CDN / WAF Fingerprint

Detect the CDN and Web Application Firewall in front of a site from its response headers

Usage

Enter a URL or bare hostname — http:// is assumed and redirects are followed

Detection is header-based: absence of a fingerprint does not prove there is no CDN/WAF

The evidence list shows exactly which response headers triggered each match

What CDN / WAF fingerprinting is for

This tool fetches a site's HTTP response headers and matches them against known fingerprints for Content Delivery Networks and Web Application Firewalls. Vendors leave telltale headers — Cloudflare's cf-ray, Akamai's server banner, Imperva's incap cookies, Sucuri's x-sucuri-id — that reveal which edge layer sits in front of the origin.

It is useful for confirming a CDN is actually serving your traffic, checking whether a WAF is active before a security review, understanding a competitor's infrastructure, and debugging caching or blocking behavior that originates at the edge rather than the origin.

Frequently asked questions

Does 'not detected' mean there is no CDN or WAF?

No. Detection relies on identifying headers, and some deployments strip or customize them. A negative result means no known fingerprint matched, not that the edge is definitely absent.

What counts as evidence?

Each matched response header is listed as name: value — for example cf-ray for Cloudflare or x-iinfo for Imperva — so you can see exactly why a vendor was reported.

Can a site sit behind both a CDN and a WAF?

Yes. Many WAFs are delivered as part of a CDN edge (Cloudflare, Akamai), so the tool may report a CDN and a WAF from overlapping headers.