WHAT DO I KNOW ABOUT YOU?

You are at IP Address 38.107.191.86
Which resolves to
It is now Wed Mar 10 18:37:05 EST 2010
Rats. Your server will not reveal your true identity.
You enjoy surfing with CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
Hmmm. If I were an evil hacker or if you were doing something really bad and I had a warrant, I guess going by your ISP's address, your IP number, the time, and the billing information- I could get your home address and phone number. If you have your own static (permanent IP address) it would make my job easier!

Hmmm. If I were a spammer. I am NOT either doing it or showing you how, but if you are using Netscape or MSIE with your mail enabled- I could with a small JAVA applet- have your e-mail address in my mailbox right now!

Hmmm. If I were a marketer what would this small amount of information tell me?

  • I know by comparing your domain to a geographic list of servers- where you live!

  • Does your domain end with edu? If so I know you are associated with that school. Same thing for com, unless it is an ISP. I also can tell where mil, gov, and org people are from. You might also be from another country

  • I can tell what browser you are using.

  • From looking at the version, I can tell if you have the latest version. Most serious net users do.

  • I know what operating system you are using.

  • Maybe I can get an idea of when you are on-line
In fact, taken as a whole, a webmaster can get a very good idea who his or her audience is. For instance. If I notice that most of my hits are from people using MSIE, I may want want to change that little my site looks best with message.

All of this information is actually captured in the various server logs. By collecting this information in my CGI script, such as a survey, I do not have to try and figure out which hit it was- an impossible task!

So when you do a CGI script, keep in mind that you might try logging accesses. This will be a topic for another day. Next time you complete any type of HTML/CGI form and hit SUBMIT- remember what you are really telling that server!

The Cast of Characters

Here are the environmental variables that I used:
  • REMOTE_ADDR: The numerical IP address you are at
  • REMOTE_HOST: The host you are logged on to
  • REMOTE_USER: If your server wants to tell me- your real user name
  • HTTP_USER_AGENT: The brand and version browser you are using
Click here to download a copy of this program!

Here are all the variables!

SERVER_SOFTWARE = Apache
GATEWAY_INTERFACE = CGI/1.1
DOCUMENT_ROOT = /httpd/share/apache/htdocs
REMOTE_ADDR = 38.107.191.86
SERVER_PROTOCOL = HTTP/1.1
SERVER_SIGNATURE = 
HTTP_X_CC_ID = ccc02-02
REMOTE_HOST = 
REQUEST_METHOD = GET
QUERY_STRING = 
HTTP_USER_AGENT = CCBot/1.0 (+http://www.commoncrawl.org/bot.html)
PATH = /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/ucb:/usr/ccs/bin
TZ = Canada/Eastern
HTTP_ACCEPT = text/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
HTTP_CONNECTION = close
REMOTE_PORT = 40837
SERVER_ADDR = 216.183.128.11
HTTP_ACCEPT_LANGUAGE = en-us,en;q=0.5
HTTP_CACHE_CONTROL = no-cache
SCRIPT_NAME = /~stoeckli/cgi-bin/i_spy.cgi
HTTP_ACCEPT_ENCODING = gzip
SCRIPT_FILENAME = /export/home/stoeckli/public_html/cgi-bin/i_spy.cgi
SERVER_NAME = www.bmts.com
HTTP_PRAGMA = no-cache
REQUEST_URI = /~stoeckli/cgi-bin/i_spy.cgi
HTTP_ACCEPT_CHARSET = ISO-8859-1,utf-8;q=0.7,*;q=0.7
SERVER_PORT = 80
HTTP_HOST = alice.bmts.com
SERVER_ADMIN = tech@bmts.com