. This is almost never possible, as many of these items are proprietary. To allow for this, if the URL for a page contains a "?" (unless it is immediately followed by a "#") the request will bypass any caches in the path and go directly to the web site. This can be useful when you know that a site should have been updated and you keep getting an old copy. Just put a "?" at the end of the URL. Don't abuse this knowledge!

Encoding Methods
These are the encoding methods for data that your browser accepts. It usually includes ZIP (gzip) and others such as "deflate" and "identity", but may be blank, indicating that anything goes.

Sometimes there are multiple ways to encode something, and in that case a method for encoding preferences is used. Your first preference is the first item. Lower preferences are comma delimited and show order of preference with a "q" value (0 to .99). Highest "q" value is most preferred option. After the first item, the order of appearance is not important. Only the "q" values matter. For example, my browser shows the following preferrences:

gzip, deflate;q=1.0, identity;q=0.5, *;q=0

That means that gzip and deflate are preferred, identity is acceptable and everything else (asterisk) is not accepted.

"q" coding is also used for indicating other preferences, including for Language, Data Types, and Character Sets.

Languages
Languages you will accept with preference indicated. Your first preference is the first item. (language optionally followed by national variant indicator). Lower preferences are comma delimited and show order of preference with the "q" value (0 to .99) Highest "q" value is most preferred.

The list of languages and their codes is maintained by the Internet Assigned Numbers Authority at Iana Language Subtag Registry. Unfortunately, the names of the languages are the English names only. Thus to find Spanish you would look for "Spanish", rather than Espanol. Case (capitalization) is not significant. Thus ES, Es, eS, and es all refer to Spanish. IETF RFC3066 Tags for the Identification of Languages sets out the rules for usage.

After the language identifier there can be a national variant identifier. Thus English as spoken in the UK would be identified as en-gb (or unofficially as en-uk as per the TLD code for the UK) and as spoken in the United States would be en-us. The official list of Country names is kept by the International Standards Organization, English country names and code elements. The list of country names used as Internet suffixes is kept by IANA IANA ccTLD Database. Sometimes these are used for national sub-identifiers instead of the official ISO ones. An example would be en-uk, since the UK has two internet TLDs: uk and gb.

Some web pages have multiple languages available, and will give you the highest prioroity one in your list that they have available.

The top ones on my Safari browser (most preferred first) are:

    en-us   English: US variant
    en;q=0.97  Generic English: any version
    es-es;q=0.93  Spanish: Spanish variant
    es;q=0.90  Generic Spanish: any version

HTTP Data Accepted
The kinds of data encoding that you will accept. Preferences are expressed in "q" code as above.
Examples include text/plain, text/xml, text/html, etc. "q" values indicate preference.
"/", asterisk, or blank means data of any type will be accepted. For example my Firefox browser gives the following:
text/xml,application/xml,application/xhtml+xml, text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5

HTTP Character Sets Accepted
The kinds of character encoding that you will accept.
Examples include ISO-8859-1,utf-8, etc. "q" values indicate preference.
"/", asterisk, or blank means characters of any type will be accepted. My FireFox browser indicates the following:
ISO-8859-1,utf-8;q=0.7,*;q=0.7

Request Protocol
Since you are requesting a web page, this will be some version of HTTP (Hyper Text Transfer Protocol, almost certainly HTTP 1.1. In the original version of HTTP, each web page had a different IP address. This became a problem as the internet grew because since each user needs a unique IP address, and each web site in HTTP/1.0 needed a unique IP address, the possibility existed that the pool of available IP addresses could be exhausted. HTTP/1.1 made a number of improvements, including allowing a potentially unlimited number of web sites to be hosted on one server (or server complex) at a single IP address. This was a big help to web hosting companies, who were exhausting their own limited supply of IP addresses.

HTTP Connection type
There are two kinds of HTTP connection: "keep-alive" (the default), and "close". A "close" connection closes (is disconnected) once the object you have requested has been delivered and confirmed as received. A "keep-alive" connection stays open in case you request more information. This saves server resources, as creating a new TCP connection (the protocol over which HTTP is carried) involves considerable work and resources, so it is worth while from the server point of view to minimize this. Of course, idle connections will eventually be closed, but probably not for several minutes. If they are continually used, they will stay open for quite a while.


Read More

All of the information required to duplicate this page (or expand on it!) is available publicly from various places on the internet. Below are links to and descriptions ofsome sites that I think are good and authoritative ones. Of course I am not responsible for what they post, or what their sites may do. Hey, its the Internet!

Securing your computer from hackers, and testing its security.
National Security Agency Security Configuration Guides
The best guide to securing your computer. Read it, believe it, do it. Guides are available for most common computers and Operating Systems (Mac, Solaris, Windows). And best of all, the price is right (free, the only right price).
HackerWatch.org Port Scan
Run by McAffee (Network Solutions, Inc.) They will attempt to scan several common ports (21 (FTP), 23 (Telnet), 25 (SMTP Mail Server Port), 79 (Finger), 80 (HTTP), 110 (POP3 Mail Server Port), 139 (Net BIOS), 143 (IMAP), 443 (HTTPS). They should all show "Secure" (Stealth) if your computer is safe.
DSLreports.com Port Scan
Various tests are available here.

Information about the Internet and its protocols
Internet Engineering Task Force (IETF)
This is the organization that defines the basic protocols of the Internet. All of the standards are posted on their web site and are freely available. Their documents are not tutorials! Some can be incredibly difficult to understand. But they are the official documents.
Official Internet Protocol Standards
    The official rfcs for standards like IP, TCP, UDP, HTTP are linked here.
    Remember, they are standards, not tutorials.
RFC Editor's Page.
    The starting point for searching for "Request For Comments" documents.
Special Use IPv4 Addresses
    (rfc3330)
Internet Assigned Numbers Authority
They assign and maintain lists of IP addresses, Port numbers, Protocol Numbers and some other things.
Generic Top Level Domains
    .biz, .com, .edu, .gov, .mil, net, .org, etc.
National Top Level Domains
    Canada (.ca), Germany (.de), United Kingdom (.uk), United States (.us), etc.
IPv4 Address Assignments
Port Numbers
    TCP and UDP.

This page is copyrighted "freeware"
©2008, Bob Beeman
www.bee-man.us
That means that although it is copyrighted, it is intended for you to use for education or entertainment. Unlike a lot of my pages, you can't realistically copy this one, as it relies heavily on PHP scripts on my server which you can't access. Nevertheless, the small amount of JavaScript near the top of the page (Date, Time, Timezone, Screen Resolution, and Screen Color Depth) should work if you copy this to your hard drive. Feel free to do so.

I make NO guarantee of any kind.
This page may contain serious errors.
Use this page entirely at your own risk!

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  You did not see this. Your eyes are growing heavy. You will scroll up and remember nothing...