Threat Level: green Handler on Duty: Chris Mohan

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Content-Length
Expires
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
Link
P3P
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
Content-Location
Keep-Alive
X-Frame-Options
CF-RAY
X-Varnish
X-Check
X-Language
X-Template
X-Buckets
P3p
X-Cacheable
Access-Control-Allow-Origin
X-Generator
X-Drupal-Cache
WP-Super-Cache
X-Hacker
Status
MS-Author-Via
X-AspNetMvc-Version
X-Powered-By-Plesk
X-Ac
X-Pad
X-Runtime
X-Geo-Port
X-Geo
X-Request-Id
Strict-Transport-Security
X-Powered-CMS
X-Server
MicrosoftOfficeWebServer
X-Host
X-Type
X-Cache-Group
Access-Control-Allow-Credentials
X-Cache-Lookup
Ngpass-Ngall
X-Logged-In
X-Mod-Pagespeed
X-Cache-Hits
MicrosoftSharePointTeamServices
X-UA-Device
Host-Header
X-Rack-Cache
X-Url
X-XRDS-Location
X-Via
SPRequestGuid
X-SharePointHealthScore
X-Iinfo
Access-Control-Allow-Headers
X-Tumblr-User
X-Forwarded-For
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Varnish-Cache
X-Backend
X-CF-Powered-By
Content-Encoding
Access-Control-Allow-Methods
X-Tumblr-Pixel-1
X-Served-By
X-Robots-Tag
X-Accel-Version
X-MS-InvokeApp
X-Xss-Protection
X-Page-Speed
X-Webserver
X-Cnection
X-PhApp
X-Tumblr-Pixel-2
X-INKT-SITE
X-INKT-URI
X-ContextId
X-Safe-Firewall
X-BC-Is-HA
X-ServedBy
X-CDN
Composed-By
X-ShopId
X-ShardId
X-Alternate-Cache-Key
Served-By
X-FRAME-OPTIONS
X-Firenze-Processing-Times
X-Hostname
X-Pass-Why
X-Cache-Hit
X-PC-Key
X-PC-Hit
X-PC-Host
X-PC-AppVer
X-PC-Date
X-Served-With
X-Sorting-Hat-PodId
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId-Cached
X-AH-Environment
X-XN-Trace-Token
X-XN-XNHTML
X-Tumblr-Pixel-3
X-Port
X-Source
X-Powered-By-360WZB
X-Rot
X-Cache-Status
X-Age
Content-Script-Type
Content-Style-Type
Liferay-Portal
X-Spip-Cache
X-Umbraco-Version
X-Server-Name
X-Amz-Cf-Id
Cf-Railgun
X-Amz-Id-2
X-HeyJason
X-Cache-Info
Cartoon
Request-Id
SPIisLatency
X-Amz-Request-Id
Content-Security-Policy
SPRequestDuration
X-Content-Digest
Powered-By-ChinaCache
X-Cache-Server
X-Cache-Result
X-Request-ID
X-Kafka-Logged
X-FB-Debug
X-Served-From-Cache
X-Hyper-Cache
X-Device
X-Timer
X-DynaTrace
X-Styx-Build-Sha
X-TN-ServedBy
X-Styx-Version
X-Styx-Build-Num
Real-Hostname
X-Styx-Build-Date
X-Styx-Req-Id
X-Pantheon-Endpoint
X-Pantheon-Styx-Hostname
X-Outils-CS
X-Loop
X-PHP-Engine
X-Px
TCN
X-VCache
X-Cached-By
Refresh
CF-Cache-Status
X-Mobilized-By
Rating
X-TNCMS-Render-Time
X-PersistenceNode
X-TNCMS-Version
X-TNCMS-Memory-Usage
X-TNCMS-Served-By
X-Tumblr-Pixel-4
Magicmarker
NS-RTIMER-COMPOSITE
Page-Completion-Status
Imagetoolbar
X-Cached
DynaTrace
X-Generated-By
IBM-Web2-Location
X-Original-Content-Length
X-From
X-Content-Encoded-By
X-DynaTrace-JS-Agent
X-URL
X-Loc
X-FullPageCaching
Thanks
X-W3TC-Minify
X-CDN-Geo
X-CDN-Any-IP
X-CDN-Geo-IP
X-Tumblr-Content-Rating
Product
X-Node
X-CMS-Version
X-Content-Security-Policy
X-Powered-By-Anquanbao
X-Tumblr-Pixel-5
X-Matrix-Server
X-Matrix-Proxy
X-Zephyr
X-Firenze-Processing-Time
X-Backend-Server
X-Cache-Enabled
Access-Control-Max-Age
X-WebKit-CSP
Generator
Charset
Retry-After
Pics-Label
X-FORWARDED-FOR
X-DDC-Arch-Trace
X-Varnish-Cacheable
X-Proxy-Cache
IISExport
ServedBy
Node
X-I
ServerName
X-Content-Options
PICS-Label
X-Drectory-Script
X-SDS
X-Processed-By
Powered-By
Set-Cookie2
X-Xrds-Location
Proxy-Agent
Content-Encoding-Handler
X-UD-Host
X-SERVER
X-UD-Method
X-Varnish-Backend
X-DNS-Prefetch-Control
Cache-By-Node
MIME-Version
Response
X-Varnish-Host
X-ATG-Version
X-Permitted-Cross-Domain-Policies
X-Expires-Orig
X-Original-Request
X-Cache-Debug
SID
X-HOST
Lsrequestid
X-Passed-To-DLL
X-Passed-To-PostProcessResponse
X-Returned-From-BeforeDispatch
X-App-Hosting
X-Returned-From-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Returned-From
X-Returned-From-DLL
X-Passed-To
X-Actual-URL
X-Handled-By
X-User-Agent
X-NoCache
X-FW-Hash
X-ApacheServer
X-Sol
X-PF-Uncompressing
X-Purge-Host
Edge-Control
X-FW-Type
X-FW-Serve
X-FW-Static
X-Director
X-Varnish-TTL
X-Duration
X-Cache-Expires
X-Cache-Control-Orig
X-SN
X-Nitra-Side
X-LiteSpeed-Cache
Accept-Encoding
Access-Control-Request-Method
X-AspNetWebPages-Version
RTSS
X-PERF
X-Middleton-Response
X-TTL
X-Front
COMMERCE-SERVER-SOFTWARE
S
Host
X-Hits
Content-Disposition
X-Purge-URL
X-Vary-Options
X-Cookie-Domain
Cm-Server
X-Varnish-Hits
Fhost
X-Version
X-Engine
NODE
WWW-Authenticate
X-ServerID
X-Cache-Config
Grace
NtCoent-Length
X-HOSTNAME
X-PwB-Node
X-Art-Request-Id
X-Hosted-By
X-Yadis-Location
Srv
Cache
Website-Info
Server-Info
Filter-Revision
X-Speed-Cache-Key
X-Speed-Cache
X-Micro-Cache
X-Trace-Cache
X-Cocoon-Version
X-Response-Time
X-Highwire-SessionId
X-Swift-CacheTime
SEOMOZ
MJ12bot
X-Highwire-RequestId
X-Swift-SaveTime
Surrogate-Control
X-Stale
Accept-Charset
X-CJ-Soft
AMF-Ver
X-Track
X-Varnish-IP
X-ServerName
X-Whom
X-FIRSTBase
Ngpass-Vcall
X-Varnish-Age
X-Session-Reinit
SN
X-Pangea-Version
Upgrade
X-FW
X-Blog
X-App-Start
Proxy-Connection
X-App-Status
X-Cache-TTL
VAR-Cache
X-ACMCache
X-Provisioner-Version
ServerID
X-Trace
X-Domain-Checked
X-S
X-Gamma-Serve
Id
Origin
X-GeoIP-Country-Name
X-MJ-Upstream-Addr
X-Time
X-GeoIP-Country-Code
X-BackendServer
X-Varnish-Server
Qs-Cache
X-Microcachable
Machine
Powered
X-Source-Host
X-Cache-Rule
X-Amz-Meta-S3cmd-Attrs
A-Powered-By
NetMindSessionID
X-CHSN
MIH-CLIENT-FARM
CT
X-Orig-Vary
MIH-PLATFORM
MIH-PUBLIC-IDENTIFIER
Time
X-Varnish-Cache-Hits
X-Varnish-Object-Age
X-Geo-IP
X-Cluster-Node
Server-Name
X-Country-Code
X-Distil-CS
X-Srv
X-Cdn
Req-Id
RATING
X-MJ-Serve-Req-Time
X-Machine-Name
Dispatcher
X-Device-Type
X-Sys-Req-ID
X-Microcache-Status
Ms
X-WEBSERVER
X-Transaction
X-Tumblr-Pixel-6
X-Adobe-Content
X-Twitter-Response-Tags
X-Connection-Hash
X-App
X-Secret
LBVIS
X-MiniProfiler-Ids
XDomainRequestAllowed
X-CacheHits
SS
X-Vtex-Processado-Em
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-Server-ID
X-Ttl
X-LIGHTHTTP-PCDID
X-Translation
X-Bettercache-Proxy
X-GeoIP
Warning
X-Stage
CommunityServer
X-Src-Webcache
UniqueName
From
X-SRV
X-Vtex-Remote-Cache
X-Object-Id
MW-Webserver
X-AOL-SNH
X-Directory-Script
X-Cache-Operation
Beyond-Iis
X-Object-Type
NLCacheNote
No
X-Cache-Action
X-Cached-Status
X-ServerCache-Info
Buuteeq-Source
X-ID
X-Server-Id
X-Atraveo-NC
X-Atraveo-Varnish-Server-Id
X-Atraveo-TTL
X-Atraveo-From-Varnish-Cache
X-Atraveo-Cache-Control
X-Powered-By-VTEX-Janus-Router
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-Edge
X-Powered-By-VTEX-Janus-ApiCache
X-Vhost
SiteName
X-Recruiting
X-VTEX-Janus-Router-Backend-App
Location
X-Vtex-Processed-At
X-Header
X-Cms-Mode
Be-Va
-GCR
X-Wily-Servlet
X-Jphone-Copyright
Worker
X-TempDebug
Be-Ip
X-Dev
X-N
X-Old-Content-Length
X-Wily-Info
Server2
Content-MD5
X-Frontend
Webluker-Edge
X-Cache-Age
Content-Transfer-Encoding
MirrorName
X-Li-Pop
X-Source-ID
X-LI-UUID
X-Li-Fabric
X-FS-UUID
X-Force
X-Trace-App
X-FreeTag-Count
X-PRAM
X-Ar-Debug
X-UPSTREAM
Nodo
X-Resolver-IP
X-Block
X-Channel-Maxage
X-Expires
PageSpeedFilters
SVR
Backend-Name-Original
X-Amz-Id-1
Fpc-Cache-Id
X-Id
X-ORACLE-DMS-ECID
X-Webapp
X-Router
Ngpass-All
X-Router-Backend
X-UseReverse-Proxy
X-Venda-Hitid
X-Accelerated-By
X-Powered-By-Server
Rt-Fastcgi-Cache
SFY
LBC
X-Request-Locale
X-Turbo-Control
X-REDIRECTSERVER
LFY
X-UD-REMOTE-ADDR
X-Origin-Id
X-PoweredBy
X-UD-Target
X-UD-Loopcounter
Content-Security-Policy-Report-Only
Cteonnt-Length
7e-Page-Cache
Front-End-Https
X-Grid-Server
X-Content-Age
Pool
X-ChromeLogger-Data
X-Developer
X-Varnish-ID
X-Frames-Options
X-ManagedFusion-Rewriter-Version
X-Rewritten-By
X-Real-Server
X-Origin
X-NginX-Server
Backend
Front
X-Hosting-Env
X-Info
X-Location-Id
X-DeliveryServer
X-Cache-Ttl
X-Hash
BM-Cache-Node
X-LB
BM-Cache-Key
X-Enhanced-By
X-Geo-IP-Region
ScoreTracker
X-Geo-IP-Metro
X-Geo-IPV
X-Cache-Lifetime
X-Geo-IP-Country
Cluster-ID
X-T3CacheTags
X-T3CacheInfo
Noq
Bs-Header
X-ATM-RTime
XX
X-B2f-Not-Route
Ttl
X-ATM-RServer
X-Goog-Hash
X-Uid
Www.Mabracertifiering.Se
X-Farm-Server
X-Via-Kemp
X-PvInfo
X-Varnish-Device
X-Kirra-SiteId
X-DTC
X-CacheServer
X-Varnish-Action
X-SSL
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
X-Powered
X-Country
X-Actindo-RS
CDN
Open.Jobgate.Se
Jobb.Assistentpoolen.Se
SRV
P3P:CP
X-Varnish-Cache-Local
Access-Control-Expose-Headers
Ksid
Jobb.Passal.Se
Fastcgi-Cache
X-Vhost-ID
Jobb.Gil.Se
SIP
Www.Myjob.Se
Www.Mirrorgate.Se
Cpu
X-ASTRO-REWRITE
Ram
X-Route
Test.Executivepeople.Se
X-Gannett-Site-Version
Compression-Control
Web-Server
Content-Instance
X-Max-Age
X-ProcessESI
Atp-Isdpp
Hamster
OriginServer
X-WR-MODIFICATION
PageSpeed
X-Garden-Version
Provided-Host
X-Server-By
X-Monstercache-Timeout
X-WP
At-Isb
X-RemovedCookies
At-Shoptype
Rt-Server
Author
Il-Cl
X-7dig
BALANCEDTO
X-7d-Version
Accept-Language
X-TempoPesquisa
X-7d-Traceid
X-Cache-On
X-OPNET-Transaction-Trace
X-Hrouter
X-Hstore
X-Empowered-By
AV1080
X-SV
X-PM-ID
X-MobileDetected
X-Uplex
X-Varnish-Cache-Server
Apache
AppDynamics-BT
X-Varnish-Restarts
X-Varnish-Debug-Pool-Fetch
X-Varnish-Debug-Pool-Recv
X-Varnish-URL
X-B2f-Cache-Load
X-Seen-By
X-Oracle-DMS-ECID
X-LAvg
X-Nginx-Host
X-NGINX-CACHED
X-Nginx-Backend
X-Response
X-Accel-Expires
X-EdgeRouter
X-NGINX-CACHED-AT
X-Internal-IP
X-ACCELERATE
X-T3Cache
Aoestatic
X-Varnish-HitMiss
X-Web-Node
X-Nginx-Server
WP-AdvCache-MemCached
X-Hostingcenter
X-Yottaa-Metrics
X-Varnish-Count
X-SilverStripe-Cache
Cmstype
X-ESI-Enable
X-XHR-Current-Location
X-FFX-B
WEBO
Cmsid
X-Yottaa-Optimizations
X-DefendeR-Runtime
X-Server-IP
X-Nginx-Cache
X-Magento-Action
X-Magento-Lifetime
X-Varnish-Cookie-Debug
X-App-Server
X-Vivastreet
Acdc-Web
X-Abuse
Backend-Host
X-Cache-Backend
X-Dynatrace
Server-N
User-Cache-Control
HAVer
Provider
X-FCMS-Cache
X-Vivastreet-KiwiiPage
X-Locale
X-VarnCache
X-Drupal-Cache-Tags
X-SDE-Name
Cneonction
X-UserAgent
HCVer
X-Server-Instance
Ec
X-SmugMug-Values
BM-Cache-Status
X-Allow-Redis
B-Powered-By
X-Lautre-Frontal
CP
X-GSL-Server
Smug-Env
X-SmugMug-Hiring
X-TTFB
X-TTFB-L
X-DELIVERYSERVER
Mark
X-Purge-Level
NnCoection
ServerIP
X-DEBUG
X-Created
X-Req-Host
X-V-TTL
X-V-Outer
X-V-I-TTL
X-Req-Url
X-Remote-Addr
X-ESI
Head
Publisher
X-Varnish-Debug-Hits
X-Cache-Key
X-TISSERVER
ExecutionTime
ServerId
Svr
X-NID
X-Hit
X-Cache-Route
No-Cookie
X-Catalyst
X-Pagename
X-Hit-Cache
X-Varnish-Debug-Age
X-MCB-Server
X-Distributed-By
X-Flex-Tag
X-Flex-Tags
X-Header-Set-Id
X-Distributor
X-Edge-Location
Ozcache
Secured
X-GC-App
X-GC-Read
X-GC-Write
Xc
ORIGIN
X-Flex-Evend
X-Flex-Community
X-Client-IP
X-Caching-Rule-Id
X-Node-Name
X-Flex-Evstart
X-Flex-Lang
X-Flex-Lastmod
Version
Tpt.Renderer1
X-Host-Url
Web-Head
X-Status
X-WA-Info
X-Hc-Host
X-CacheTTL
CacheControlHeader
X-Wm-1
X-Do-Not-Hack
SLB
No-Cache
X-ESI-Processing
After
Modurl
Before
X-Server-Generated
Disaptch-Cache-Rule
X-Unbounce-VisitorID
Cache-Ctrol
X-Unbounce-Variant
CC-CACHE
X-Unbounce-PageId
CC-UP
Modhost
Modcookie
IsFullSiteRequest
X-Time-Spent
Progma
Render
ServerConfigManager.WebBugTracker
X-CMS
X-Varnish-Currency
X-Varnish-Hit
Initialhost
Copyright
ExecuteNonQuerySQLParam
X-Wm-VIP
X-WLD-LB
Xforwardhost
Tpt.Renderer
X-PBY
Server-Optimized-By
X-Stackable-Node
X-Powered-Developer
X-RE-Ref
X-Page-Generation-Time
X-Artvisual-Server
X-Nucleus-Cache
X-SERVERID
X-TTL-Age
X-Symfony-Cache
X-Ratelimit
X-Page-Generated-At
X-JSON-API-LATENCY
SV-Duration
X-Confluence-Request-Time
X-Varnish-Ttl
Pool-Info
X-DB-Content-Length
X-DC-Origin-IP
X-IP-Address
F-In-Cache
X-ELC-Checkpoint4
ProxiaInstanceId
X-SERVER-ID
X-TLServer
Http
POOL
X-Fett
X-Life
MachineName
X-Upstream
Test
OGHopCount
X-Client-Addr
X-Debug
X-Your-GrandPa-Would-Wait
X-Cache-Set
X-Forwarded-Proto
X-Flow-Powered
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-MSEdge-Ref
X-IDS-WS
X-Continum-Server
X-Framework
X-Would-Your-GrandPa-Wait
X-Monstercache-Hash
X-NginX-Cache
X-Monstercache-Host
INCOMING-TIME
X-V
Redirect
X-Monstercache
Sid
UNIQUE-ID
SL-NOREWRITE-REDIRECTS
Tempo
X-AISO-Server
X-Backend-Name
Xonnection
X-WorkerInstancename
X-App-Container
X-Binarysec-Via
X-Wikidot-Backend
X-Wikidot-Static-Cache
X-Backend-IP
X-RSS-CACHE-STATUS
X-Jcms-Ajax-Id
SharePointError
X-DSMX-Render-MS
X-Pixelsilk-Server
X-Pixelsilk-Version
X-Benchmark-Sphinx-Count
X-Benchmark-Total
X-Edge-IP
XDisk
Content
X-Cluster
Portlet.Expiration-Cache
X-Benchmark-Sphinx
X-Original-IP
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-Feed
X-Benchmark-Cache
X-Backend-Ip
X-Benchmark-Db
X-Pb-Mii
X-Mii-Cache-Hit
Nginx-Cache
X-S-Misc
X-DSMX-Rewrite-MS
Foglight-Request-UUID
X-Varnish-Hashed-On
X-SATserver
User-Updated-At
User-Id
X-Server-Node
DBG-HTTPHOST
X-ATP-Server
X-MSU-SOURCE
X-Device-Group
Www.Aujourdhui.Com
X-SiteConInfo
DBG-TargetHost
DBG-Timestamp
X-N-ViewType
X-AISO-Cache
IsMobile
Ez
X-Var-Hash
X-Url-Store
S-Cnection
X-PS-MURDOCK-ORIG-PROTOCOL
X-WAP
CountryCode
X-Cluster-Host
WebDevSrc
X-Config-By
X-VarnPar1
AcceptLangage
X-VarnPar2
X-Mobile
X-PS-MURDOCK-ORIG-FILEEXT
Prama
X-Checkout
TP-Cache
TP-L2-Cache
X-Backend-Status
X-AccessDev
Requested-Host
X-Cookie-Store
X-Haiku
X-PS-MURDOCK-CASE-NORMALIZATION
X-Rack-Cors
X-Hosting
X-Dokk-PortalId
X-Webstats-RespID
BE
X-Mod-Oboe-PS
Tracker
X-VG-WebCache
X-Ocache
Hej
X-Pagecache
Ibf5scheme
X-B
X-Bcwwwid
X-Generation-Time
X-ACLR-Version
X-GLaDOS
X-FarmId
MGIT
X-Author
X-D-Time
X-Snapsis-PageBlaster
Content-Cache
'Ibf5scheme'
X-ServerId
X-Req-Counter
X-T
Hotelbookingid
X-Time-Microsecs
Accept
SBMCLOUD
Mime-Version
X-Revision
WP-Cache
X-Timestamp
MageStack-Tag
Robots
X-BIN
X-Process-Time
X-RNDPAGE
X-Trans-Id
X-Site
X-MidCOM-Meta-Cache
X-TAG
X-Dynamic
X-HITS
X-Brought-To-You-By
Esi-Enabled
X-Varnish-Hostname
MageStack-Config
Cached
Countrycode
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
MageStack-Debug
X-Optimization
WFE
X-Full-URL
X-Instart-Request-ID
X-Czt
X-Varnish-Set-Cookie
MageStack-Cache
MageStack-Cache-Lifetime
MageStack-Cache-Hits
MageStack-Area
X-HW
MageStack-Cacheable
B2C-HG-008
MageStack-Cache-Status
MageStack-Loadbalancer
X-Request-Received
X-AVG
X-AVG-REWRITE
X-Cached-From
X-Debug-Token
SobiPro
OutputRewritten
X-Src-Loadbalancer
AppServer
D
X-HOSTTYPE
X-USERNAME
X-EPiphany-Vid
X-Lang
X-Request-Processing-Time
X-Client-Vid
MageStack-PageSpeed
Language
Last-Published
Railo-Version
MageStack-Response-Ttl
X-Environment
X-Cache-Varnish
Http.Set-Cookie
Nitro-Cache
DB-Nickname
X-Svr-Id
X-Back
X-Dynatrace-Js-Agent
X-Gondor-Server
PS-CapabilityList
X-Aberdeen-Cache
X-RequesterIP
X-ServedByHost
X-Seschat-URL
X-GeoIP-Country
Tracecode
X-Aberdeen-Site
X-Cluster-ID
Server-IP
X-Download-Options
X-Content-Parsed-By
X-Papaya-Gzip
X-Papaya-Cache
Noahs-Classifieds
X-Varnish-Max-Age
X-Job-Offer
HTTP
X-Compressed-By
Fw-Via
Title
If-Modified-Since
Sigma
X-PHP-Cache
Description
X-Cache-Host
Keywords
X-SeschatDID
X-SeschatLayout
X-Wix-Request-Id
X-Wix-Route-ID
CACHED-RESPONSE
X-Wix-Renderer-Server
X-Debug-Serve
X-HeBS-Cache-Status
X-Instance
Mobiquo-Is-Login
Rt-Proxy-Cache
X-B2f-Cache-NotFromUrl
X-Apublish-Id
X-Cache-Control
X-Cache-Via
ID
X-ErrorPage
X-CacheStore
X-CMS-Server
X-CCM
X-VAR-VCacheCount
X-VAR-BackendHealthy
X-VAR-Hash
X-VAR-Host
X-VAR-Backend
X-VAR-Apache
X-SeschatRedID
X-SeschatTemplateID
X-VAR-Logic
X-VAR-Mobile
X-VAR-TTL
X-VAR-Url
X-VAR-VCache
X-VAR-Server
X-VAR-RequestType
X-VAR-PageSpeed
X-VAR-Referer
Apple-Itunes-App