I found that if an request is made to the server like: GET %5c HTTP/1.1 Host: localhost If the server is under linux, the response will be HTTP/1.1 400 Bad Request If the server is under windows, the response will be HTTP/1.1 404 Not Found It helps for OS fingerprinting and is the first part of an penetration testing. I know is a low security problem, but I think is important to be fixed.