Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
Link
X-Pingback
P3P
X-Content-Type-Options
X-AspNet-Version
X-XSS-Protection
X-Frame-Options
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
X-Adblock-Key
Via
Keep-Alive
X-Check
X-Template
X-Language
Strict-Transport-Security
X-Varnish
X-Buckets
Access-Control-Allow-Origin
X-Cacheable
Content-Location
X-Generator
X-Drupal-Cache
P3p
Status
X-Request-Id
X-AspNetMvc-Version
X-Hacker
X-Ac
X-Powered-By-Plesk
MS-Author-Via
X-Runtime
X-Xss-Protection
X-Type
X-Pass-Why
X-Cache-Group
WP-Super-Cache
X-Powered-CMS
Ngpass-Ngall
Access-Control-Allow-Credentials
X-Iinfo
Host-Header
X-Cache-Hits
X-Pad
X-Mod-Pagespeed
X-UA-Device
Content-Security-Policy-Report-Only
X-ShopId
X-Dc
X-ShardId
X-Alternate-Cache-Key
X-Logged-In
X-Via
X-Backend
Access-Control-Allow-Headers
Access-Control-Allow-Methods
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Tumblr-User
X-Server
X-Host
X-Tumblr-Pixel-1
X-ServedBy
X-Served-From-Cache
X-CDN
X-ContextId
X-Tumblr-Pixel-2
X-Served-By
X-PC-Hit
X-PC-Key
X-Cache-Hit
Content-Security-Policy
X-Port
X-Cache-Lookup
MicrosoftOfficeWebServer
X-Robots-Tag
X-Rack-Cache
Powered-By
MicrosoftSharePointTeamServices
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Varnish-Cache
SPRequestGuid
X-SharePointHealthScore
X-Accel-Version
X-Request-Country
X-Tumblr-Pixel-3
X-XRDS-Location
X-MS-InvokeApp
X-Safe-Firewall
X-Cache-Status
Content-Encoding
X-Page-Speed
X-Amz-Cf-Id
X-Seen-By
X-Wix-Renderer-Server
X-Cnection
X-AH-Environment
X-Wix-Request-Id
X-PhApp
X-Webserver
X-W-DC
X-Turbo-Charged-By
X-FullPageCaching
X-INKT-URI
X-INKT-SITE
X-FRAME-OPTIONS
CF-Cache-Status
X-Content-Digest
X-Request-ID
X-Firenze-Processing-Times
Composed-By
Rating
Request-Id
X-GitHub-Request-Id
Served-By
X-Tumblr-Content-Rating
X-Cache-Enabled
SPIisLatency
SPRequestDuration
X-Pantheon-Endpoint
X-Styx-Version
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
X-Tumblr-Pixel-4
X-Amz-Id-2
Liferay-Portal
X-Amz-Request-Id
Public-Key-Pins
Upgrade
X-Hyper-Cache
X-Spip-Cache
X-Node
Alternate-Protocol
X-Proxy
Cf-Railgun
X-Content-Powered-By
X-Server-Name
X-Timer
X-CF-Powered-By
X-XN-Trace-Token
X-XN-XNHTML
X-Proxy-Cache
Content-Script-Type
Content-Style-Type
Access-Control-Expose-Headers
X-HeyJason
Alt-Svc
Timing-Allow-Origin
Permitted-Cross-Domain-Policies
Refresh
Charset
Access-Control-Allow-Method
X-FB-Debug
X-Content-Security-Policy
X-CDN-Geo-IP
X-CDN-Geo
X-CDN-Any-IP
X-Server-Powered-By
X-Umbraco-Version
Public-Key-Pins-Report-Only
X-VCache
Cartoon
Access-Control-Max-Age
X-Powered-By-360WZB
X-Hits
X-Clacks-Overhead
X-Cache-Server
X-Swift-CacheTime
EagleId
X-Swift-SaveTime
X-FW-Hash
Real-Hostname
X-Loop
X-Permitted-Cross-Domain-Policies
X-Cache-Result
X-Cached
X-Device
X-Tumblr-Pixel-5
X-FW-Type
X-DynaTrace-JS-Agent
X-FW-Static
X-FW-Serve
X-Px
X-Cached-By
X-TNCMS
X-Backend-Server
X-Fastly-Request-ID
X-Cache-Info
X-Age
X-SERVER
X-Hostname
NS-RTIMER-COMPOSITE
X-Url
X-User-Agent
X-Generated-By
X-Jimdo-Wid
X-Cache-Config
Content-MD5
X-Outils-CS
X-ChromeLogger-Data
TCN
Grace
X-Jimdo-Instance
X-MiniProfiler-Ids
X-Whom
X-DDC-Arch-Trace
X-Forwarded-For
X-CMS-Version
X-VWS-Id
X-Gateway
X-AWS-Id
X-Beta
Magicmarker
X-LJ-Flow-ID
X-DynaTrace
Fastly-Debug-Digest
X-Tumblr-Pixel-6
ServedBy
X-From
X-Msg-2-Log
Fpc-Cache-Id
X-TN-ServedBy
X-URL
X-Handled-By
X-Content-Encoded-By
X-Expires-Orig
Page-Completion-Status
X-Middleton-Display
Product
Surrogate-Control
Imagetoolbar
Display
X-Micro-Cache
X-Sol
Rt-Fastcgi-Cache
X-WebKit-CSP
X-Content-Options
PageSpeed
X-PersistenceNode
X-ServerName
Generator
X-AspNetWebPages-Version
ServerName
Ngpass-Vcall
X-Country-Code
X-Drupal-Dynamic-Cache
Powered-By-ChinaCache
IBM-Web2-Location
X-Matrix-Server
X-Matrix-Proxy
X-LiteSpeed-Cache
X-Passed-To-DLL
X-Passed-To-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Original-Request
X-Actual-URL
X-Passed-To
X-Returned-From
X-Returned-From-BeforeDispatch
X-Returned-From-PostProcessResponse
X-Returned-From-DLL
X-App-Hosting
Fhost
X-Hosted-By
X-Firenze-Processing-Time
X-Stale
X-Varnish-Cache-Hits
X-Varnish-TTL
X-Director
DynaTrace
X-TTL
Response
X-Version
Content-Hash
X-S
X-ApacheServer
X-Microcachable
X-Varnish-Beresp-Status
X-Varnish-Beresp-Ttl
X-Processed-By
X-Varnish-Beresp-Grace
X-Art-Request-Id
X-Cache-TTL
X-I
Node
X-Varnish-Backend
X-UD-Method
X-FORWARDED-FOR
X-Download-Options
X-Server-ID
X-Middleton-Response
Cxy-All
MIME-Version
Edge-Control
X-Nitra-Side
X-Mobilized-By
Proxy-Connection
Content-Encoding-Handler
X-SDS
X-Cache-Control-Orig
Access-Control-Request-Method
X-Cache-Debug
X-Sucuri-ID
X-Track
X-Time
Lsrequestid
X-Cache-Rule
Akamai-IP
Ag-Execution-Time
Ag-Send-Time
Ag-Server-Time
X-Varnish-Host
X-FW
Proxy-Agent
X-Cdn
Powered
X-BS
X-I-Sp
Retry-After
X-Location-Id
PICS-Label
Content-Disposition
Pics-Label
X-Varnish-Cacheable
X-ATG-Version
X-PERF
X-Abuse
Host
X-ARC
X-NoCache
RTSS
X-Varnish-Age
X-CacheServer
SID
X-Gamma-Serve
X-Powered-By-Server
VAR-Cache
X-Do-Not-Hack
X-Cache-Age
X-NetCat-Version
Front-End-Https
X-Developer
ServerID
X-Varnish-Hits
X-Cache-Expires
Buuteeq-Source
SN
X-Route-Server
X-VTEX-Janus-Router-Backend-App
X-Front
X-VTEX-Janus-SO
X-VTEX-Cache-Status-Janus-ApiCache
X-Powered-By-VTEX-Janus-Edge
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-ApiCache
X-VTEX-Janus-System
X-Duration
X-Vtex-Processado-Em:
No
X-Vtex-Processed-At
X-Response-Time
Vacache
X-Vtex-Remote-Cache
X-PwB-Node
X-HOST
X-ServerID
Cache
X-DefendeR-Runtime
X-DNS-Prefetch-Control
X-Cookie-Domain
X-Recruiting
X-Geo-IP
X-DefendeR-Status
X-Ttl
X-Vcap-Request-Id
X-Trace
X-Microcache-Status
X-Translation
X-Amz-Meta-S3cmd-Attrs
X-Device-Type
X-RESOURCE
X-Grace
CC-CACHE
X-Frontend
X-Libra-UpstreamHost
X-CJ-Soft
X-Purge-Host
X-App-Status
Webluker-Edge
X-Srv
X-Cookie
Version
X-Varnish-IP
Thanks
X-Orig-Vary
Location
X-Real-Server
Lfy
Sfy
X-Speed-Cache-Key
X-Client-IP
X-Speed-Cache
X-Daa-Tunnel
X-Source
X-Geo-IP-Country
Origin
Filter-Revision
X-Geo-IPV
Qs-Cache
X-Blog
X-Geo-IP-Metro
X-Geo-IP-Region
X-Goog-Hash
COMMERCE-SERVER-SOFTWARE
Accept-Encoding
X-Upstream
X-Do-Esi
NetMindSessionID
X-GeoIP-Country-Name
X-GeoIP-Country-Code
X-Drectory-Script
X-Akamai-Device-Characteristics
Accept-Charset
Frame-Options
X-Purge-URL
X-CDN-Node
X-CDN-Cache-Status
Server-Name
X-Fastcgi-Cache
X-PF-Uncompressing
X-Trace-Cache
Server-Info
X-Akamai-Device-Model
Srv
X-Session-Reinit
X-Cache-Operation
Arr-Disable-Session-Affinity
X-Instart-Request-ID
X-N
X-ClientSide-Caching
X-Varnish-Server
X-Varnish-Hostname
NtCoent-Length
X-Cache-Tags
X-Content-Age
Cm-Server
X-FIRSTBase
X-Amz-Version-Id
IISExport
X-ACMCache
X-Yadis-Location
X-WEBSERVER
Backend
LBVIS
NODE
X-Engine
A-Powered-By
Req-Id
X-Varnish-Debug-Age
X-Provisioner-Version
X-Domain-Checked
X-WR-Flags
X-Xrds-Location
Author
X-Cache-Lifetime
X-Magnolia-Registration
S
WWW-Authenticate
X-SRV
Mobiquo-Is-Login
Last-Published
X-Directory-Script
Encoding
X-Cocoon-Version
X-Cache-Doesi
SSPAppContext
X-Distributed-By
X-WA-Info
X-Grid-Server
AMF-Ver
Logging-CorrelationId
S-Cnection
X-Origin-Id
BDQID
BDPAGETYPE
X-Varnish-Grace
X-ID
X-Origin
BDUSERID
X-Adobe-Content
X-Storage
X-Cache-Control
CacheControlHeader
X-Adobe-Loc
Hamster
X-Sys-Req-ID
X-App
Beyond-Iis
X-Highwire-SessionId
SVR
X-Accel-Expires
X-Secret
X-SmartBan-Host
X-JG-Page-Cache
X-Highwire-RequestId
X-Dynatrace
X-Symfony-Cache
X-SmartBan-URL
X-Jimdo-Pid
Set-Cookie2
X-Yottaa-Optimizations
X-Yottaa-Metrics
X-Mobile-URL
X-Ruxit-JS-Agent
X-TempDebug
X-SE-Debug
X-Vary-Options
Fastcgi-Cache
CLMOB
X-SV-Edge
Nodo
Keywords
X-Debug
X-Uid
HCVer
HAVer
X-SV-CacheTags
X-SV-CreatedAt
X-Empowered-By
X-Varnish-RemainingTTL
X-SV-Pid
X-SV-Nginx-Duration
X-SV-Duration
X-SV-FromDBCache
X-Varnish-Seen-By
X-Varnish-RemainingGrace
X-UPSTREAM
X-Resolver-IP
X-Platform
Backend-Timing
X-Src-Webcache
X-Analytics
X-Bettercache-Proxy
X-B-Cache
Content-Transfer-Encoding
X-B2f-Cache-Load
X-IsCacheURL
BALANCEDTO
X-Varnish-Debug-TTL
X-SmugMug-Values
Smug-CDN
X-TTFB
X-Prefetched
X-TTFB-L
X-SmugMug-Hiring
X-Env
X-Object-Type
X-Platform-Processor
SRV
X-Balanceador
X-BackendServer
X-EDGECONNECT-GUID-DEBUG
X-Platform-Router
Host-Service
X-Object-Id
X-Distributor
X-Atraveo-Cache-Control
X-Pagename
CT
X-Hit-Cache
X-Machine-Name
Description
X-Atraveo-ETag
X-Atraveo-TTL
X-Atraveo-Expires
X-Atraveo-Varnish-Server-Id
X-Atraveo-Zone
X-Atraveo-Set-Cookie
X-Atraveo-From-Varnish-Cache
Cache-By-Node
X-Atraveo-Param-Rm
X-FreeTag-Count
X-Revision
NLCacheNote
X-AOL-HN
X-Obvious-Tid
Cneonction
X-Amz-Storage-Class
X-Varnish-Esi-Access
X-Obvious-Info
Tk
X-NginX-Cache
Id
X-Varnish-Esi-Method
X-Nginx-Cache
X-Full-URL
X-Newrelic-App-Data
X-NginX-Server
X-Nginx-Host
X-Nhost
X-NFE
X-Nurl
WSR-Cache
X-Amz-Id-1
X-AISO-Cacheable
X-Req-Host
XDomainRequestAllowed
X-AISO-Server
X-Expires
X-Framework
X-AISO-Cache
X-Force
X-W3TC-Minify
LBC
X-PRAM
X-NewRelic-App-Data
SS
X-XTM-Node
X-Processing-Time
X-AOL-SNH
WP-AdvCache-MemCached
Bios
SiteName
X-Edge-Location
X-NB-Cached-Page
X-Gannett-Site-Version
X-Varnish-Count
Web-Server
Myheader
X-Cache-On
X-Litespeed-Cache
X-Cache-Action
X-Varnish-Action
X-Varnish-HitMiss
X-Real-IP
X-Powered-By-Anquanbao
X-Stage
X-Smartcache-Timeout
X-Id
X-Cache-Key
X-Server-Upstream
Allow
X-Phpwcms-Release
X-Smartcache-Keys
X-Phpwcms-Page-Processed-In
X-Detected-Device
X-Info
X-WP
NnCoection
X-Optimization
Nitro-Cache
X-Page-Cache
X-Old-Content-Length
X-Node-Name
X-Turpentine-Esi
X-Varnish-Currency
X-Ob-Mode
X-Edge-IP
W
MW-Webserver
X-Varnish-Store
Ibf5scheme
X-Remote-Addr
Pool-Info
X-Garden-Version
X-GeoIP
X-ProxyInstancename
Mime-Version
MIH-CLIENT-FARM
ScoreTracker
X-Route
MIH-PUBLIC-IDENTIFIER
X-SDE-Name
X-AWS
X-SCProxy
MIH-PLATFORM
From
Open.Jobgate.Se
X-DSMX-Rewrite-MS
X-Kirra-SiteId
B-Powered-By
Cache-Rule
X-Pagely-Cache
X-DSMX-Render-MS
X-Actindo-RS
Www.Mirrorgate.Se
X-Webstats-RespID
Cluster-ID
X-Varnish-Bot
X-VAge
X-Webkit-CSP
X-BLSR-COST
Www.Myjob.Se
P3P:CP
Test.Executivepeople.Se
Www.Mabracertifiering.Se
Imx-Cookies-Used
OT-RequestId
Jobb.Passal.Se
X-Cache-Original-TTL
X-Invoke-Duration
X-Varnish-Set-Cookie
X-Cache-Served
X-T3CacheTags
X-Varnish-URL
Prxy
X-Author
X-B2f-Not-Route
X-Captured
Pool
X-Turpentine-Cache
X-Powered
X-DTC
BM-Cache-Bypass
X-T3CacheInfo
X-App-Server
Jobb.Gil.Se
X-MrHost
Sophnep-Edge-FX
Hash
N365rili
X-GSL-Server
X-Full-Url
X-REDIRECTSERVER
X-T3Cache
X-N-ViewType
If-Modified-Since
Jobb.Assistentpoolen.Se
Machine
X-SRCache-Fetch-Status
X-SRCache-Store-Status
X-LB
Xc
Device
Warning
X-CacheResult
X-Cache-TTL-Remaining
X-WorkerInstancename
Accept-Language
X-CID
X-Cache-Keep
X-Dispatch
X-CCC
X-Discourse-Route
X-Cache-PageType
X-Cache-Fix
X-SSL
X-Site:
X-Client-Vid
X-EPiphany-Vid
X-Is-Mobile
X-Twitter-Response-Tags
ServerIP
Sss
X-Cms-Mode
Fastly-Backend-Name
X-Plat
X-Hit
X-Test
X-Transaction
X-Connection-Hash
X-Dev
X-Sov
XX
X-Artvisual-Server
X-Platform-Cache
X-Jphone-Copyright
Worker
X-Rot
Il-Cl
X-Tags
X-Cache-Set
X-Hosts-Backend
X-SERVER-ID
X-Config-By
X-Response
X-PHP-Response-Code
Fw-Via
X-DOM
X-ASAP-Cache
X-Server-Id
Section-Io-Id
X-Dispatcher
Copyright
X-Frame-Option
X-Apm-Telemetry-Syncmark
X-ATM-RTime
Servername
X-ATM-RServer
X-Clara-ASAP
X-ACCELERATE
CpuTime
X-Worker
BM-Cache-Status
X-ORACLE-DMS-ECID
X-Hypernode
Og
X-LB-Server
X-CB-Server
BM-Cache-Node
X-Header
BM-Cache-Key
PServer
CountryCode
X-Rocket-Nginx-Bypass
X-7d-Trace-Id
X-T
IsMobile
X-AccessDev
X-PHP-Engine
X-ESI-Enable
X-IDS-WS
X-HeBS-Cache-Status
X-Appmachine-Environment
Akamai-Edgescape
X-7d-Instance-Id
X-FFX-B
OriginServer
RequestId
X-HostName
X-Channel-Maxage
X-Rack-CORS
ServerTokens
Nginx-Cache
Access-Control-Request-Headers
No-Cache
X-Cache-Engine
X-Runtime-Memory
X-B
X-Ghost-Cache-Status
Ews
Ksid
X-Fe
AsisCache
X-Key
X-NID
X-Uplex
X-MCF-ID
X-Trace-App
X-SilverStripe-Cache
Content-Instance
X-Span
X-Block
X-Instance
WFE
X-Rewritten-By
X-ManagedFusion-Rewriter-Version
X-Domino-CacheValidationWithETagResult
X-Ocache
CommunityServer
Fpc-Expire
X-Desc
X-Powered-By-Home.Pl
ORIGIN
X-Pageid
Tracker
X-Ajaxblocks-Esi
GenSvr
ServerSignature
X-Varnish-Instance
X-Built-By
Backend-Name-Original
X-Domino-CacheValidationWithETagReason
X-Goog-Generation
X-Goog-Metageneration
X-GUploader-UploadID
X-Goog-Stored-Content-Length
X-Goog-Stored-Content-Encoding
X-Goog-Storage-Class
Cache-Ctrol
TP-L2-Cache
SBGI-10
SBGI-5
SBGI-7
SBGI-1
X-Frames-Options
WP-Cache
X-Backside-Transport
SBGI-9
SBGI-Device
TP-Cache
X-CO-Host
Ibm-Web2-Location
X-PageID
SBGI-RealPath
SBGI-RenderTime
X-Request-Received
X-IP-Address
X-Cache-CFC
X-Gyrobase-Publication
X-APP
X-Request-Processing-Time
X-HITS
X-KoobooCMS-Version
Tempo
MachineName
X-Cache-Frontend
X-KO-Site-Id
X-Ratelimit
X-Magento-Lifetime
X-Pressidium-NinukisWP-Ver
X-Ar-Debug
Rewriter
X-OPNET-Transaction-Trace
X-Your-GrandPa-Would-Wait
X-FCMS-Cache
X-SV
X-TTL-Age
X-Flow-Powered
X-Max-Age
X-NMT-Proxy
X-Would-Your-GrandPa-Wait
X-ServedByHost
X-Venda-Hitid
X-Mod
X-Magento-Action
X-Ec-Custom-Error
X-Webapp
XDisk
X-AppServer-Cache-Rule
X-EntryPoint
X-View
X-Healthy
X-UseReverse-Proxy
X-Fallback
DPOOL-HEADER
X-Static-Version
X-Origin-Server
X-Esi
X-Box
X-Cache-Extended
X-Render-Time
SINA-TS
X-Request-Count
Hostname
SINA-LB
X-Server-Instance
X-Unbounce-PageId
X-RateLimit-Remaining
X-LW-Web-Server
X-JSESSIONID
X-HW
X-TargSmaku
Aoestatic
X-Lima-Id
X-Cache-Level
X-Amz-Meta-Cb-Modifiedtime
X-Router
WebServer
X-Site-Name
X-Status
X-Unbounce-Variant
X-UA-Profile
X-Search-Id
X-Unbounce-VisitorID
Surrogate-Key
X-WR-MODIFICATION
X-Router-Backend
X-LS-DEBUG
X-Var-Hash
X-Document-Guid-Path
X-Document-Guid
X-Document-Path
X-Document-Tracking-Type
X-IB-Content-Urn
X-IB-Content-Type
X-Document-Folder-Guid
X-DELIVERYSERVER
X-BPool
SL-NOREWRITE-REDIRECTS
X-BServer
X-Cacheable-TTL
X-Cluster-Host
X-CCM
X-IB-Context-Urn
X-IB-Site-Name
X-Checkout
X-Cdn-Fetch
X-Cluster
X-Cookie-Store
X-Flex-Community
X-DN-Cache-Control
X-Backend-Status
Server-Optimized-By
X-Rq
X-IB-Timestamp
X-This-Proto
X-Vhost-ID
AcceptLangage
RN-Server
Language
X-IP
X-Country
X-Pardot-LB
X-Pardot-Route
X-PBY
X-Pardot-Rsp
X-BKSrc
X-BE
X-Avvio-Cms-Cacheload
Provider
X-BC
X-Cloud-Trace-Context
Real-Server
Foglight-Request-UUID
X-Server-By
X-Seschat-URL
BX-Cache
X-Web-Node
BX-TTL
Front
FX-TTL
FX-Forwarded-For
X-Varnish-ServiceNetIP
X-Varnish-Hashed-On
X-SeschatLayout
X-SeschatDID
X-SeschatRedID
X-SeschatTemplateID
X-UUID
X-Flex-Evend
FX-Cache
X-Geo-Segment
X-Global-Transaction-ID
X-Flex-Tags
X-Flex-Tag
X-Accel-Cache-Control
X-Flex-Lang
X-Response-Status
X-Kinja
X-Kinja-Server
X-Pixelsilk-Server
X-Kinja-Revision
X-Pixelsilk-Version
X-Kinja-Build
Mto-License-Status
X-Flex-Lastmod
X-Flex-Evstart
X-Url-Store
X-Pj-Cache-Status
X-RAMCache
Hosted-By
NZSpeedy
AC-ELC
HOST-SERVICE
X-Varnish-Ttl
X-EdgeConnect-MidMile-RTT
X-VG-WebCache
X-EdgeConnect-Origin-MEX-Latency
Content-Cache
Apache
X-GC-Write
X-ASAP-Age
SERVER-IP
X-Server-Addr
X-GC-Read
X-GC-Pointer
X-AppServer-Status
X-GC-App
AGI-Request-ID
X-ClusterID
At-Shoptype
X-S-Misc
X-Nginx-Backend
X-Generation-Time
PROPSON-FARM
TIMESTAMP
Url-Hash
X-Czt
X-Cookies-Stripped
Kp-EeAlive
X-Proxy-Route
Atp-Isdpp
IM-Version
INCOMING-TIME
Progma
At-Isb
Cached
Y-Trace
X-Server-IP
X-D-Time
X-ZSITES-DNS
X-4ormat-Cacheable
X-Backend-TTL
X-Sc-Path
Cpu
Noq
Ram
X-Sc-Cache
X-Pb-Mii
X-Device-Group
X-Cache-Me-Harder
X-Mii-Cache-Hit
X-Beatles-Hits
Http
X-Does-He-Have-Time
X-Environment
X-HA
X-Pj-Cache-Expires
X-DEBUG
X-Pj-Cache-Gzip
YF-ID
X-Pj-Cache-Time
X-Pj-Cache-Key
X-Backend-Name
X-ATP-Server
X-HP-CAM-COLOR
Content
Bs-Header
X-Oracle-DMS-ECID
X-ESI
X-AVG-REWRITE
Requested-Host
X-AG-MIPS
X-AVG
X-Time-Spent
X-RSS-CACHE-STATUS
BM-Cache-BackendNode
BM-Cache-BackendTime
V-Age
Www.Aujourdhui.Com
X-Ct-Info
X-Wikidot-Static-Cache
X-Trace-Id
Redirect
X-Wikidot-Backend
Railo-Version
X-Hstore
X-Varnish-Cookie-Debug
X-Ants-Machine-Id
Can-You
X-Ants-Host
X-SayCDN-UA
X-Origin-Cache
Ttl
Apple-Itunes-App
X-Obr-Rule
X-Client-Addr
X-SayCDN-TTL
X-SayCDN-Original-UA
MageStack-Config
Apachenode
MageStack-Cacheable
MageStack-Cache-Status
MageStack-Debug
MageStack-Loadbalancer
MageStack-Web-Node
MageStack-Tag
MageStack-PageSpeed
X-Varnish-Debug-Pool-Fetch
X-Varnish-Debug-Pool-Recv
HA-Front
X-Instance-Name
Fw-Cache-Status
X-Lb-Server
Httpd-Identifier
X-Compressed-By
RouteID
X-Content-Security-Policy-Report-Only
X-ACLR-Version
Publisher
FROM-SERVER
SIP
X-Panel-Name
X-Panel-Id
X-Varnish-Restarts
X-Varnish-Debug-Varnish-TTL-Set-From-Server
Yola-ID
X-VhostID
X-Provided-By
Cteonnt-Length
X-SERVERID
MageStack-Cache-Lifetime
X-EZPublish-InstallationID
X-Orig-Host
X-Martin
X-Process-Time
X-Forwarded-Proto
X-MobileDetected
Ec
X-B3-Traceid
X-Bcwwwid
X-Built-With
X-NewCloud-V-Cache
X-SATserver
X-Sn-Servicetimems
X-ServerIndex
X-Lang
X-EdgeRouter
X-EZPublish-NodeID
X-Hosting
X-Hrouter
X-Application-Context
X-9XB-Server
Svr
X-Tile-Url
X-Rack-Cors
X-Say-TTL
X-Pj-Cache-Flags
X-Say-Original-URL
Cmstype
X-SayCDN-Original-Host
X-SayCDN-Original-Path
MageStack-Cache-Hits
MageStack-Cache
MageStack-Area
X-CDNZZ-FCACHE
Cmsid
X-Say-Original-UA
X-Perf
X-CPU-Time
INFO
X-Relocation
X-PM-ID
X-Say-Cacheable
X-Say-Original-IP
Aurora-Node
X-Say-Original-Host
RSL-Trace-ID
X-DPWN-IS-SECURE
RATING
X-StackifyID
X-ENV
X-InDy-Memory
X-InDy-Query
X-Correlation-Id
X-Content-Type
HostGen
X-Feature
X-InDy-Time
Activity-Id
X-FarmId
X-Memcached
X-Page-Id
X-EdgeConnect-Cache-Status
X-Cache-Via
DNNOutputCache
X-Cachable
DeleGate-Ver
Be-Va
Public-Extension
ResourceTag
Server-IP
HostName
Exires
X-Vgn-Hpd-Cached
X-Vgn-Hpd-Variations-Key
Disablevcache
X-Catalyst
X-Content-Parsed-By
X-Cache-2
X-Debug-Serve
Be-Ip
X-Server-Node
X-PC3-Time
X-Node-ID
X-PC3-Control
X-RE-Ref
X-Serendipity-InterfaceLangSource
VC-NoCache
X-Device-Class
X-Timestamp
UniqueName
MtcHosted
X-SID
CtExclusions
Kanooh-Host
X-Trans-Id
X-Upstream-Time
X-Wm-VIP
X-DealerOn
X-GETTER-Cache
X-Wm-1
X-Aberdeen-Site
RVBD-CSH:
X-Aberdeen-Cache
X-RemovedCookies
X-ProcessESI
X-Server-Generated
Noahs-Classifieds
X-Airee-Node
Dynatrace
X-Middleton-PageSpeed
X-USERNAME
X-UA-Vendor
X-Cms-Server
X-Distil-CS
Debug-Status
X-BlueWare-App-Data
X-IIJ-Cache
X-Purge-Level
X-LTM-ID
X-Server-Instance-Name
X-Edge-V
X-Serendipity-InterfaceLang
X-PoweredBy
X-Medium-Entity-Id
X-Medium-Entity-Type
X-Made-Cache-Ttl
X-HTML-Minification-Powered-By
Rt-Proxy-Cache
ClientIP
X-Frontal
X-Xhr-Current-Location
SV-Duration
Xonnection
Robots
X-Cacheable-By-Varnish
X-COUNTRY-CODE
X-Boot
X-PHP
X-ETag
X-WLD-LB
F5-IpCliente
Gzip
X-Webobjects-Loadaverage
X-RequesterIP
X-Tradeindia-Request-GUID
X-Benchmark-Cache
X-Benchmark-Db
X-Benchmark-Sphinx-Count
X-Benchmark-Sphinx
X-Hiring
X-GeoIP-Country
Thinkindot-CacheControl-Type
X-Dynamic
Thinkindot-CacheControl
X-Delivered-By
X-Brought-To-You-By
Origin-Server
Thinkindot-Control
DB-Nickname
X-Farm-Server
X-PressLabs-Stats
X-SL-Norewrite
X-SL-Notranslate
X-Powered-By-Srv
X-Meta-MSThemeCompatible
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-Stiffia-Cache
X-UA
X-Enhanced-By
X-Gondor-Server
X-HOSTTYPE
X-Debug-Token
X-BC-Stapler
X-VC-Enabled
X-VC-TTL
X-Mod-Oboe-PS
Access-Control-Allow-Origin:
X-Time-Microsecs
X-We-Are-Hiring
Cache-Key
X-Protected-By
X-Nginx
BlockPHPCallEnd
X-LOCATION
Content-ID
ExecuteNonQuerySQLParam
NodeId
X-Goog-Meta-Policy
X-Goog-Meta-Replace
MSThemeCompatible
MSSmartTagsPreventParsing
Head
IsFullSiteRequest
X-Benchmark-Total