Threat Level: green Handler on Duty: Rick Wanner

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
Link
P3P
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
X-Frame-Options
Keep-Alive
Content-Location
CF-RAY
X-Varnish
P3p
X-Check
X-Language
X-Template
X-Buckets
X-Cacheable
Access-Control-Allow-Origin
X-Generator
X-Drupal-Cache
X-Ac
X-Hacker
WP-Super-Cache
Status
MS-Author-Via
X-AspNetMvc-Version
X-Powered-By-Plesk
Strict-Transport-Security
X-Pad
X-Runtime
X-Geo-Port
X-Geo
X-Request-Id
X-Powered-CMS
X-Host
MicrosoftOfficeWebServer
X-Type
X-Cache-Group
Access-Control-Allow-Credentials
X-FRAME-OPTIONS
Ngpass-Ngall
X-Cache-Lookup
X-Server
X-Logged-In
X-Mod-Pagespeed
X-UA-Device
X-Cache-Hits
Host-Header
MicrosoftSharePointTeamServices
X-Rack-Cache
X-Via
X-Iinfo
X-Url
X-Tumblr-User
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-CF-Powered-By
X-Backend
Access-Control-Allow-Headers
X-XRDS-Location
SPRequestGuid
X-Forwarded-For
X-SharePointHealthScore
X-Tumblr-Pixel-1
Access-Control-Allow-Methods
Content-Encoding
X-Served-By
X-Varnish-Cache
X-Robots-Tag
X-Accel-Version
X-Tumblr-Pixel-2
X-INKT-URI
X-INKT-SITE
X-Page-Speed
X-ContextId
X-MS-InvokeApp
X-BC-Is-HA
X-ServedBy
X-Alternate-Cache-Key
X-ShardId
X-ShopId
X-Cnection
X-Ua-Compatible
X-CDN
X-PhApp
X-Webserver
X-Seen-By
Composed-By
X-Dc
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-PodId
X-Sorting-Hat-ShopId
X-Sorting-Hat-ShopId-Cached
X-Pass-Why
Served-By
X-Safe-Firewall
X-Cache-Hit
X-Firenze-Processing-Times
X-PC-Hit
X-PC-Key
X-Hostname
X-PC-Date
X-PC-Host
X-PC-AppVer
X-Request-ID
X-Port
X-AH-Environment
X-XN-Trace-Token
X-XN-XNHTML
X-Tumblr-Pixel-3
X-Cache-Status
Cartoon
X-Powered-By-360WZB
X-Spip-Cache
X-SERVER
Cf-Railgun
Content-Security-Policy
Liferay-Portal
X-W-DC
X-Amz-Cf-Id
X-Age
X-Wix-Renderer-Server
X-Wix-Dispatcher-Cache-Hit
X-Amz-Id-2
X-FullPageCaching
X-Wix-Request-Id
Content-Script-Type
Content-Style-Type
X-Umbraco-Version
X-Amz-Request-Id
X-Server-Name
X-Cache-Info
X-HeyJason
X-Content-Digest
Request-Id
SPIisLatency
SPRequestDuration
X-Served-From-Cache
X-FB-Debug
X-Hyper-Cache
Rating
X-Cache-Server
X-Styx-Build-Date
X-Styx-Req-Id
X-Pantheon-Endpoint
X-Styx-Build-Num
X-Pantheon-Styx-Hostname
X-Styx-Build-Sha
X-Styx-Version
X-Timer
X-Outils-CS
X-Device
X-Clacks-Overhead
X-Cache-Result
CF-Cache-Status
X-DynaTrace
X-TN-ServedBy
Real-Hostname
X-PHP-Engine
X-Loop
X-VCache
X-Source
X-Px
X-Rot
X-Tumblr-Pixel-4
Refresh
TCN
X-Cached-By
X-PersistenceNode
DynaTrace
X-Mobilized-By
Powered-By-ChinaCache
NS-RTIMER-COMPOSITE
X-Cache-Enabled
X-TNCMS-Served-By
X-TNCMS-Memory-Usage
X-TNCMS-Render-Time
X-TNCMS-Version
Imagetoolbar
X-CDN-Geo-IP
X-Generated-By
X-CDN-Geo
X-CDN-Any-IP
X-Cached
Magicmarker
X-Tumblr-Content-Rating
Powered-By
X-DynaTrace-JS-Agent
IBM-Web2-Location
X-Original-Content-Length
Public-Key-Pins
Page-Completion-Status
X-Microcachable
X-Content-Encoded-By
X-From
Thanks
X-Content-Security-Policy
X-Loc
Product
X-Tumblr-Pixel-5
X-Matrix-Server
X-Matrix-Proxy
X-Backend-Server
X-Zephyr
Access-Control-Max-Age
X-CMS-Version
X-W3TC-Minify
Charset
X-DDC-Arch-Trace
X-WebKit-CSP
X-Firenze-Processing-Time
X-Powered-By-Anquanbao
X-Jimdo-Wid
X-Jimdo-Pid
X-Xrds-Location
X-Permitted-Cross-Domain-Policies
X-Node
Response
Generator
X-Sov
Proxy-Agent
X-FW-Hash
Retry-After
X-I
X-FW-Type
X-FW-Serve
X-FW-Static
Content-Encoding-Handler
X-SDS
MIME-Version
Pics-Label
X-App-Hosting
X-Varnish-Cacheable
X-Processed-By
X-Varnish-Host
PICS-Label
Lsrequestid
X-Middleton-Display
X-Sol
ServedBy
Display
X-Version
Set-Cookie2
X-Middleton-Response
X-Content-Options
Node
X-Drectory-Script
X-Varnish-Backend
X-FORWARDED-FOR
X-AspNetWebPages-Version
X-Cache-Debug
X-Varnish-TTL
X-User-Agent
CC-CACHE
X-Expires-Orig
X-Purge-Host
Access-Control-Request-Method
X-DNS-Prefetch-Control
X-Cache-Expires
ServerName
X-UD-Host
X-UD-Method
SID
IISExport
X-NoCache
X-Hits
Id
X-Duration
RTSS
X-Original-Request
Host
X-Swift-SaveTime
X-LiteSpeed-Cache
X-Swift-CacheTime
X-VARNISH-Cache
X-PF-Uncompressing
X-Returned-From
X-Passed-To-PostProcessResponse
X-Returned-From-BeforeDispatch
X-Passed-To
X-Actual-URL
X-Handled-By
X-Returned-From-DLL
X-Passed-To-BeforeDispatch
X-Passed-To-DLL
X-Returned-From-PostProcessResponse
VAR-Cache
X-ATG-Version
X-Hosted-By
X-Nitra-Side
X-ApacheServer
Edge-Control
X-Cache-Config
X-SN
COMMERCE-SERVER-SOFTWARE
Content-Disposition
AMF-Ver
Cache-By-Node
X-Micro-Cache
X-Cache-Control-Orig
NODE
X-Proxy-Cache
Machine
Accept-Encoding
X-Director
X-Whom
SEOMOZ
X-PERF
MJ12bot
X-Cookie-Domain
Surrogate-Control
X-PwB-Node
Fhost
X-Purge-URL
X-Varnish-Hits
X-MiniProfiler-Ids
Filter-Revision
X-Front
X-TTL
S
SN
X-ServerID
Cm-Server
X-Vary-Options
X-FIRSTBase
X-Art-Request-Id
X-Speed-Cache-Key
X-App-Status
X-Speed-Cache
X-CJ-Soft
X-URL
X-WEBSERVER
X-Cache-Rule
X-Cocoon-Version
X-Varnish-IP
Cache
X-Varnish-Server
Srv
X-Session-Reinit
X-Blog
WWW-Authenticate
Server-Info
Website-Info
Ngpass-Vcall
Accept-Charset
X-Engine
X-Yadis-Location
X-Varnish-Age
X-ServerName
X-Response-Time
X-Highwire-SessionId
X-Track
Upgrade
X-Highwire-RequestId
X-S
X-Amz-Meta-S3cmd-Attrs
X-Cdn
X-Trace-Cache
X-Provisioner-Version
X-Stale
X-Domain-Checked
X-Cache-Operation
X-Distil-CS
X-BackendServer
X-FW
X-SRV
X-Varnish-Cache-Hits
X-GeoIP-Country-Code
X-GeoIP-Country-Name
Fpc-Cache-Id
Origin
Grace
X-App
Req-Id
A-Powered-By
X-Cache-TTL
Nodo
X-ID
X-HostName
Location
Server-Name
Webluker-Edge
X-Varnish-Object-Age
Proxy-Connection
NtCoent-Length
MIH-PUBLIC-IDENTIFIER
MIH-PLATFORM
MIH-CLIENT-FARM
X-Server-ID
Powered
ServerID
X-Country-Code
X-Time
Buuteeq-Source
X-ACMCache
X-Cluster-Node
NetMindSessionID
X-Ttl
X-Geo-IP
X-Microcache-Status
X-Device-Type
Backend
X-LIGHTHTTP-PCDID
X-Orig-Vary
Qs-Cache
X-Gamma-Serve
X-Cache-Age
X-Sys-Req-ID
X-Secret
X-Frontend
X-Varnish-Beresp-Ttl
MW-Webserver
X-Varnish-Beresp-Status
PageSpeed
CT
X-Varnish-Beresp-Grace
X-Bettercache-Proxy
X-Srv
X-Tumblr-Pixel-6
X-Adobe-Content
Apache
X-Object-Type
X-TempDebug
X-Server-Id
XDomainRequestAllowed
X-Header
X-Object-Id
SS
Content-Transfer-Encoding
Dispatcher
Server2
X-Request-Locale
Rt-Fastcgi-Cache
CommunityServer
X-AOL-SNH
X-Translation
Beyond-Iis
X-Location-Id
X-Powered-By-VTEX-Janus-Router
X-Cache-On
X-Varnish-Count
LBVIS
X-ServerCache-Info
X-Powered-By-VTEX-Janus-ApiCache
X-Powered-By-VTEX-Janus-Edge
No
X-Varnish-HitMiss
X-Vtex-Remote-Cache
X-Vtex-Processado-Em
X-VTEX-Janus-Router-Backend-App
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
X-Vtex-Processed-At
X-Cache-Action
X-Cache-Lifetime
X-Directory-Script
X-FreeTag-Count
SFY
LFY
X-CHSN
X-Wily-Info
X-Connection-Hash
X-Enhanced-By
X-Twitter-Response-Tags
Ms
Content-MD5
X-Wily-Servlet
X-Venda-Hitid
X-Transaction
X-Distributed-By
X-Recruiting
From
X-TNCMS
X-Machine-Name
X-Atraveo-Cache-Control
X-Atraveo-TTL
X-Atraveo-NC
X-Atraveo-From-Varnish-Cache
X-Atraveo-Varnish-Server-Id
X-Amz-Id-1
X-Ar-Debug
X-Expires
X-Force
X-PRAM
X-Info
X-Source-ID
Worker
X-Cms-Mode
Author
X-UD-Target
X-Src-Webcache
X-Grid-Server
X-Resolver-IP
X-UD-REMOTE-ADDR
X-UD-Loopcounter
X-Jphone-Copyright
ScoreTracker
X-T3CacheInfo
X-Dev
UniqueName
X-Max-Age
X-Trace
X-WR-MODIFICATION
X-WebServer
NLCacheNote
X-BS
X-Varnish-Debug-Hits
X-Developer
X-Debug
X-ORACLE-DMS-ECID
X-Empowered-By
X-Turbo-Control
Cteonnt-Length
X-Varnish-ID
X-Varnish-Action
-GCR
X-N
X-Instart-Request-ID
X-Cached-Status
BM-Cache-Node
Warning
MirrorName
SiteName
X-Varnish-Debug-Age
BM-Cache-Key
X-Frames-Options
X-Li-Pop
X-Li-Fabric
X-FS-UUID
LBC
X-LI-UUID
X-Origin-Id
X-Remote-Addr
X-Geo-IP-Metro
Front
X-UseReverse-Proxy
X-MJ-Upstream-Addr
X-Geo-IP-Region
X-Webapp
Allow
X-GeoIP
X-Uid
X-Geo-IP-Country
X-Geo-IPV
X-Router
X-Router-Backend
X-TTFB-L
Rt-Server
X-TTFB
X-SmugMug-Hiring
X-Phpwcms-Page-Processed-In
X-SmugMug-Values
X-Stage
X-Phpwcms-Release
Be-Ip
WP-AdvCache-MemCached
Access-Control-Expose-Headers
X-Response
SVR
X-ManagedFusion-Rewriter-Version
X-CacheHits
X-Kirra-SiteId
X-Rewritten-By
Smug-Env
Be-Va
X-Id
X-Powered-By-Server
X-GC-App
X-MJ-Serve-Req-Time
X-GC-Read
X-GC-Write
X-B2f-Cache-Load
X-Accelerated-By
X-Hash
Version
X-ACCELERATE
Www.Myjob.Se
Www.Mirrorgate.Se
Test.Executivepeople.Se
Www.Mabracertifiering.Se
X-Client-IP
X-Vivastreet
X-Server-By
X-Vivastreet-KiwiiPage
X-Yqk-Set
Backend-Host
Front-End-Https
X-Powered-By-Yqk
X-LAvg
BALANCEDTO
Ksid
X-Upstream
X-Flow-Powered
X-EPiphany-Vid
X-Gannett-Site-Version
Il-Cl
X-OPNET-Transaction-Trace
Cache-Ctrol
X-Host-Url
No-Cookie
X-Client-Vid
Sid
X-ARR
X-CacheTTL
X-Origin
X-Varnish-Cache-Server
Open.Jobgate.Se
Cneonction
Ram
SS-Request-ID2
Web-Server
X-Vhost-ID
Cpu
7e-Page-Cache
Compression-Control
OriginServer
Ec
X-ATM-RServer
NnCoection
Last-Published
X-Vhost
X-T3CacheTags
X-Via-Kemp
X-ChromeLogger-Data
X-Garden-Version
X-T3Cache
Jobb.Assistentpoolen.Se
X-Nginx-Server
X-B2f-Not-Route
Cluster-ID
Jobb.Passal.Se
Jobb.Gil.Se
P3P:CP
Noq
X-ATM-RTime
X-Goog-Hash
X-Content-Age
X-Farm-Server
X-Block
XX
X-WorkerInstancename
Backend-Name-Original
X-SDE-Name
SIP
X-Trace-App
X-Channel-Maxage
Accept-Language
X-Varnish-Device
X-Web-Node
X-Varnish-URL
X-Old-Content-Length
X-Cache-Set
X-Edge-Location
Provided-Host
Tracker
BM-Cache-Status
X-ESI-Enable
At-Isb
X-Locale
At-Shoptype
Atp-Isdpp
97YES.COM
X-DB-Content-Length
X-UserAgent
X-Work-With-Me
X-FFX-B
CDN
X-Catalyst
X-PM-ID
ServerConfigManager.WebBugTracker
X-SSL
X-Powered
Tpt.Renderer
WFE
Tpt.Renderer1
Render
Content
Copyright
Before
If-Modified-Since
ExecuteNonQuerySQLParam
X-Varnish-Cache-Local
X-Server-Generated
IsFullSiteRequest
After
X-SV
X-Server-Instance
X-Hit-Cache
Provider
Xonnection
Cmsid
X-Purge-Url
Cmstype
X-Cache-Ttl
RATING
Acdc-Web
X-Route
X-Pagename
Bs-Header
INCOMING-TIME
X-Monstercache-Timeout
User-Updated-At
X-Distributor
X-Hstore
X-UPSTREAM
X-Hosting-Env
Server-N
Fw-Via
X-Nginx-Host
User-Id
X-MobileDetected
X-Do-Not-Hack
X-WP
X-EdgeRouter
X-CACHE-TTL
X-S-Misc
X-D-Time
X-Source-Host
X-FCMS-Cache
X-Hrouter
X-Generation-Time
Mark
X-Unbounce-PageId
X-Unbounce-Variant
Hamster
Redirect
X-Accel-Expires
Edgecast
X-Snapsis-PageBlaster
X-PvInfo
X-Yottaa-Metrics
X-Yottaa-Optimizations
X-7d-Version
X-7d-Traceid
CP
X-Actindo-RS
X-Unbounce-VisitorID
X-Ms-Invokeapp
X-Amz-Version-Id
PServer
X-N-ViewType
X-Edge-IP
X-Full-URL
X-Varnish-Currency
Progma
X-Monstercache-Hash
Pool
Nitro-Cache
X-Varnish-Cookie-Debug
X-Monstercache-Host
X-ProxyInstancename
X-RemovedCookies
Content-Security-Policy-Report-Only
TP-L2-Cache
X-MCB-Server
TP-Cache
X-ProcessESI
BM-CountryCode
ServerId
Svr
X-Real-Server
X-EPiLogOnScreen
Content-Instance
X-EPiLogOnScreen-PostUrl
X-CacheServer
X-Revision
X-Drupal-Cache-Tags
X-Nginx-Backend
X-Node-Name
X-GSL-Server
X-DTC
X-Brought-To-You-By
X-WA-Info
X-Dynamic
X-7dig
X-TLServer
X-Monstercache
B-Powered-By
X-Varnish-Debug-Pool-Recv
X-Varnish-Debug-Pool-Fetch
X-Varnish-Restarts
X-Uplex
X-Hit
X-Internal-IP
X-SilverStripe-Cache
X-Seschat-URL
X-Flex-Tag
X-Flex-Tags
X-Cache-Control
X-Flex-Lang
X-Flex-Evstart
Sprequestguid
X-Allow-Redis
X-Flex-Community
X-Flex-Evend
User-Cache-Control
X-Flex-Lastmod
X-SeschatRedID
X-SeschatDID
X-Purge-Level
X-SeschatTemplateID
Head
X-SeschatLayout
Http
X-Your-GrandPa-Would-Wait
X-Would-Your-GrandPa-Wait
Ibf5scheme
POOL
MachineName
X-GitHub-Request-Id
X-Author
X-Cache-Backend
X-Hosting
Test
MGIT
Portlet.Expiration-Cache
Publisher
X-Sharepointhealthscore
X-Powered-Developer
X-Page-Generated-At
X-Page-Generation-Time
X-PS-MURDOCK-ORIG-PROTOCOL
X-JSON-API-LATENCY
X-Forwarded-Proto
ServerIP
SBMCLOUD
X-PS-MURDOCK-ORIG-FILEEXT
X-Stackable-Node
X-PS-MURDOCK-CASE-NORMALIZATION
X-Abuse
X-TTL-Age
Ozcache
WP-Cache
X-Time-Microsecs
Requested-Host
X-VG-WebCache
X-BIN
SLB
X-Client-Id
X-Binarysec-Via
X-CMS
X-AISO-Server
X-AISO-Cache
UNIQUE-ID
X-REDIRECTSERVER
X-Cluster-ID
X-Benchmark-Sphinx-Count
No-Cache
X-Benchmark-Sphinx
X-GeoIP-Country
X-ESI
X-Benchmark-Total
X-Environment
X-AspNet-Browser-ID
X-Compressed-By
X-Wikidot-Backend
X-Wikidot-Static-Cache
X-Beatles
X-USERNAME
X-Req-Host
X-Test
X-Svr-Id
X-Server-IP
X-NID
F-In-Cache
X-Gondor-Server
PROPSON-FARM
X-DefendeR-Runtime
HCVer
HAVer
X-LB
X-HOSTTYPE
X-Benchmark-Db
X-Benchmark-Cache
X-Time-Spent
X-Oracle-DMS-ECID
Xc
X-TAG
AppDynamics-BT
X-NginX-Server
X-Server-Node
Pool-Info
X-View
X-DeliveryServer
X-Hostingcenter
X-Mobile
XDisk
Ttl
X-WLD-LB
X-DC-Origin-IP
X-ESI-Processing
X-NginX-Cache
Web-Head
Time
D
X-SATserver
X-RequesterIP
X-PBY
X-Planisys-CDN-Cache
X-Planisys-CDN-Rules
Foglight-Request-UUID
S-Cnection
X-Client-Addr
Tempo
X-IDS-WS
X-RNDPAGE
SV-Duration
X-CCM
X-SERVERID
ORIGIN
X-App-Container
MageStack-Area
X-Frontal
CPOINT
X-Built-By
Cached
X-RSS-CACHE-STATUS
X-Ec-Custom-Error
Esi-Enabled
DB-Nickname
Host-Service
CacheControlHeader
X-Domino-CacheValidationWithETagResult
SharePointError
X-From-TL-Proxy
Sophnep-Edge-FX
ASD-WEB-40
Arr-Disable-Session-Affinity
WebDevSrc
X-Middleton-PageSpeed
X-Domino-CacheValidationWithETagReason
X-FRONT-TTL
Disaptch-Cache-Rule
MageStack-Debug
MageStack-Loadbalancer
MageStack-PageSpeed
MageStack-Config
MageStack-Cacheable
MageStack-Cache-Hits
MageStack-Cache-Lifetime
MageStack-Cache-Status
MageStack-Response-Ttl
MageStack-Tag
X-Nc
X-Timestamp
X-Trans-Id
X-MSEdge-Ref
X-Framework
Prama
Server-Ip
X-PoweredBy
MageStack-Cache
Access-Control-Allow-Method
X-ATP-Server
X-Cluster-Host
X-Artvisual-Server
Www.Aujourdhui.Com
Server-Optimized-By
SL-NOREWRITE-REDIRECTS
X-Confluence-Request-Time
X-Device-Group
X-Pb-Mii
X-PHP-Cache
X-Optimization
X-Nucleus-Cache
X-Mii-Cache-Hit
Hotelbookingid
DBG-Timestamp
Z-NginxStatus
X-Aws-Ec2
X-Life
Server-IP
BrandBucket-Domain
Mobiquo-Is-Login
X-GL-SRV
X-Obvious-Info
DBG-HTTPHOST
DBG-TargetHost
X-IP
X-Http-Host
X-Obvious-Tid
CACHED-RESPONSE
X-Varnish-Mode
X-Webstats-RespID
X-Accel-Cache-Control
X-Pixelsilk-Version
X-Pixelsilk-Server
X-IP-Address
X-Apublish-Id
X-Backend-Ip
X-Varnish-Set-Cookie
CData
X-Ratelimit
X-App-Server
X-Dokk-PortalId
X-Czt
X-Cluster
X-Cache-Key
Tracecode
X-Varnish-Ttl
X-Aberdeen-Site
X-Aberdeen-Cache
X-Amz-Meta-S3fox-Filesize
MwpReleaseVersion
Serv
ResourceTag
Public-Extension
Nginx-Cache
X-Amz-Meta-S3fox-Modifiedtime
X-Symfony-Cache
X-V-Outer
X-V-I-TTL
X-Req-Url
X-Process-Time
X-V-TTL
X-Bcwwwid
X-JG-Page-Cache
Encoding
B2C-F-008
Srv-N
SRV
Apple-Itunes-App
X-Serendipity-InterfaceLangSource
X-Serendipity-InterfaceLang
X-MSU-SOURCE
X-DEBUG
BE
WEBO
X-Cookie
X-HW
Ap-Exec-Time-Mks
X-SiteConInfo
EWHSERVER
Robots
X-BKSrc
Content-Cache
W
X-Created
CacheControlMode
Hishop
X-DELIVERYSERVER
CC-UP
X-Var-Hash
V-Cache
X-Url-Store
X-ASTRO-REWRITE
ProxiaInstanceId
Sigma
Vacache
X-DSMX-Rewrite-MS
X-Debug-Token
Aoestatic
X-ELC-Checkpoint4
X-Debug-Serve
X-Checkout
X-RE-Ref
AcceptLangage
CountryCode
X-Config-By
X-Continum-Server
X-Magento-Action
X-Magento-Lifetime
X-Cookie-Store
X-DSMX-Render-MS
X-Fett
X-Backend-Status
X-WAP
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-Cache-Host
OGHopCount
Secured
AppServer
X-V
X-Req-Counter
X-Cachable
Keywords
Description
X-Medium-Entity-Type
X-Varnish-Esi-Access
X-Turpentine-Esi
X-Turpentine-Cache
X-ErrorPage
X-Gyrobase-Publication
X-Varnish-Esi-Method
X-Xhr-Current-Location
X-Medium-Entity-Id
X-Varnish-Store