Threat Level: green Handler on Duty: Russ McRee

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
P3P
Link
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
Content-Location
Keep-Alive
X-Frame-Options
CF-RAY
X-Varnish
X-Check
X-Language
X-Template
X-Buckets
X-Cacheable
Access-Control-Allow-Origin
X-Generator
P3p
X-Drupal-Cache
X-Ac
X-Hacker
WP-Super-Cache
Status
MS-Author-Via
X-AspNetMvc-Version
X-Powered-By-Plesk
X-Pad
X-Runtime
X-Geo-Port
X-Geo
Strict-Transport-Security
X-Request-Id
X-Powered-CMS
X-Host
MicrosoftOfficeWebServer
X-Type
X-Cache-Group
X-FRAME-OPTIONS
Access-Control-Allow-Credentials
X-Server
Ngpass-Ngall
X-Cache-Lookup
X-Logged-In
X-Mod-Pagespeed
X-Cache-Hits
Host-Header
X-UA-Device
X-Rack-Cache
X-Url
MicrosoftSharePointTeamServices
X-XRDS-Location
X-Via
X-Forwarded-For
X-Iinfo
X-Backend
Access-Control-Allow-Headers
SPRequestGuid
X-SharePointHealthScore
X-Tumblr-User
Content-Encoding
Access-Control-Allow-Methods
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-CF-Powered-By
X-Varnish-Cache
X-Tumblr-Pixel-1
X-Served-By
X-Accel-Version
X-Robots-Tag
X-Xss-Protection
X-Page-Speed
X-INKT-SITE
X-INKT-URI
X-Cnection
X-PhApp
X-ContextId
X-BC-Is-HA
X-MS-InvokeApp
X-ServedBy
X-CDN
X-Webserver
X-Tumblr-Pixel-2
X-ShopId
X-ShardId
X-Alternate-Cache-Key
Composed-By
X-Safe-Firewall
Served-By
X-Hostname
X-Firenze-Processing-Times
X-Pass-Why
X-Cache-Hit
X-PC-Hit
X-PC-Key
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId
X-Port
X-AH-Environment
X-XN-Trace-Token
X-XN-XNHTML
X-Cache-Status
X-Seen-By
X-Dc
X-Tumblr-Pixel-3
X-Powered-By-360WZB
Cartoon
X-Age
X-Spip-Cache
Liferay-Portal
Content-Script-Type
Content-Style-Type
Cf-Railgun
X-Request-ID
X-Amz-Cf-Id
X-Amz-Id-2
Content-Security-Policy
X-Umbraco-Version
X-Server-Name
X-Cache-Info
X-HeyJason
X-Amz-Request-Id
X-Content-Digest
X-Source
Request-Id
SPIisLatency
X-Rot
SPRequestDuration
X-SERVER
X-Cache-Server
X-FB-Debug
X-Served-From-Cache
X-Cache-Result
X-Styx-Build-Sha
X-Styx-Req-Id
X-Pantheon-Styx-Hostname
X-Pantheon-Endpoint
X-Styx-Version
X-Styx-Build-Num
X-Styx-Build-Date
X-Hyper-Cache
Rating
X-Timer
X-W-DC
CF-Cache-Status
X-Outils-CS
X-Device
X-Wix-Renderer-Server
Powered-By-ChinaCache
X-TN-ServedBy
Real-Hostname
X-PHP-Engine
X-Wix-Dispatcher-Cache-Hit
X-Loop
X-Wix-Request-Id
X-DynaTrace
TCN
X-VCache
X-Px
X-FullPageCaching
X-TNCMS-Served-By
X-TNCMS-Render-Time
X-PersistenceNode
X-TNCMS-Memory-Usage
X-TNCMS-Version
Refresh
X-Cached-By
X-Mobilized-By
NS-RTIMER-COMPOSITE
X-Tumblr-Pixel-4
Imagetoolbar
X-Cached
DynaTrace
Page-Completion-Status
Magicmarker
X-Generated-By
X-DynaTrace-JS-Agent
X-Original-Content-Length
X-From
IBM-Web2-Location
X-CDN-Geo-IP
X-CDN-Any-IP
X-CDN-Geo
X-Cache-Enabled
X-Loc
X-Content-Encoded-By
X-Microcachable
X-Tumblr-Content-Rating
Thanks
Product
Powered-By
X-Powered-By-Anquanbao
X-W3TC-Minify
X-CMS-Version
X-Matrix-Proxy
X-Matrix-Server
X-Served-With
X-Zephyr
X-Content-Security-Policy
X-Backend-Server
Access-Control-Max-Age
X-Firenze-Processing-Time
X-Tumblr-Pixel-5
Charset
PICS-Label
X-DDC-Arch-Trace
Generator
X-Node
Content-Encoding-Handler
X-Permitted-Cross-Domain-Policies
Node
Retry-After
ServedBy
X-I
Proxy-Agent
X-Varnish-Cacheable
Response
X-Processed-By
X-Content-Options
X-Cf-Powered-By
X-WebKit-CSP
X-Clacks-Overhead
MIME-Version
SID
X-Varnish-Backend
X-SDS
X-DNS-Prefetch-Control
X-FW-Hash
X-Varnish-Host
Lsrequestid
X-FW-Type
X-Drectory-Script
X-FW-Static
X-FW-Serve
X-Cache-Debug
X-User-Agent
X-ATG-Version
X-Sol
X-Purge-Host
ServerName
X-Cache-Expires
X-App-Hosting
RTSS
X-UD-Method
X-UD-Host
X-Expires-Orig
X-NoCache
Set-Cookie2
X-AspNetWebPages-Version
X-Middleton-Response
X-ApacheServer
X-Varnish-TTL
Access-Control-Request-Method
X-Jimdo-Pid
X-Jimdo-Wid
X-SN
X-Duration
Content-Disposition
X-LiteSpeed-Cache
Pics-Label
X-Original-Request
IISExport
X-Hits
Host
Edge-Control
X-Director
X-Returned-From-BeforeDispatch
X-Returned-From
X-Returned-From-DLL
X-Returned-From-PostProcessResponse
Accept-Encoding
X-Handled-By
X-Passed-To-BeforeDispatch
X-Passed-To
X-Passed-To-PostProcessResponse
X-Actual-URL
X-Passed-To-DLL
X-Cache-Config
X-PERF
Cache-By-Node
X-TTL
X-Purge-URL
X-PF-Uncompressing
X-Nitra-Side
X-ServerID
X-Varnish-Hits
X-Cache-Control-Orig
X-Swift-SaveTime
X-Swift-CacheTime
X-Hosted-By
VAR-Cache
X-Micro-Cache
COMMERCE-SERVER-SOFTWARE
NODE
X-Vary-Options
AMF-Ver
X-Cookie-Domain
X-Version
S
X-Middleton-Display
SEOMOZ
MJ12bot
Display
Fhost
X-Front
Cache
X-PwB-Node
X-Art-Request-Id
X-Engine
Cm-Server
Surrogate-Control
X-FIRSTBase
Website-Info
Server-Info
X-URL
X-Speed-Cache-Key
X-Speed-Cache
Grace
SN
Id
X-MiniProfiler-Ids
X-Cocoon-Version
X-Varnish-IP
X-Whom
X-Yadis-Location
X-Highwire-SessionId
X-Highwire-RequestId
Filter-Revision
X-Track
X-App-Status
X-Response-Time
X-Blog
WWW-Authenticate
X-Session-Reinit
X-Trace-Cache
Machine
X-S
X-Provisioner-Version
X-Domain-Checked
X-ServerName
X-VARNISH-Cache
X-CJ-Soft
Qs-Cache
Ngpass-Vcall
Server-Name
X-Varnish-Age
X-Stale
Microsoftsharepointteamservices
X-Cache-Rule
X-FW
X-GeoIP-Country-Name
Accept-Charset
X-Microcache-Status
X-GeoIP-Country-Code
X-Distil-CS
X-Device-Type
Req-Id
X-Xrds-Location
X-SRV
Srv
Nodo
X-ACMCache
X-Time
Upgrade
X-Directory-Script
A-Powered-By
Sprequestguid
NtCoent-Length
X-Sharepointhealthscore
X-Cdn
Powered
X-BackendServer
Webluker-Edge
X-Amz-Meta-S3cmd-Attrs
X-Proxy-Cache
X-Varnish-Object-Age
ServerID
NetMindSessionID
Location
Proxy-Connection
X-Ms-Invokeapp
X-Ttl
X-Orig-Vary
X-Cache-Operation
X-Varnish-Cache-Hits
X-Srv
X-Translation
X-Gamma-Serve
X-Server-ID
X-Source-Host
X-Country-Code
X-Sys-Req-ID
Rt-Fastcgi-Cache
X-ID
X-Bettercache-Proxy
X-AOL-SNH
X-Frontend
X-WebServer
Buuteeq-Source
CC-CACHE
X-App
CT
MIH-PUBLIC-IDENTIFIER
X-CacheHits
X-Header
X-Adobe-Content
X-Secret
MIH-CLIENT-FARM
X-CHSN
MIH-PLATFORM
X-Varnish-Server
Fpc-Cache-Id
X-Cache-Action
X-Cache-On
X-Object-Id
X-Vtex-Processado-Em
X-LIGHTHTTP-PCDID
X-TempDebug
X-Vtex-Remote-Cache
X-Transaction
X-Connection-Hash
X-Object-Type
X-Twitter-Response-Tags
Ms
No
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
Origin
Content-Transfer-Encoding
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Janus-Router-Backend-App
X-Recruiting
X-Src-Webcache
X-MJ-Upstream-Addr
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-Edge
X-Powered-By-VTEX-Janus-Router
X-Powered-By-VTEX-Janus-ApiCache
X-Vtex-Processed-At
MW-Webserver
Backend
X-Cache-Age
SS
Cteonnt-Length
Dispatcher
PageSpeed
X-Cluster-Node
NLCacheNote
X-Geo-IP
X-FORWARDED-FOR
Beyond-Iis
XDomainRequestAllowed
X-Tumblr-Pixel-6
X-ORACLE-DMS-ECID
X-Cache-TTL
X-Location-Id
CommunityServer
Server2
LBVIS
X-Wily-Info
X-Atraveo-From-Varnish-Cache
X-Source-ID
X-Atraveo-Cache-Control
X-Atraveo-Varnish-Server-Id
Author
X-Machine-Name
X-Wily-Servlet
X-Grid-Server
X-Atraveo-TTL
X-Enhanced-By
X-Atraveo-NC
X-Li-Pop
Apache
X-LI-UUID
X-Turbo-Control
X-Resolver-IP
X-Debug
X-Li-Fabric
X-GeoIP
X-Amz-Id-1
SiteName
X-Expires
X-Force
X-FS-UUID
MirrorName
X-PRAM
X-Info
From
X-Accelerated-By
X-Old-Content-Length
X-Server-Id
X-N
X-Stage
UniqueName
X-MJ-Serve-Req-Time
X-Cache-Lifetime
X-Id
X-FreeTag-Count
X-Cached-Status
X-Venda-Hitid
X-Trace
X-Ar-Debug
Warning
X-Channel-Maxage
X-Block
X-ChromeLogger-Data
X-Empowered-By
X-Developer
Content-MD5
-GCR
Allow
X-Powered-By-Server
X-WEBSERVER
X-Trace-App
Backend-Name-Original
X-Nginx-Server
X-Upstream
X-Uid
X-Varnish-Count
X-Varnish-HitMiss
X-UD-Target
X-UD-REMOTE-ADDR
X-Garden-Version
X-UD-Loopcounter
SVR
X-Server-By
X-UseReverse-Proxy
At-Isb
X-Webkit-CSP
X-ManagedFusion-Rewriter-Version
X-Rewritten-By
Worker
X-Cache-Ttl
X-Frames-Options
Provided-Host
X-Router
X-Cms-Mode
Front
X-Dev
X-Router-Backend
At-Shoptype
X-Vhost
X-T3CacheInfo
X-ServerCache-Info
X-Webapp
X-Jphone-Copyright
Atp-Isdpp
X-Origin-Id
Public-Key-Pins
SRV
SFY
X-PvInfo
Be-Ip
X-WR-MODIFICATION
BM-Cache-Node
ScoreTracker
BM-Cache-Key
Be-Va
X-Distributed-By
X-Hosting-Env
LFY
REFRESH
X-Real-Server
Mark
X-Request-Locale
X-Vhost-ID
X-Powered
X-PM-ID
X-Via-Kemp
X-Powered-By-Yqk
X-Varnish-Action
X-Varnish-Debug-Hits
CDN
Cluster-ID
X-Varnish-Debug-Age
Access-Control-Expose-Headers
ORIGIN
X-HOSTNAME
X-Yqk-Set
X-Varnish-ID
Noq
X-SilverStripe-Cache
Ksid
OriginServer
X-SSL
Cpu
X-T3CacheTags
X-Response
X-Max-Age
X-Farm-Server
X-Geo-IP-Country
WP-AdvCache-MemCached
7e-Page-Cache
SS-Request-ID2
XX
SIP
X-Goog-Hash
X-Varnish-Cache-Local
Ttl
X-Content-Age
Web-Server
WP-Cache
X-Drupal-Cache-Tags
X-Geo-IPV
X-Geo-IP-Metro
X-Geo-IP-Region
X-Kirra-SiteId
X-GSL-Server
X-ATM-RTime
X-N-ViewType
X-ATM-RServer
X-Accel-Expires
Ram
Rt-Server
X-B2f-Not-Route
Cmsid
Cmstype
Aoestatic
LBC
X-HostName
X-GC-Write
X-Cache-Set
BM-Cache-Status
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
X-GC-App
X-GC-Read
X-Server-Instance
X-Remote-Addr
X-Abuse
X-CacheServer
X-Actindo-RS
Www.Mabracertifiering.Se
X-Web-Node
X-CacheTTL
X-ASTRO-REWRITE
Www.Myjob.Se
Www.Mirrorgate.Se
X-DeliveryServer
BALANCEDTO
Cache-Ctrol
Jobb.Gil.Se
P3P:CP
X-Monstercache-Timeout
X-Monstercache-Host
X-Origin
X-OPNET-Transaction-Trace
X-Nginx-Backend
No-Cookie
Open.Jobgate.Se
X-Monstercache-Hash
X-Monstercache
Jobb.Passal.Se
X-DTC
Jobb.Assistentpoolen.Se
X-ESI
Test.Executivepeople.Se
X-MCB-Server
X-Gannett-Site-Version
Il-Cl
Compression-Control
X-Yottaa-Metrics
X-Nginx-Host
X-Varnish-Currency
X-Varnish-Device
X-B2f-Cache-Load
X-Distributor
AppDynamics-BT
X-WorkerInstancename
X-WP
Accept-Language
X-Route
Content-Instance
X-Varnish-Cache-Server
X-UPSTREAM
X-Yottaa-Optimizations
X-EdgeRouter
X-Varnish-URL
X-Varnish-Cookie-Debug
X-DefendeR-Runtime
X-Hstore
ServerId
X-Purge-Level
X-Hrouter
X-Allow-Redis
X-MobileDetected
PServer
X-Node-Name
PageSpeedFilters
User-Id
ServerIP
Cneonction
Last-Published
User-Updated-At
X-ACCELERATE
Version
X-Hash
X-LAvg
X-Full-URL
X-LB
X-MSEdge-Ref
Ibm-Web2-Location
X-NID
Pool-Info
ServerConfigManager.WebBugTracker
X-Hit
Progma
Render
X-Flex-Evend
X-Vivastreet-KiwiiPage
WFE
User-Cache-Control
X-Edge-Location
X-ESI-Enable
X-WA-Info
X-DB-Content-Length
X-Catalyst
Provider
X-Client-IP
X-Compressed-By
X-Confluence-Request-Time
Tpt.Renderer1
Tpt.Renderer
X-Flex-Tag
X-Flex-Lastmod
X-Flex-Tags
X-Hit-Cache
Sigma
X-Flex-Lang
X-Flex-Evstart
X-Vivastreet
X-FFX-B
X-Flex-Community
Test
X-Host-Url
Pool
Hamster
ExecuteNonQuerySQLParam
X-Varnish-Debug-Pool-Recv
Ec
HAVer
HCVer
IsFullSiteRequest
X-Server-Generated
X-Varnish-Debug-Pool-Fetch
X-Symfony-Cache
X-T3Cache
Before
Acdc-Web
After
Backend-Host
Content
Content-Security-Policy-Report-Only
X-Varnish-Restarts
CP
Copyright
X-Uplex
X-SV
X-Pagename
X-Magento-Action
X-Cache-Backend
Server-Optimized-By
X-Magento-Lifetime
X-ProcessESI
X-Wix-Route-ID
X-RemovedCookies
Xonnection
Ozcache
X-Oracle-DMS-ECID
X-IDS-WS
X-IP-Address
NnCoection
Bs-Header
X-Internal-IP
X-Country
X-TTL-Age
X-Benchmark-Total
X-TTFB-L
X-TTFB
X-DC-Origin-IP
X-Benchmark-Sphinx
X-Do-Not-Hack
X-Trans-Id
X-Benchmark-Sphinx-Count
X-Nucleus-Cache
X-Your-GrandPa-Would-Wait
X-Config-By
X-Unbounce-Variant
X-Would-Your-GrandPa-Wait
X-Page-Generated-At
X-Unbounce-VisitorID
X-Webstats-RespID
X-BS
X-UserAgent
X-CCM
X-Client-Addr
X-Optimization
X-Brought-To-You-By
X-CMS
X-Cluster-Host
X-Binarysec-Via
X-Client-Vid
X-Unbounce-PageId
X-Timestamp
X-SeschatLayout
X-SeschatDID
X-Seschat-URL
X-Ratelimit
X-PS-MURDOCK-ORIG-PROTOCOL
X-SeschatTemplateID
X-SeschatRedID
X-PS-MURDOCK-ORIG-FILEEXT
X-Hosting
X-Hostingcenter
X-Locale
X-Revision
X-Mobile
X-XHR-Current-Location
X-Server-Node
X-JSON-API-LATENCY
X-REDIRECTSERVER
X-SmugMug-Hiring
X-PS-MURDOCK-CASE-NORMALIZATION
X-Time-Spent
X-Time-Microsecs
X-Varnish-Set-Cookie
X-Dynamic
X-Benchmark-Db
X-Dokk-PortalId
X-PBY
X-TLServer
X-ELC-Checkpoint4
X-EPiphany-Vid
X-Flow-Powered
X-SmugMug-Values
X-Framework
X-ProxyInstancename
X-Stackable-Node
X-Page-Generation-Time
X-Powered-Developer
Xc
Ngpass-All
X-Benchmark-Cache
Mobiquo-Is-Login
F-In-Cache
Tracker
TP-Cache
TP-L2-Cache
MGIT
X-7d-Traceid
MageStack-Response-Ttl
DBG-HTTPHOST
MageStack-Tag
X-7dig
ExecutionTime
X-7d-Version
Foglight-Request-UUID
Tempo
Sid
Redirect
Server-N
Hotelbookingid
Ibf5scheme
If-Modified-Since
B-Powered-By
Smug-Env
Svr
Portlet.Expiration-Cache
SV-Duration
Publisher
DBG-Timestamp
POOL
X-SERVER-ID
X-Author
MageStack-Config
X-App-Server
MageStack-Area
MageStack-Cache-Status
MageStack-PageSpeed
MageStack-Cache-Hits
MageStack-Cache-Lifetime
MageStack-Cache
X-Artvisual-Server
DBG-TargetHost
MageStack-Cacheable
MageStack-Debug
MachineName
Edgecast
MageStack-Loadbalancer
X-App-Container
Servername
Head
INCOMING-TIME
Nitro-Cache
X-Purge-Url
Front-End-Https
X-FCMS-Cache
X-NginX-Server
Fw-Via
X-NginX-Cache
Disaptch-Cache-Rule
PROPSON-FARM
Keywords
X-USERNAME
X-SATserver
X-Req-Host
Initialhost
X-MSU-SOURCE
X-Url-Store
X-Magnolia-Registration
X-Server-IP
X-Middleton-PageSpeed
X-Mii-Cache-Hit
X-Mod-Oboe-PS
X-Req-Counter
X-Req-Url
X-Life
ProxiaInstanceId
X-NGINX-CACHED
X-PoweredBy
Description
X-Process-Time
X-Provided-By
SBMCLOUD
CountryCode
D
X-Planisys-CDN-Cache
X-Planisys-CDN-Rules
IsMobile
X-PHP-Cache
X-Pb-Mii
Modcookie
Modhost
X-NGINX-CACHED-AT
X-Turpentine-Cache
X-Nginx-Cache
OGHopCount
X-Turpentine-Esi
X-S-Misc
No-Cache
Content-Cache
Modurl
CData
CC-UP
CACHED-RESPONSE
OutputRewritten
X-Gondor-Server
X-AISO-Cache
X-ACLR-Version
X-Continum-Server
X-AISO-Server
X-WAP
X-Cluster-ID
X-Wikidot-Backend
X-Cookie-Store
X-AccessDev
X-Site
Www.Aujourdhui.Com
X-Varnish-Store
X-Device-Group
X-Status
X-Created
X-D-Time
X-Wikidot-Static-Cache
X-WLD-LB
X-Cache-Host
X-Cache-Key
X-Cache-Via
X-Nocache
XDisk
X-Backend-Status
Xforwardhost
X-ATP-Server
X-AspNet-Browser-ID
X-Wm-VIP
X-Wm-1
X-Work-With-Me
X-Checkout
X-Snapsis-PageBlaster
X-ARR
Server-IP
WebDevSrc
AcceptLangage
SLB
X-Gyrobase-Publication
AC-ELC
X-Varnish-Debug-Varnish-TTL-Set-From-Server
97YES.COM
X-Generation-Time
X-Hc-Host
SL-NOREWRITE-REDIRECTS
X-Instart-Request-ID
X-V-Outer
X-V-I-TTL
X-V-TTL
X-Var-Hash
X-HOSTTYPE
X-Svr-Id
X-Varnish-Esi-Access
X-Forwarded-Proto
X-Varnish-Max-Age
X-Ec-Custom-Error
W
X-DSMX-Rewrite-MS
X-Domino-CacheValidationWithETagResult
X-DSMX-Render-MS
X-Domino-CacheValidationWithETagReason
X-Edge-IP
Time
X-Varnish-Esi-Method
X-Environment
X-Fett
X-Varnish-Hit
X-CACHE-TTL
X-Varnish-Ttl
X-VHOST
X-T
DrivedBy
AppServer
X-Varnish-Mode
X-Varnish-Hashed-On
Access-Control-Allow-Method
Ap-Exec-Time-Mks
X-VG-WebCache
X-VhostID
Z-NginxStatus
X-Xhr-Current-Location
X-View
Esi-Enabled
X-V
BrandBucket-Domain
Content-ID
Countrycode
X-Test
BE
B2C-F-008
Arr-Disable-Session-Affinity
X-Upstream-Server
AV1080
X-TAG
X-Ocache
X-Debug-Serve
X-Debug-Token
X-DELIVERYSERVER
X-DN-Cache-Control
X-Accel-Cache-Control
X-D2id
X-Cms-Server
X-Content-Parsed-By
X-Czt
X-Docuri
Web-Head
X-FarmId
X-Frontal
Srv-N
X-ESI-Processing
TIMESTAMP
V-Cache
X-Dynatrace-Js-Agent
UNIQUE-ID
X-CMS-Server
X-CMS-Powered-By
X-Cache-Control
X-Cached-From
X-Caching-Rule-Id
X-Aws-Ec2
X-B
X-Bcwwwid
X-BIN
X-Backend-Ip
X-ASPID
X-CCC
X-Cluster
X-Answer
X-Amz-Version-Id
X-APP
X-Client-Id
X-Cdn-View
X-CID
X-Apublish-Id
X-GeoIP-Country
X-GitHub-Request-Id
X-Panel-Name
X-Papaya-Cache
X-Papaya-Gzip
X-Pixelsilk-Server
X-Panel-Id
X-Obvious-Tid
X-NSPID
MwpReleaseVersion
X-Obvious-Info
X-Pixelsilk-Version
X-RE-Ref
Http
HGR-NOCACHE
EWHSERVER
X-SDE-Name
X-RSS-CACHE-STATUS
X-RequesterIP
Language
X-RNDPAGE
X-Nginx-UpstreamHost
X-Nginx-Pool
X-Instance
X-IP
X-JG-Page-Cache
X-HW
X-Http-Host
X-GL-SRV
X-Header-Set-Id
Server-Ip
S-Cnection
Rt-Proxy-Cache
Protected-By
Prama
X-Nc
X-Medium-Entity-Type
X-Medium-Entity-Id
X-Libra-UpstreamHost
Robots
Requested-Host
X-Src-Loadbalancer