Threat Level: green Handler on Duty: Tom Webb

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
Link
X-AspNet-Version
P3P
X-Content-Type-Options
X-XSS-Protection
X-Cache
Age
X-Adblock-Key
Content-Language
X-UA-Compatible
X-Frame-Options
Via
Keep-Alive
CF-RAY
X-Language
X-Template
X-Check
X-Buckets
P3p
Content-Location
X-Varnish
X-Cacheable
Access-Control-Allow-Origin
Alternate-Protocol
X-Generator
X-Drupal-Cache
WP-Super-Cache
X-Ac
X-Hacker
Strict-Transport-Security
Status
X-Powered-By-Plesk
MS-Author-Via
X-AspNetMvc-Version
X-Request-Id
X-Runtime
X-Geo-Port
X-Geo
X-Pad
X-Powered-CMS
X-Mod-Pagespeed
X-Type
X-Cache-Group
X-Pass-Why
Access-Control-Allow-Credentials
X-Xss-Protection
Ngpass-Ngall
X-Logged-In
MicrosoftOfficeWebServer
X-Cache-Hits
X-Cache-Lookup
X-Host
Host-Header
X-UA-Device
X-Server
X-Proxy-Cache
X-Iinfo
X-Via
MicrosoftSharePointTeamServices
Access-Control-Allow-Headers
X-Backend
Access-Control-Allow-Methods
SPRequestGuid
X-SharePointHealthScore
X-Rack-Cache
X-Tumblr-Pixel-0
X-Tumblr-User
X-Tumblr-Pixel
X-XRDS-Location
X-Robots-Tag
X-Served-By
X-CF-Powered-By
X-Sorting-Hat-ShopId-Cached
X-Dc
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId
X-Varnish-Cache
X-Tumblr-Pixel-1
X-Accel-Version
X-CDN
X-ContextId
X-ServedBy
X-ShopId
X-ShardId
X-Alternate-Cache-Key
X-MS-InvokeApp
X-Safe-Firewall
X-Cnection
Content-Encoding
X-Tumblr-Pixel-2
X-INKT-URI
X-INKT-SITE
X-Seen-By
X-Hostname
X-Webserver
X-BC-Is-HA
X-PhApp
X-PC-Key
X-PC-Hit
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Cache-Hit
X-Page-Speed
Composed-By
X-FullPageCaching
Served-By
Content-Security-Policy-Report-Only
X-Port
X-AH-Environment
X-FRAME-OPTIONS
Cartoon
X-Firenze-Processing-Times
Public-Key-Pins
X-Cache-Status
X-Tumblr-Pixel-3
X-Age
X-Amz-Cf-Id
X-HeyJason
Cf-Railgun
X-W-DC
X-XN-Trace-Token
X-XN-XNHTML
Request-Id
X-Spip-Cache
X-Wix-Renderer-Server
Content-Security-Policy
X-Powered-By-360WZB
SPIisLatency
X-Wix-Request-Id
Liferay-Portal
SPRequestDuration
X-Served-From-Cache
X-Wix-Dispatcher-Cache-Hit
CF-Cache-Status
Content-Script-Type
Content-Style-Type
X-Amz-Id-2
X-Content-Digest
X-Amz-Request-Id
X-Umbraco-Version
X-SERVER
X-Pantheon-Styx-Hostname
X-Styx-Build-Sha
X-Styx-Req-Id
X-Styx-Build-Num
X-Styx-Build-Date
X-Styx-Version
X-Pantheon-Endpoint
X-Timer
X-Server-Name
X-Request-ID
X-Cache-Server
X-Clacks-Overhead
Powered-By
X-Cache-Info
X-DynaTrace
Rating
X-Hyper-Cache
X-Turbo-Charged-By
X-Cache-Enabled
X-Device
TCN
DynaTrace
X-Outils-CS
Real-Hostname
X-TN-ServedBy
X-VCache
X-Tumblr-Pixel-4
X-Loop
X-PHP-Engine
X-Cache-Resuilt
X-Px
X-Forwarded-For
X-Cached-By
X-FB-Debug
X-From
X-PersistenceNode
X-TNCMS
X-CDN-Geo-IP
X-CDN-Geo
X-CDN-Any-IP
NS-RTIMER-COMPOSITE
X-Cached
X-Url
X-Hits
X-Microcachable
Refresh
X-Tumblr-Content-Rating
X-Generated-By
Imagetoolbar
Product
Ms-Author-Via
Access-Control-Max-Age
Charset
Magicmarker
Page-Completion-Status
X-Loc
X-Backend-Server
Powered-By-ChinaCache
X-FW-Hash
X-FW-Type
X-FW-Static
X-FW-Serve
IBM-Web2-Location
X-Content-Security-Policy
X-Content-Encoded-By
X-Matrix-Proxy
X-Tumblr-Pixel-5
X-Matrix-Server
X-DynaTrace-JS-Agent
X-CMS-Version
X-Mobilized-By
X-Zephyr
Response
X-Jimdo-Wid
X-Jimdo-Pid
X-Permitted-Cross-Domain-Policies
X-Node
X-SDS
X-User-Agent
CC-CACHE
Thanks
X-Director
X-Processed-By
X-DDC-Arch-Trace
ServedBy
X-Middleton-Display
Display
X-Middleton-Response
X-Sol
X-Swift-CacheTime
X-Swift-SaveTime
Access-Control-Request-Method
Generator
Grace
X-I
Ngpass-Vcall
PICS-Label
X-Content-Options
X-Firenze-Processing-Time
X-MiniProfiler-Ids
X-URL
X-Cache-Config
X-UD-Host
X-UD-Method
X-Powered-By-Anquanbao
X-Version
X-App-Hosting
Vacache
X-Purge-Host
X-Varnish-TTL
Node
X-Expires-Orig
X-AspNetWebPages-Version
X-Whom
X-ApacheServer
X-WebKit-CSP
X-Micro-Cache
X-W3TC-Minify
X-ATG-Version
RTSS
X-Country-Code
Host
Content-Encoding-Handler
Lsrequestid
SID
Edge-Control
X-Cache-Expires
X-DNS-Prefetch-Control
Content-Disposition
X-Varnish-Host
X-Hosted-By
X-Instart-Request-ID
X-Cache-Debug
Retry-After
X-Purge-URL
X-Varnish-Backend
Proxy-Agent
X-Original-Request
X-Cache-Result
X-Handled-By
MIME-Version
VAR-Cache
Accept-Encoding
X-Nitra-Side
Surrogate-Control
Pics-Label
X-Passed-To-DLL
X-Passed-To-BeforeDispatch
COMMERCE-SERVER-SOFTWARE
X-Returned-From-PostProcessResponse
X-Passed-To-PostProcessResponse
X-Passed-To
X-Returned-From-DLL
X-Returned-From
X-Actual-URL
X-Returned-From-BeforeDispatch
X-SRV
Alt-Svc
X-FW
X-PF-Uncompressing
Set-Cookie2
X-PERF
ServerName
X-NoCache
X-FORWARDED-FOR
X-Duration
X-PwB-Node
Proxy-Connection
X-Varnish-Hits
X-Cdn
X-ServerID
X-TTL
IISExport
X-App-Status
X-ACMCache
X-Varnish-Cache-Hits
X-Varnish-IP
X-Varnish-Cacheable
X-Yadis-Location
Srv
Rt-Fastcgi-Cache
X-Tumblr-Pixel-6
Fpc-Cache-Id
X-Cookie-Domain
AMF-Ver
X-CJ-Soft
X-Drectory-Script
Accept-Charset
S
WWW-Authenticate
Fhost
X-Front
X-Track
Cache
Cm-Server
X-Art-Request-Id
ServerID
NODE
Webluker-Edge
X-Cache-Age
X-Speed-Cache-Key
X-S
X-Speed-Cache
X-LiteSpeed-Cache
X-Cache-Control-Orig
Filter-Revision
X-Distil-CS
X-Time
X-BackendServer
X-Session-Reinit
X-Stale
Version
X-ServerName
X-Vary-Options
Id
X-Location-Id
MJ12bot
X-Ttl
SN
SEOMOZ
Upgrade
X-Gamma-Serve
X-Blog
X-Cache-Rule
X-GeoIP-Country-Name
X-Varnish-Age
Qs-Cache
X-GeoIP-Country-Code
X-Amz-Meta-S3cmd-Attrs
Nodo
X-SN
Req-Id
Powered
Front-End-Https
X-Cache-Lifetime
Location
A-Powered-By
X-Directory-Script
PageSpeed
X-Response-Time
X-Cache-TTL
X-Trace-Cache
X-FIRSTBase
X-Translation
X-Device-Type
X-Microcache-Status
Buuteeq-Source
X-Domain-Checked
X-Provisioner-Version
X-App
X-Adobe-Content
Warning
X-CHSN
NetMindSessionID
Dispatcher
X-Varnish-Beresp-Grace
Server-Name
X-Varnish-Beresp-Status
X-Varnish-Beresp-Ttl
X-Xrds-Location
X-Do-Not-Hack
X-Frontend
X-Bettercache-Proxy
X-Distributed-By
X-HOST
X-WR-Flags
X-Cache-Operation
ORIGIN
X-Cache-CFC
Cache-By-Node
Content-Transfer-Encoding
X-Secret
X-Trace
X-Orig-Vary
X-SBGI-Cache-Codes
X-N
X-Object-Id
X-Highwire-SessionId
X-Highwire-RequestId
X-Object-Type
S-Cnection
X-Old-Content-Length
MIH-PUBLIC-IDENTIFIER
X-VTEX-Cache-Status-Janus-ApiCache
X-AOL-SNH
X-Powered-By-VTEX-Janus-Router
X-Powered-By-VTEX-Janus-ApiCache
No
X-Powered-By-VTEX-Janus-Edge
X-Vtex-Processed-At
X-Vtex-Processado-Em
LBVIS
X-FreeTag-Count
X-VTEX-Janus-Router-Backend-App
X-Vtex-Remote-Cache
X-VTEX-Cache-Status-Janus-Edge
X-Varnish-Action
CT
XX
X-ID
X-Cocoon-Version
X-Country
Machine
MIH-PLATFORM
MIH-CLIENT-FARM
X-Symfony-Cache
X-Powered-By-Server
X-LIGHTHTTP-PCDID
X-Varnish-Server
X-Cache-On
X-Sys-Req-ID
REFRESH
X-Id
X-Src-Webcache
-GCR
Apache
NtCoent-Length
Cteonnt-Length
X-Server-Id
X-Recruiting
X-Server-ID
X-Cache-Action
Backend
From
Website-Info
Server-Info
Cxy-All
Origin
X-Geo-IP
X-Varnish-HitMiss
X-Varnish-Count
W
X-WebServer
NLCacheNote
X-Loopia-Cache
X-UD-REMOTE-ADDR
X-Developer
X-UD-Loopcounter
X-Header
ScoreTracker
Content-MD5
X-UD-Target
X-Origin-Id
Beyond-Iis
X-Cache-Control
SVR
XDomainRequestAllowed
X-ClientSide-Caching
X-Expires
X-Gannett-Site-Version
MW-Webserver
X-Geo-IPV
X-Geo-IP-Country
X-ServerCache-Info
Access-Control-Expose-Headers
X-Geo-IP-Metro
Pool
X-Machine-Name
X-Geo-IP-Region
X-Who
X-Edge-Location
BM-Cache-Status
BM-Cache-Key
BM-Cache-Node
X-Yottaa-Metrics
X-ChromeLogger-Data
X-Wily-Servlet
X-Wily-Info
X-Yottaa-Optimizations
X-Info
X-Remote-Addr
X-Cluster-Node
X-Force
X-Source-ID
X-PRAM
X-WorkerInstancename
X-Engine
X-Empowered-By
X-Resolver-IP
X-ORACLE-DMS-ECID
X-Turbo-Control
X-Nginx-Cache
X-SDE-Name
X-Srv
TP-Cache
X-Cache-Set
TP-L2-Cache
X-Oracle-DMS-ECID
X-UPSTREAM
X-ESI-Enable
X-BS
X-Accel-Expires
X-Rewritten-By
X-Amz-Id-1
Spiislatency
Sprequestduration
Last-Published
X-ManagedFusion-Rewriter-Version
X-Router
X-Webapp
X-UseReverse-Proxy
Front
X-FFX-B
X-Router-Backend
X-Frames-Options
No-Cookie
Cluster-ID
NnCoection
CommunityServer
SiteName
X-ATM-RServer
Progma
Provided-Host
Muha
X-Ms-Invokeapp
X-Real-Server
X-Response
X-Beatles
Rt-Server
X-Farm-Server
X-Req-Host
X-Actindo-RS
X-ATM-RTime
LBC
X-Ruxit-Js-Agent
X-REDIRECTSERVER
X-Atraveo-NC
X-Atraveo-TTL
X-Atraveo-From-Varnish-Cache
X-Atraveo-Cache-Control
X-Is-Mobile
Accept-Language
X-Atraveo-Varnish-Server-Id
X-DPWN-IS-SECURE
X-WR-MODIFICATION
X-Dev
Jobb.Assistentpoolen.Se
Servername
X-Phpwcms-Release
X-Phpwcms-Page-Processed-In
Xonnection
WFE
X-Flow-Powered
X-Ar-Debug
Test.Executivepeople.Se
X-Abuse
BM-CountryCode
Jobb.Gil.Se
Jobb.Passal.Se
X-Env
Www.Mabracertifiering.Se
WP-AdvCache-MemCached
LFY
X-Kirra-SiteId
SFY
X-Uid
Www.Mirrorgate.Se
X-Debug
Edgecast
Www.Myjob.Se
Open.Jobgate.Se
Author
P3P:CP
Cneonction
X-Render-Time
Arr-Disable-Session-Affinity
X-Max-Age
X-Grid-Server
X-SilverStripe-Cache
Pool-Info
Content-Instance
X-Server-Instance
X-Storage
X-Revision
X-ProxyInstancename
X-EPiLogOnScreen-PostUrl
Smug-CDN
X-Invoke-Duration
Hamster
X-Vhost
WEBO
X-PM-ID
X-Amz-Version-Id
X-Vhost-ID
SRV
X-Jphone-Copyright
SS-Request-ID2
Sophnep-Edge-FX
Cmstype
FROM-SERVER
X-Powered
X-CACHE-TTL
X-Drupal-Cache-Tags
Publisher
X-DTC
X-CacheServer
X-Stage
X-N-ViewType
X-Goog-Hash
SIP
Cache-Rule
BM-Cache-Bypass
Aoestatic
X-T3CacheTags
X-T3Cache
X-Webstats-RespID
HAVer
HCVer
X-SSL
X-TempDebug
X-Built-By
X-SmugMug-Hiring
X-SmugMug-Values
X-TTFB
X-Cache-Ttl
X-Cms-Mode
X-7d-Version
X-7dig
X-EPiLogOnScreen
X-TTFB-L
X-Grace
X-Enhanced-By
X-Varnish-Device
X-MCB-Server
X-Varnish-ID
Cache-Ctrol
Worker
X-B2f-Not-Route
Web-Server
X-7d-Traceid
Cmsid
X-APP
X-Hit-Cache
X-Libra-UpstreamHost
X-Twitter-Response-Tags
X-Transaction
X-Connection-Hash
X-Nginx-Host
Ms
X-Pagename
If-Modified-Since
X-CCC
F-In-Cache
X-Content-Age
Mobiquo-Is-Login
X-SV
X-NginX-Server
Mime-Version
X-Nhost
X-NFE
X-Fastcgi-Cache
Server-N
CacheControlHeader
Tracker
X-I-Sp
CACHED-RESPONSE
X-Prerender-Token
X-GC-Write
X-CID
X-Webobjects-Loadaverage
X-TLServer
X-GC-Read
X-Garden-Version
X-GC-App
X-Venda-Hitid
X-EntryPoint
X-Foresight-Air
X-DefendeR-Runtime
X-Healthy
X-Foresight-Customresponse
X-Fallback
X-Block
Before
Unique-Request-Id
X-Varnish-Debug-Age
X-Catalyst
IsFullSiteRequest
X-DefendeR-Status
X-App-Server
X-Edge-IP
Sid
X-UType
X-Unbounce-VisitorID
ServerConfigManager.WebBugTracker
X-Dynamic
X-Brought-To-You-By
X-Client-IP
X-Unbounce-Variant
X-Unbounce-PageId
X-DSMX-Render-MS
X-Powered-Developer
X-Li-Pop
X-Li-Fabric
Tpt.Renderer
Tpt.Renderer1
X-DSMX-Rewrite-MS
X-Artvisual-Server
X-Trace-App
Backend-Name-Original
Allow
X-LI-UUID
BALANCEDTO
After
X-Web-Node
X-CacheTTL
Ttl
X-WA-Info
X-Plat
Cpu
X-OPNET-Transaction-Trace
Noq
X-Server-IP
ExecuteNonQuerySQLParam
X-Channel-Maxage
Ram
X-Pageid
X-Download-Options
X-IP-Address
X-FS-UUID
Render
X-Generation-Time
X-S-Misc
X-Hrouter
X-Middleton-PageSpeed
X-Hstore
X-LB
INCOMING-TIME
X-MobileDetected
X-DeliveryServer
X-Hash
X-Node-Name
X-EdgeRouter
X-SERVER-ID
X-Akamai-Device-Characteristics
X-D-Time
X-Ec-Custom-Error
X-Confluence-Request-Time
D
X-MSEdge-Ref
Z-NginxStatus
Copyright
X-Monstercache-Timeout
X-Client-Vid
CP
X-Content-Security-Policy-Report-Only
X-EPiphany-Vid
B-Powered-By
X-Node-ID
X-Monstercache-Host
X-Monstercache-Hash
X-PvInfo
X-DC-Origin-IP
X-Domino-CacheValidationWithETagReason
X-Domino-CacheValidationWithETagResult
X-App-Container
X-Origin
X-DB-Content-Length
X-SeschatLayout
X-Flex-Tag
Secured
X-Flex-Tags
X-This-Proto
Ksid
X-Flex-Lastmod
X-Flex-Lang
X-Cached-Status
X-Server-Generated
X-Flex-Community
X-Flex-Evend
X-Flex-Evstart
Description
Ozcache
X-Mobile
X-Cookie-Response-Debug
X-Site
X-Frontal
Bs-Header
X-Cookie-Request-Debug
Ec
WP-Cache
PServer
Keywords
X-BKSrc
Nodeid
X-Cache-Extended
X-GSL-Server
X-SeschatTemplateID
X-WLD-LB
XDisk
SS
X-FCMS-Cache
X-ACCELERATE
X-Backend-IP
X-Seschat-URL
X-SeschatDID
X-SeschatRedID
X-Apple-ATS-Cache-Key
X-IP
X-Apple-Jingle-Correlation-Key
X-Apple-Application-Site
X-IDS-WS
X-Ants-Machine-Id
X-Apple-Aka-Ttl
X-Apple-Orig-Url
X-Apple-Partner
X-Cache-Doesi
X-Apple-Application-Instance
X-NginX-Cache
X-DELIVERYSERVER
X-Apple-Translated-Wo-Url
Apple-Timing-App
X-Test
X-T3CacheInfo
IsMobile
X-HA
X-Checkout
X-Compressed-By
X-Backend-Status
X-Cache-Backend
X-Cached-Until
X-Cache-Host
X-Cached-On
X-Cookie-Store
X-Dokk-PortalId
X-AccessDev
X-Ratelimit
X-Route
X-Rack-Cors
X-Monstercache
X-ELC-Checkpoint4
X-Hosting
ServerIP
X-Varnish-Cookie-Debug
MageStack-Response-Ttl
MageStack-PageSpeed
MageStack-Tag
Masquerade
Tempo
SBMCLOUD
MageStack-Loadbalancer
MageStack-Debug
MageStack-Cache-Hits
MageStack-Cache
MageStack-Cache-Lifetime
MageStack-Cache-Status
MageStack-Config
MageStack-Cacheable
UniqueName
X-B
X-V-I-TTL
X-Req-Url
X-V-Outer
X-V-TTL
OutputRewritten
X-Powered-By-Srv
X-Created
Url-Hash
X-Ocache
X-Cookie
X-T
X-UA-Profile
X-Varnish-Currency
CountryCode
MageStack-Area
X-Varnish-Max-Age
X-WP
X-Would-Your-GrandPa-Wait
X-Your-GrandPa-Would-Wait
Fastcgi-Cache
MachineName
Ibf5scheme
X-VhostID
X-Varnish-Restarts
X-Url-Store
X-Uplex
X-Var-Hash
X-Varnish-Debug-Pool-Fetch
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-Varnish-Debug-Pool-Recv
MGIT
OGHopCount
X-Provided-By
X-Hit
X-Req-Counter
X-Serendipity-InterfaceLang
X-Time-Microsecs
X-Serendipity-InterfaceLangSource
X-GitHub-Request-Id
X-CMS-Powered-By
X-ACLR-Version
Test
X-Cache-Via
X-CDN-Cache-Status
X-CDN-Node
X-TTL-Age
X-RequesterIP
Thinkindot-Control
UNIQUE-ID
X-GeoIP-Country
X-Instance
Thinkindot-CacheControl-Type
Thinkindot-CacheControl
Host-Service
Nitro-Cache
Provider
X-Key
X-Planisys-CDN-Cache
X-Author
X-CCM
X-Magnolia-Registration
X-RateLimit
SV-Duration
Redirect
X-Planisys-CDN-Rules
X-RSS-CACHE-STATUS
X-SATserver
BrandBucket-Domain
Xc
Backend-Host
X-Prefetched
X-Request-Count
X-Static-Version
At-Isb
X-CMS
X-HP-CAM-COLOR
Tracecode
Access-Ip
X-Upstream
Content-Cache
X-HOSTTYPE
X-USERNAME
X-Wikidot-Backend
X-Wikidot-Static-Cache
X-AISO-Server
X-AISO-Cacheable
Esi-Enabled
NZSpeedy
X-AISO-Cache
X-Varnish-Debug-Hits
SB-Cache-Version
X-Origin-Cache
X-ErrorPage
X-Fett
X-Hostingcenter
X-Compressor
Public-Extension
Www.Aujourdhui.Com
ResourceTag
X-HW
X-Magento-Action
X-Dynatrace
X-Varnish-Hashed-On
X-Request-Time
X-Environment
Dynatrace
X-Nucleus-Cache
AcceptLangage
X-Magento-Lifetime
X-NID
X-Varnish-ServiceNetIP
WebDevSrc
X-WHOIS-Cached
Orgin-Server
Be-Va
Rt-Proxy-Cache
X-Gondor-Server
X-ENV
At-Shoptype
Be-Ip
Atp-Isdpp
X-Purge-Level
DB-Nickname
X-Litespeed-Cache
X-PageID
Server-IP
Disaptch-Cache-Rule
Head
X-ProcessESI
Timing-Allow-Origin
X-RemovedCookies
User-Updated-At
User-Id
Il-Cl
Rewriter
X-GeoIP
X-Nocache
Webserver
X-Aberdeen-Cache
Hotelbookingid
Max-Age
X-Upstream-Time
CPOINT
X-Client-Addr
Be
Server-Optimized-By
CorrelationVector
X-Cache-Key
X-ATP-Server
X-Allow-Redis
X-ARR
X-Mii-Cache-Hit
X-Highwire-Cache
X-Cluster-ID
X-Client-Id
X-Aberdeen-Site
X-Highwire-Sitecode
X-Node-Id
X-Pb-Mii
RayEngine
Protected-By
MwpReleaseVersion
X-Device-Group
Encoding
X-Sov
X-Source
X-Panel-Name
SSPAppContext
X-Accelerated-By
X-Rot
X-FRONT-TTL
X-VG-WebCache
X-PoolMember
X-ESI
Is-Tablet
X-Panel-Id
Time
Mobile-Browser
Mobile-Browser-Version
Resolution-Height
Physical-Screen-Width
X-TAProxy
Physical-Screen-Height
ProxiaInstanceId
Language
Viewport-Width
Viewport-Initial-Scale
CData
Resolution-Width
Is-Mobile
Is-Wireless-Device
X-Server-Node
DrivedBy
Requested-Host
-Onnection
Device-Os-Version
X-Bcwwwid
X-Process-Time
Ajax-Preferred-Geoloc-Api
X-SERVERID
Content
Railo-Version
X-MidCOM-Meta-Cache
Device-Os
X-Dynatrace-Js-Agent
X-Daa-Tunnel
CtExclusions
KinteraFilter
X-Cdn-View
X-Path
Disablevcache
OriginServer
ClientIP
No-Cache
TIMESTAMP
X-Ants-Host
Gzip
WEB-CLUSTER-NODE
X-Built-With
Cleartype
HGR-NOCACHE
Noahs-Classifieds
F5-IpCliente
X-Mod
X-AMAZEEIO
X-Cachable
X-Gyrobase-Publication
X-Webbins-Node
SLB
X-Life
X-AG-MIPS
X-Request-Processing-Time
SL-NOREWRITE-REDIRECTS
User-Cache-Control
C-TTL
X-Server-By
X-Request-Received
X-AppServer-Status
X-Backend-Name
X-CDN-Version
X-Cacheable-TTL
X-BServer
X-BPool
X-Crafted
X-App-Reload-Settings
Robots
X-Esi
Server-Hostname
Device
X-Src-Loadbalancer
X-Fpc
Foglight-Request-UUID
X-Varnish-Hostname
X-Ruxit-JS-Agent
X-Powered-By-Home.Pl
X-IP-BE
X-NewRelic-App-Data
X-Benchmark-Total
X-Benchmark-Sphinx-Count
X-Benchmark-Sphinx
X-Benchmark-Db
X-Logword
X-Restarts
X-Distributor
X-We-Are-Hiring
X-Debug-Serve
Content-ID
X-Benchmark-Cache
Sigma
Access-Control-Allow-Origin:
X-TISSERVER
X-Rq
X-R4L-VHOST
X-Forwarded-Proto
X-RAMCache
SAVVIS
AMFplus-Ver
X-UserAgent
X-Locale
X-Avvio-Cms-Cacheload