Limitations and Honest Uncertainty

Fingerprinting public sites is inherently approximate.

Why

1. Headers can lie or be absent. Many sites strip Server and X-Powered-By for security. Absence is not evidence.
2. CDNs hide the origin. A CDN-specific header tells you about the edge, not the server behind it.
3. JavaScript-heavy apps reveal little to a non-rendering fetch. A Next.js site can look the same as a static HTML site at the HTTP level.
4. Frameworks are customizable. Default script paths can be rewritten; default <meta name="generator"> values can be removed.

What to do about it

• Report findings with their confidence label, not as facts.
• Cross-check with other tools before making decisions.
• Re-run the snapshot occasionally — stacks change, especially during migrations.