HTTP headers contain valuable information that can be used to identify and mitigate a range of cyber threats, not least by identifying misconfigured or outdated web servers and applications that may be vulnerable to attack.
By analyzing the headers of traffic associated with specific attacks or campaigns, security analysts can identify patterns and connections between different attacks, as well as the infrastructure and resources used by specific threat actors.
Headers can also be used to identify malicious traffic and block it at the network level. Many attackers use specific headers or user agents to hide their activities, but by analyzing HTTP headers, security teams can identify these patterns and take appropriate action.
Silent Push allows you to search through data from our daily scans of the Internet's IPv4 range to obtain information on a broad range of elements related to HTTP headers.
HTTP header information
Navigate to Advanced Query Builder > IPv4 Queries > Scan Data - Headers Usage.
Specify an IP address.
(Optional) Add a netmask for a range.
(Optional) Use Header Search for partial matches.
(Optional) Limit or skip results.
Click Search.
Save queries
Organizational users can save queries for future use or sharing.
Specify query parameters.
Click Save Query.
Provide a Name and Description for context.
Click Save. The query appears in Private Queries.