Threat Level: green Handler on Duty: Basil Alawi S.Taher

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Date
Content-Type
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
P3P
Link
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
Content-Location
X-Frame-Options
Keep-Alive
CF-RAY
X-Varnish
X-Check
X-Language
X-Template
X-Buckets
X-Cacheable
P3p
Access-Control-Allow-Origin
X-Generator
X-Drupal-Cache
X-Hacker
WP-Super-Cache
X-Ac
Status
MS-Author-Via
X-Powered-By-Plesk
X-AspNetMvc-Version
X-Pad
X-Runtime
X-Geo
X-Geo-Port
X-Request-Id
Strict-Transport-Security
X-Powered-CMS
MicrosoftOfficeWebServer
X-Server
X-Host
X-Type
X-Cache-Group
Access-Control-Allow-Credentials
X-Cache-Lookup
Ngpass-Ngall
X-Logged-In
X-Mod-Pagespeed
X-UA-Device
X-Cache-Hits
MicrosoftSharePointTeamServices
Host-Header
X-Url
X-Rack-Cache
X-Via
X-Tumblr-User
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Iinfo
X-XRDS-Location
SPRequestGuid
X-Forwarded-For
X-SharePointHealthScore
X-Tumblr-Pixel-1
X-Backend
X-Varnish-Cache
Access-Control-Allow-Headers
Content-Encoding
X-CF-Powered-By
X-Robots-Tag
X-Served-By
Access-Control-Allow-Methods
X-Accel-Version
X-Tumblr-Pixel-2
X-MS-InvokeApp
X-Cnection
X-ContextId
X-PhApp
X-Webserver
X-Page-Speed
X-ServedBy
X-Xss-Protection
X-CDN
X-BC-Is-HA
X-INKT-URI
X-INKT-SITE
X-Safe-Firewall
X-Alternate-Cache-Key
X-ShopId
X-ShardId
Served-By
Composed-By
X-Firenze-Processing-Times
X-Hostname
X-Pass-Why
X-Cache-Hit
X-PC-Key
X-PC-Hit
X-FRAME-OPTIONS
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Served-With
X-XN-Trace-Token
X-XN-XNHTML
X-Tumblr-Pixel-3
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId
X-Sorting-Hat-PodId-Cached
X-AH-Environment
X-Port
X-Source
X-Powered-By-360WZB
X-Rot
X-Cache-Status
X-Age
Liferay-Portal
Content-Script-Type
Content-Style-Type
X-Spip-Cache
X-Amz-Cf-Id
Cf-Railgun
X-Umbraco-Version
X-Server-Name
Cartoon
X-Amz-Id-2
Content-Security-Policy
X-Cache-Info
Request-Id
X-HeyJason
SPIisLatency
SPRequestDuration
X-Amz-Request-Id
X-Cache-Server
Powered-By-ChinaCache
X-Content-Digest
X-Cache-Result
X-DynaTrace
X-FB-Debug
X-Hyper-Cache
X-Served-From-Cache
Rating
X-TN-ServedBy
Refresh
Real-Hostname
X-Pantheon-Endpoint
X-Styx-Req-Id
X-Styx-Build-Sha
X-Styx-Build-Num
X-Styx-Build-Date
X-Styx-Version
X-Pantheon-Styx-Hostname
X-Timer
X-Loop
X-PHP-Engine
TCN
X-Device
X-Outils-CS
X-VCache
X-Tumblr-Pixel-4
X-Cached-By
X-PersistenceNode
X-TNCMS-Version
X-TNCMS-Memory-Usage
X-TNCMS-Served-By
X-TNCMS-Render-Time
X-Mobilized-By
X-Px
DynaTrace
CF-Cache-Status
X-Request-ID
Magicmarker
NS-RTIMER-COMPOSITE
Page-Completion-Status
X-Cached
Imagetoolbar
X-Generated-By
X-FullPageCaching
X-Tumblr-Content-Rating
IBM-Web2-Location
X-Original-Content-Length
X-Content-Encoded-By
X-From
X-SERVER
X-Tumblr-Pixel-5
X-Loc
Thanks
Product
X-Kafka-Logged
X-DynaTrace-JS-Agent
X-Content-Security-Policy
X-CDN-Geo
X-CDN-Any-IP
X-CDN-Geo-IP
X-W3TC-Minify
X-URL
X-CMS-Version
X-Matrix-Proxy
X-Matrix-Server
X-Xrds-Location
X-Zephyr
Charset
X-WebKit-CSP
X-Node
X-Firenze-Processing-Time
X-Cache-Enabled
X-Backend-Server
Node
X-Powered-By-Anquanbao
X-Seen-By
Access-Control-Max-Age
Pics-Label
ServedBy
X-DDC-Arch-Trace
X-Varnish-Cacheable
Powered-By
Generator
Content-Encoding-Handler
Set-Cookie2
MIME-Version
X-Proxy-Cache
IISExport
X-Content-Options
ServerName
Lsrequestid
Response
X-Original-Request
X-Varnish-Host
X-Drectory-Script
X-SDS
X-UD-Host
X-Cache-Debug
X-Permitted-Cross-Domain-Policies
X-UD-Method
X-I
X-Returned-From-PostProcessResponse
Retry-After
X-Actual-URL
X-Returned-From-DLL
X-Passed-To-DLL
X-Returned-From-BeforeDispatch
X-Returned-From
X-Passed-To-BeforeDispatch
X-Handled-By
X-Passed-To-PostProcessResponse
X-Passed-To
X-Processed-By
X-App-Hosting
X-Varnish-Backend
Cache-By-Node
Proxy-Agent
X-FW-Hash
X-Purge-Host
X-ApacheServer
X-NoCache
SID
PICS-Label
X-PF-Uncompressing
X-FW-Serve
X-FW-Static
X-FW-Type
X-User-Agent
X-Duration
X-Cache-Expires
X-AspNetWebPages-Version
X-Sol
Access-Control-Request-Method
X-Varnish-TTL
X-Expires-Orig
COMMERCE-SERVER-SOFTWARE
Accept-Encoding
X-ATG-Version
X-W-DC
X-Middleton-Response
X-PERF
X-DNS-Prefetch-Control
X-Purge-URL
X-Nitra-Side
Edge-Control
X-Hits
Host
X-TTL
X-SN
X-Front
S
Website-Info
Server-Info
RTSS
X-LiteSpeed-Cache
X-Microcachable
X-Cache-Control-Orig
Fhost
X-PwB-Node
X-Cache-Config
WWW-Authenticate
Content-Disposition
X-Version
X-Cookie-Domain
X-Track
X-Micro-Cache
X-CJ-Soft
X-Varnish-Hits
X-FORWARDED-FOR
Grace
X-Yadis-Location
X-Hosted-By
X-Wix-Renderer-Server
X-HOSTNAME
SN
AMF-Ver
Cm-Server
NtCoent-Length
X-Vary-Options
Surrogate-Control
Machine
X-Response-Time
SEOMOZ
MJ12bot
Filter-Revision
X-Highwire-SessionId
Accept-Charset
X-Highwire-RequestId
Cache
X-ServerID
X-Wix-Request-Id
X-Swift-CacheTime
X-Swift-SaveTime
X-Speed-Cache
X-Varnish-IP
X-Speed-Cache-Key
X-Whom
X-FIRSTBase
X-Wix-Dispatcher-Cache-Hit
X-Engine
X-Cocoon-Version
X-ServerName
X-Stale
Srv
X-Director
X-Varnish-Age
X-Blog
X-Session-Reinit
Ngpass-Vcall
VAR-Cache
X-FW
X-Cache-Rule
A-Powered-By
Powered
Origin
X-Cache-Operation
X-Tumblr-Pixel-6
X-BackendServer
Server-Name
X-S
X-Amz-Meta-S3cmd-Attrs
Id
X-Varnish-Object-Age
X-ACMCache
Webluker-Edge
X-Trace-Cache
X-MJ-Upstream-Addr
X-GeoIP-Country-Code
X-GeoIP-Country-Name
X-Varnish-Server
Upgrade
X-Cache-TTL
ServerID
Ms
X-Connection-Hash
X-ID
X-Transaction
Req-Id
X-Cdn
X-Srv
X-Twitter-Response-Tags
X-App
X-MiniProfiler-Ids
Time
X-Time
NODE
Proxy-Connection
Qs-Cache
X-Varnish-Beresp-Status
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Grace
MIH-PLATFORM
X-Art-Request-Id
MIH-PUBLIC-IDENTIFIER
X-App-Status
X-MJ-Serve-Req-Time
MIH-CLIENT-FARM
X-Domain-Checked
Warning
CT
X-Geo-IP
X-Distil-CS
Dispatcher
X-Provisioner-Version
X-Source-Host
X-Gamma-Serve
X-Vtex-Processado-Em
X-WebServer
X-Adobe-Content
X-Trace
X-Directory-Script
X-Machine-Name
CommunityServer
X-Secret
X-GeoIP
X-SRV
No
X-Varnish-Cache-Hits
X-Server-Id
X-LIGHTHTTP-PCDID
X-Vtex-Remote-Cache
X-Country-Code
NetMindSessionID
X-CHSN
X-FreeTag-Count
X-Microcache-Status
Beyond-Iis
LBVIS
X-Vhost
X-Device-Type
X-Powered-By-VTEX-Janus-ApiCache
X-Powered-By-VTEX-Janus-Router
Server2
X-VTEX-Cache-Status-Janus-ApiCache
-GCR
X-Cluster-Node
X-VTEX-Janus-Router-Backend-App
NLCacheNote
X-ServerCache-Info
X-Vtex-Processed-At
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-Edge
X-Cached-Status
X-Ttl
X-Pangea-Version
X-App-Start
X-Recruiting
X-Frontend
XDomainRequestAllowed
Cteonnt-Length
SS
X-Sys-Req-ID
X-Cache-Action
X-Translation
Fpc-Cache-Id
X-Server-ID
Be-Ip
Location
X-N
Be-Va
SVR
X-Bettercache-Proxy
MW-Webserver
X-CacheHits
X-Developer
X-Object-Type
X-Object-Id
X-Wily-Servlet
X-Header
X-Wily-Info
X-Resolver-IP
X-Request-Locale
X-Orig-Vary
X-Atraveo-Varnish-Server-Id
X-Atraveo-TTL
Content-Transfer-Encoding
X-Atraveo-Cache-Control
X-Atraveo-From-Varnish-Cache
X-Src-Webcache
X-Atraveo-NC
X-Cache-Age
Buuteeq-Source
Ngpass-All
Rt-Fastcgi-Cache
X-LI-UUID
X-UPSTREAM
Content-MD5
X-Grid-Server
X-Li-Pop
X-Li-Fabric
X-FS-UUID
UniqueName
MirrorName
RATING
LFY
SFY
X-Force
X-Source-ID
X-PRAM
X-Old-Content-Length
From
X-Accelerated-By
X-Powered-By-Server
SiteName
X-Info
X-Server-By
X-Real-Server
X-DeliveryServer
Apache
Content-Security-Policy-Report-Only
X-Stage
Author
SRV
X-TempDebug
X-Cache-Lifetime
Backend
PageSpeedFilters
X-Rewritten-By
X-ManagedFusion-Rewriter-Version
X-AOL-SNH
Front-End-Https
X-Location-Id
X-LB
X-REDIRECTSERVER
X-Origin-Id
X-Id
Nodo
X-Enhanced-By
X-Venda-Hitid
X-Expires
X-Dev
X-Jphone-Copyright
X-Router
ScoreTracker
X-UD-Loopcounter
X-Do-Not-Hack
Backend-Name-Original
X-Block
X-Frames-Options
X-PoweredBy
X-Channel-Maxage
X-Empowered-By
X-UD-REMOTE-ADDR
X-UD-Target
Front
X-Oracle-DMS-ECID
X-Router-Backend
X-ChromeLogger-Data
X-UseReverse-Proxy
X-Trace-App
X-Geo-IPV
X-Webapp
X-Geo-IP-Country
Worker
X-Cms-Mode
X-Geo-IP-Metro
X-Geo-IP-Region
X-Internal-IP
X-Hash
X-Varnish-Action
X-WR-MODIFICATION
BM-Cache-Key
Hamster
PageSpeed
X-Nginx-Host
LBC
BM-Cache-Node
X-ORACLE-DMS-ECID
X-Turbo-Control
X-Via-Kemp
Compression-Control
X-Varnish-ID
XX
Ttl
X-DTC
X-B2f-Not-Route
X-DefendeR-Runtime
X-GC-App
Cluster-ID
X-GC-Read
Web-Server
X-Route
X-GC-Write
X-CacheServer
CDN
X-Actindo-RS
X-Vhost-ID
X-Powered
X-Hosting-Env
X-Hit-Cache
X-Uid
X-ESI
X-Kirra-SiteId
X-Response
SIP
X-Pagename
X-Varnish-Cache-Local
7e-Page-Cache
X-OPNET-Transaction-Trace
X-Cache-Route
X-GSL-Server
No-Cookie
Cneonction
X-ASTRO-REWRITE
X-ATM-RServer
X-Goog-Hash
Rt-Server
X-Amz-Id-1
Il-Cl
X-ATM-RTime
X-Origin
Ksid
X-Cache-On
Pool
Provider
Bs-Header
X-NginX-Server
X-PvInfo
Content-Instance
X-Gannett-Site-Version
Accept-Language
Atp-Isdpp
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
NnCoection
X-Varnish-Count
X-Varnish-HitMiss
At-Isb
At-Shoptype
X-SERVERID
X-Ar-Debug
Www.Mirrorgate.Se
Www.Mabracertifiering.Se
Mark
X-Varnish-Debug-Hits
Jobb.Gil.Se
Jobb.Assistentpoolen.Se
X-Upstream
Jobb.Passal.Se
Open.Jobgate.Se
Test.Executivepeople.Se
P3P:CP
AppDynamics-BT
Copyright
X-Vivastreet-KiwiiPage
ExecutionTime
Noq
X-CacheTTL
X-Vivastreet
X-Varnish-Cache-Server
BALANCEDTO
X-Varnish-Device
Cpu
Progma
Ram
X-Catalyst
X-Host-Url
X-Varnish-Debug-Age
X-Farm-Server
X-Nginx-Backend
X-NGINX-CACHED-AT
Cache-Ctrol
X-NGINX-CACHED
Www.Myjob.Se
X-Varnish-URL
X-Max-Age
X-TempoPesquisa
X-ACCELERATE
X-Cache-Set
X-Edge-Location
X-Content-Age
Aoestatic
Cmsid
X-Varnish-Debug-Pool-Recv
X-Varnish-Debug-Pool-Fetch
Cmstype
X-Yottaa-Metrics
X-Yottaa-Optimizations
X-WP
X-Monstercache-Timeout
X-Server-IP
X-Varnish-Restarts
X-Magento-Action
X-Web-Node
X-Nginx-Server
X-Magento-Lifetime
X-ESI-Enable
X-Cache-Ttl
X-Uplex
X-FFX-B
X-SilverStripe-Cache
Version
X-WA-Info
Content
X-SV
X-Hostingcenter
Fastcgi-Cache
AV1080
BM-Cache-Status
X-Country
Acdc-Web
X-SSL
X-7d-Version
X-7d-Traceid
X-7dig
CC-CACHE
X-LAvg
CC-UP
X-N-ViewType
X-PM-ID
SLB
CP
No-Cache
X-Server-Instance
X-Allow-Redis
X-SmugMug-Hiring
X-SmugMug-Values
HCVer
X-ProcessESI
X-Stackable-Node
X-RemovedCookies
X-T3Cache
HAVer
X-TTFB
Svr
ServerId
Server-N
X-Locale
X-Garden-Version
X-TTFB-L
X-Forwarded-Proto
Head
X-Continum-Server
INCOMING-TIME
X-T3CacheInfo
Smug-Env
X-MCB-Server
X-Flow-Powered
Access-Control-Expose-Headers
X-Purge-Level
X-UserAgent
X-TLServer
X-Life
SV-Duration
X-Dynatrace
X-T3CacheTags
X-FCMS-Cache
X-Flex-Evstart
X-Flex-Community
X-Flex-Evend
X-B2f-Cache-Load
X-XHR-Current-Location
Redirect
X-Caching-Rule-Id
X-Client-IP
OriginServer
X-Flex-Lang
Provided-Host
ServerIP
ORIGIN
X-Nginx-Cache
X-Node-Name
X-Flex-Lastmod
X-Hstore
WP-AdvCache-MemCached
X-EdgeRouter
X-Hrouter
X-Varnish-Cookie-Debug
Tracker
X-WorkerInstancename
X-D-Time
X-S-Misc
Xonnection
Last-Published
User-Updated-At
User-Id
X-Accel-Expires
X-MobileDetected
X-Flex-Tag
X-Generation-Time
X-Flex-Tags
X-Header-Set-Id
X-JSON-API-LATENCY
Countrycode
X-Confluence-Request-Time
X-ELC-Checkpoint4
X-Pixelsilk-Version
Foglight-Request-UUID
X-Pixelsilk-Server
X-Page-Generation-Time
X-Edge-IP
X-Page-Generated-At
Tpt.Renderer
Sid
Server-Optimized-By
ProxiaInstanceId
Tpt.Renderer1
X-Debug
X-Config-By
UNIQUE-ID
X-Cache-Key
DBG-Timestamp
SBMCLOUD
X-Framework
X-MSEdge-Ref
X-Nucleus-Cache
ServerConfigManager.WebBugTracker
X-Would-Your-GrandPa-Wait
X-Drupal-Cache-Tags
X-Artvisual-Server
X-App-Server
X-Your-GrandPa-Would-Wait
WebDevSrc
User-Cache-Control
X-Fett
X-Client-Addr
DBG-TargetHost
X-Cluster
X-TTL-Age
X-IDS-WS
DBG-HTTPHOST
X-Server-Node
X-Lautre-Frontal
X-NID
X-Bcwwwid
X-Wm-1
X-RSS-CACHE-STATUS
X-WLD-LB
X-Wm-VIP
Backend-Host
X-Unbounce-PageId
X-Server-Generated
X-SDE-Name
X-Haiku
X-Varnish-Hit
X-CMS
X-Time-Spent
X-Varnish-Currency
X-Cache-Backend
Web-Head
X-Wikidot-Backend
PServer
Ec
Render
X-Unbounce-Variant
X-AISO-Cache
WEBO
ExecuteNonQuerySQLParam
X-GLaDOS
Http
X-Varnish-Ttl
POOL
IsFullSiteRequest
X-AISO-Server
Disaptch-Cache-Rule
Accept
X-Unbounce-VisitorID
X-Binarysec-Via
After
B-Powered-By
X-App-Container
Before
X-Wikidot-Static-Cache
X-V-TTL
X-Monstercache-Host
X-DEBUG
X-NginX-Cache
X-Monstercache-Hash
X-Monstercache
Publisher
Secured
X-Hit
X-DELIVERYSERVER
X-Distributed-By
X-V-I-TTL
X-V-Outer
Allow
X-Req-Url
X-Req-Host
X-Remote-Addr
Xc
X-Created
X-Wix-Route-ID
WP-Cache
X-DC-Origin-IP
X-Distributor
X-Backend-Ip
X-SATserver
Test
X-RequesterIP
X-Feed
X-Ratelimit
Server-IP
X-GeoIP-Country
X-Original-IP
Portlet.Expiration-Cache
OGHopCount
X-SeschatTemplateID
X-IP-Address
BE
Ez
X-SeschatRedID
X-Varnish-Debug-Varnish-TTL-Set-From-Server
MachineName
X-Seschat-URL
X-SeschatDID
X-SeschatLayout
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-EPiphany-Vid
SL-NOREWRITE-REDIRECTS
X-Client-Vid
X-USERNAME
X-HOSTTYPE
WFE
X-Full-URL
X-Middleton-PageSpeed
X-ServerId
Nitro-Cache
X-Optimization
Esi-Enabled
CacheControlHeader
X-Benchmark-Db
X-Benchmark-Cache
Tempo
X-Status
X-Benchmark-Sphinx
X-Benchmark-Sphinx-Count
XDisk
X-PBY
X-Hc-Host
X-Benchmark-Total
X-DB-Content-Length
X-Powered-Developer
X-Cluster-Host
X-Jcms-Ajax-Id
X-Abuse
Prama
X-Svr-Id
X-ESI-Processing
Modcookie
Hej
X-CCM
X-Varnish-Hashed-On
Sigma
X-Device-Group
X-Pb-Mii
Initialhost
X-TISSERVER
X-RE-Ref
X-VarnCache
Modhost
Nginx-Cache
X-Gondor-Server
Modurl
X-Mii-Cache-Hit
X-DSMX-Render-MS
X-ATP-Server
Hotelbookingid
Ozcache
X-Rack-Cors
F-In-Cache
X-Back
Xforwardhost
Content-Cache
Www.Aujourdhui.Com
X-FarmId
X-DSMX-Rewrite-MS
Mime-Version
X-Revision
X-SERVER-ID
X-CACHE-TTL
Language
Railo-Version
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Varnish-Hostname
X-V
TP-Cache
Mobiquo-Is-Login
X-Debug-Token
Pool-Info
Cached
X-Backend-Name
X-Backend-IP
X-Aberdeen-Cache
X-Aberdeen-Site
X-Instart-Request-ID
X-Request-Received
X-Instance
X-Lang
X-Download-Options
PS-CapabilityList
X-Request-Processing-Time
X-HeBS-Cache-Status
X-PS-MURDOCK-CASE-NORMALIZATION
X-Trans-Id
X-VG-WebCache
Public-Key-Pins
W
X-Timestamp
X-Site
Requested-Host
X-Brought-To-You-By
X-Dynamic
X-Mobile
X-Compressed-By
X-Ec-Custom-Error
MASTERWEBLET
X-Magnolia-Registration
X-Planisys-CDN-Cache
X-Planisys-CDN-Rules
X-Test
X-Yqk-Set
X-FRONT-TTL
X-Powered-By-Yqk
X-ProxyInstancename
MageStack-Tag
MageStack-Response-Ttl
X-Varnish-Set-Cookie
X-WAP
B2C-HG-008
X-ACLR-Version
X-PS-MURDOCK-ORIG-PROTOCOL
X-PS-MURDOCK-ORIG-FILEEXT
X-Czt
X-Hosting
X-Cached-From
X-HW
MageStack-Area
MageStack-Config
MageStack-Debug
MageStack-Loadbalancer
MageStack-PageSpeed
MageStack-Cacheable
MageStack-Cache-Status
MageStack-Cache
MageStack-Cache-Hits
MageStack-Cache-Lifetime
TP-L2-Cache
X-MSU-SOURCE
X-VAR-VCache
X-Url-Store
X-VAR-VCacheCount
X-VAR-Apache
X-VAR-Backend
X-VAR-Host
X-VAR-Hash
X-VAR-BackendHealthy
X-Var-Hash
CountryCode
ID
IsMobile
CACHED-RESPONSE
Ibf5scheme
'Ibf5scheme'
X-Webstats-RespID
X-ServedByHost
X-VAR-Logic
X-VAR-Mobile
X-Checkout
X-VAR-Server
X-CMS-Server
X-CacheStore
X-Backend-Status
X-VAR-Url
X-B2f-Cache-NotFromUrl
X-VAR-TTL
Noahs-Classifieds
X-Cookie-Store
X-ErrorPage
X-VAR-Referer
X-VAR-PageSpeed
X-VAR-RequestType
Rt-Proxy-Cache
S-Cnection
X-Dokk-PortalId
MGIT
AcceptLangage
X-SiteConInfo
X-Symfony-Cache
Robots
X-Environment
X-Content-Parsed-By
X-RNDPAGE
X-TAG
X-MidCOM-Meta-Cache
X-Cluster-ID
Http.Set-Cookie
OutputRewritten
SobiPro
X-AVG
D
AppServer
X-Process-Time
X-Src-Loadbalancer
X-HITS
X-BIN
X-B
X-Cache-Control
X-Cache-Via
X-Author
X-Apublish-Id
X-AccessDev
Fw-Via
X-Ocache
X-Pagecache
X-Time-Microsecs
Apple-Itunes-App
X-Dynatrace-Js-Agent
X-T
X-Debug-Serve
X-Req-Counter
DB-Nickname
X-AVG-REWRITE