Content Sniffing Data

Data as of September 26, 2008

Content-Types That Activated the Sniffer

Scale: out of 100. Only responses with these Content-Types will activate the content sniffer. Not all mime types can be sniffed from all Content-Types. No data was recorded about what percent of requests activate the sniffer.
Content-TypeQuantity
text/plain32.64
text/xml30.38
(No Content-Type)14.25
application/octet-stream12.90
application/xml9.71
(Bogus, aka no "/")0.0833
application/unknown0.0201
unknown/unknown0.0144
*/*0.0057

Magic Numbers

Scale: out of 100. The content sniffer looks for the magic number (expressed here in C notation) at the start of the HTTP response. The sniffer only examines HTTP responses with certain Content-Type headers (see below), so this data reflects only responses with those Content-Type headers.
Magic NumberSniffed Content TypeQuantity
\xFF\xD8\xFFimage/jpeg73.2369
GIF89aimage/gif16.8166
\x89PNG\x0D\x0A\x1A\x0Aimage/png6.8840
MZapplication/octet-stream0.9108
Rar!\x1A\x07\x00application/x-rar-compressed0.6699
BMimage/bmp0.3730
GIF87aimage/gif0.3141
"\x30\x26\xB2\x75\x8E\x66\xCF\x11"
"\xA6\xD9\x00\xAA\x00\x62\xCE\x6C"		video/x-ms-asf0.2431
PK\x03\x04application/zip0.2178
ID3audio/mpeg0.1772
%PDF-application/pdf0.07913
\x1F\x8B\x08application/x-gzip0.03149
\x2E\x52\x4D\x46audio/x-pn-realaudio0.02904
\xD7\xCD\xC6\x9Aapplication/x-msmetafile0.004032
LN\x02\x00application/winhlp0.002070
\xC5\xD0\xD3\xC6application/postscript0.001940
{\\rtf1application/rtf0.001589
\x4A\x47\x04\x0E\x00\x00\x00image/x-jg0.001193
#!text/plain0.001185
II*image/tiff< 0.001
"\x7F" "ELF"application/octet-stream< 0.001
\xE9application/octet-stream< 0.001
\xE8application/octet-stream< 0.001
%!PS-Adobe-application/postscript< 0.001
\xEBapplication/octet-stream< 0.001
Fromtext/plain< 0.001
MM\x00*image/tiff< 0.001
\x1F\x9D\x90application/x-compress< 0.001
?_\x03application/winhlp< 0.001
\x00\x00\x20\x00image/x-icon< 0.001
\x4A\x47\x03\x0E\x00\x00\x00image/x-jg< 0.001
#define\x20image/x-xbitmap< 0.001
\x00\x00\x10\x00image/x-icon< 0.001
#%text/plain< 0.001
P5\x0Aimage/x-portable-graymap< 0.001
">\x20" "From"text/plainnone
\x01\xDA\x01\x01\x00\x03image/x-rgbnone
BZapplication/x-bzip2none
I\x20Iimage/tiffnone
\x4A\x47\x04\x0E\x00\x00\x00image/x-jgnone
{\\rtf1application/rtfnone

Byte Order Marks

Scale: out of 22.52. The sniffer checks for a byte order mark at the beginning if certain HTTP responses.
MarkCharsetQuantity
\xEF\xBB\xBFUTF-817.4296
\xFF\xFEUTF-16LE5.0548
\xFE\xFFUTF-16BE0.03246
\x00\x00\xFE\xFFUCS-4BE< 0.0001

HTML Tags

Scale: out of 22.19. When scanning for HTML tags, the sniffer first skips any leading white space and then looks for the tags below. The checks are case insensitive, except for "<?xml".
TagQuantity
<script20.1647
<html1.5660
<?xml1.3761
<!--0.5394
<head0.3771
<!DOCTYPE html0.3299
<iframe0.3210
<h10.2700
<div0.07008
<font0.05681
<table0.04286
<a0.03166
<style0.01501
<title0.01174
<b0.003531
<body0.002923
<br0.002834
<p0.002581
<meta0.001616
<form0.001345
<img0.001251
<center< 0.001
<h3< 0.001
<tr< 0.001
<link< 0.001
<h2< 0.001
<frameset< 0.001
<h4< 0.001
<base< 0.001
<td< 0.001
<pre< 0.001
<basefontnone
<appletnone
<isindexnone
<h5none
<h6none