Threat Level: green Handler on Duty: Brad Duncan

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Date
Content-Type
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
Link
P3P
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
Content-Location
Keep-Alive
X-Frame-Options
CF-RAY
X-Varnish
X-Check
X-Language
X-Buckets
X-Template
X-Cacheable
Access-Control-Allow-Origin
P3p
X-Generator
X-Drupal-Cache
X-Ac
X-Hacker
WP-Super-Cache
Status
MS-Author-Via
X-Powered-By-Plesk
X-AspNetMvc-Version
X-Pad
X-Runtime
X-Geo
X-Geo-Port
Strict-Transport-Security
X-Request-Id
X-Powered-CMS
X-Host
MicrosoftOfficeWebServer
X-Type
X-Cache-Group
Access-Control-Allow-Credentials
X-Server
Ngpass-Ngall
X-FRAME-OPTIONS
X-Cache-Lookup
X-Logged-In
X-Mod-Pagespeed
X-UA-Device
X-Cache-Hits
Host-Header
X-Rack-Cache
X-Url
MicrosoftSharePointTeamServices
X-XRDS-Location
X-Via
X-Iinfo
X-Tumblr-User
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Forwarded-For
X-Backend
Access-Control-Allow-Headers
X-Tumblr-Pixel-1
Content-Encoding
SPRequestGuid
X-SharePointHealthScore
X-CF-Powered-By
Access-Control-Allow-Methods
X-Robots-Tag
X-Served-By
X-Varnish-Cache
X-Accel-Version
X-Tumblr-Pixel-2
X-INKT-URI
X-INKT-SITE
X-Page-Speed
X-Cnection
X-BC-Is-HA
X-ContextId
X-PhApp
X-ServedBy
X-MS-InvokeApp
X-CDN
X-ShardId
X-Alternate-Cache-Key
X-ShopId
X-Webserver
Composed-By
X-Safe-Firewall
Served-By
X-Hostname
X-Pass-Why
X-Cache-Hit
X-Firenze-Processing-Times
X-PC-Key
X-PC-Hit
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-PodId
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Request-ID
X-Seen-By
X-Port
X-XN-Trace-Token
X-AH-Environment
X-XN-XNHTML
X-Tumblr-Pixel-3
X-Dc
X-Cache-Status
X-Powered-By-360WZB
Cartoon
X-Age
X-Spip-Cache
Liferay-Portal
Content-Script-Type
Content-Style-Type
Cf-Railgun
Content-Security-Policy
X-Amz-Id-2
X-Amz-Cf-Id
X-Umbraco-Version
X-Server-Name
X-Amz-Request-Id
X-HeyJason
X-Cache-Info
X-Content-Digest
Request-Id
SPIisLatency
SPRequestDuration
X-Source
X-Rot
X-W-DC
X-Wix-Renderer-Server
X-Cache-Server
X-FB-Debug
X-Wix-Dispatcher-Cache-Hit
X-Served-From-Cache
X-Wix-Request-Id
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
X-Styx-Build-Date
X-Styx-Build-Num
X-Styx-Version
X-Pantheon-Endpoint
Rating
X-Styx-Build-Sha
X-Cache-Result
X-SERVER
X-Hyper-Cache
X-Outils-CS
X-DynaTrace
X-Timer
X-Device
Powered-By-ChinaCache
Real-Hostname
X-TN-ServedBy
X-FullPageCaching
CF-Cache-Status
X-PHP-Engine
X-Loop
TCN
X-VCache
X-Tumblr-Pixel-4
X-Px
DynaTrace
Refresh
X-TNCMS-Memory-Usage
X-TNCMS-Version
X-TNCMS-Render-Time
X-TNCMS-Served-By
X-PersistenceNode
X-Cached-By
X-Mobilized-By
NS-RTIMER-COMPOSITE
Imagetoolbar
X-Cached
X-Generated-By
Magicmarker
Page-Completion-Status
X-Original-Content-Length
X-Microcachable
X-Tumblr-Content-Rating
IBM-Web2-Location
X-Cache-Enabled
X-DynaTrace-JS-Agent
X-CDN-Any-IP
X-CDN-Geo-IP
X-CDN-Geo
X-Content-Encoded-By
X-From
X-Loc
Powered-By
Product
X-W3TC-Minify
X-Matrix-Proxy
X-Matrix-Server
X-Tumblr-Pixel-5
X-CMS-Version
Thanks
X-Content-Security-Policy
X-Zephyr
X-Backend-Server
X-Powered-By-Anquanbao
Access-Control-Max-Age
Charset
X-DDC-Arch-Trace
X-Firenze-Processing-Time
PICS-Label
Generator
X-Clacks-Overhead
X-Permitted-Cross-Domain-Policies
Content-Encoding-Handler
X-Node
X-Served-With
Proxy-Agent
ServedBy
Node
X-WebKit-CSP
X-FW-Hash
Retry-After
X-Varnish-Cacheable
X-Content-Options
X-I
Response
MIME-Version
X-FW-Type
X-FW-Static
X-FW-Serve
Lsrequestid
X-Varnish-Backend
X-App-Hosting
X-Processed-By
X-Varnish-Host
X-User-Agent
X-Cache-Debug
X-Drectory-Script
X-Cf-Powered-By
X-SDS
X-ATG-Version
X-Sol
Set-Cookie2
X-DNS-Prefetch-Control
ServerName
SID
X-Cache-Expires
X-UD-Method
X-Purge-Host
X-UD-Host
Pics-Label
X-AspNetWebPages-Version
Access-Control-Request-Method
X-Jimdo-Pid
X-Jimdo-Wid
X-Middleton-Response
X-NoCache
X-Expires-Orig
RTSS
X-Varnish-TTL
X-Original-Request
Content-Disposition
X-Hits
X-Handled-By
Host
X-VARNISH-Cache
X-Passed-To-DLL
X-Duration
X-Returned-From-PostProcessResponse
X-Passed-To
X-Returned-From-BeforeDispatch
X-Passed-To-BeforeDispatch
X-Returned-From-DLL
X-Passed-To-PostProcessResponse
X-Actual-URL
X-Returned-From
IISExport
X-Cache-Config
X-ApacheServer
X-PF-Uncompressing
Cache-By-Node
X-TTL
X-Nitra-Side
X-LiteSpeed-Cache
Accept-Encoding
AMF-Ver
X-SN
X-Swift-CacheTime
X-Swift-SaveTime
X-Micro-Cache
X-Cache-Control-Orig
VAR-Cache
X-Director
X-Hosted-By
Edge-Control
X-PwB-Node
X-Cookie-Domain
X-Vary-Options
X-Purge-URL
X-PERF
COMMERCE-SERVER-SOFTWARE
Display
X-Middleton-Display
Fhost
X-Varnish-Hits
X-Version
MJ12bot
SEOMOZ
X-ServerID
SN
Cm-Server
Surrogate-Control
X-FORWARDED-FOR
Cache
Machine
NODE
X-Front
S
X-FIRSTBase
X-Speed-Cache-Key
X-Speed-Cache
Id
X-Yadis-Location
Website-Info
Server-Info
X-App-Status
X-Varnish-IP
X-Track
X-Art-Request-Id
X-MiniProfiler-Ids
X-Cocoon-Version
X-Engine
X-Whom
Filter-Revision
X-CJ-Soft
X-Blog
WWW-Authenticate
X-Session-Reinit
X-URL
Grace
X-WebServer
Ngpass-Vcall
X-Cache-Rule
X-Varnish-Age
X-S
X-Domain-Checked
X-Provisioner-Version
X-Highwire-SessionId
X-Highwire-RequestId
X-Response-Time
Srv
Req-Id
Server-Name
X-GeoIP-Country-Name
X-GeoIP-Country-Code
X-ServerName
X-Trace-Cache
X-Device-Type
X-Stale
Accept-Charset
X-Microcache-Status
Powered
X-Amz-Meta-S3cmd-Attrs
Qs-Cache
X-SRV
ServerID
X-FW
X-ACMCache
X-Time
X-Distil-CS
CC-CACHE
Upgrade
A-Powered-By
Microsoftsharepointteamservices
X-Cache-Operation
X-BackendServer
NtCoent-Length
Fpc-Cache-Id
X-Directory-Script
Proxy-Connection
X-Proxy-Cache
X-App
X-Xrds-Location
X-Translation
Nodo
Webluker-Edge
Location
X-Varnish-Object-Age
X-Sharepointhealthscore
Sprequestguid
X-Cdn
X-WEBSERVER
X-Country-Code
X-Ttl
X-Varnish-Cache-Hits
X-Server-ID
X-ID
MIH-PUBLIC-IDENTIFIER
X-Srv
NetMindSessionID
X-Ms-Invokeapp
Buuteeq-Source
MIH-CLIENT-FARM
X-Orig-Vary
X-Tumblr-Pixel-6
MIH-PLATFORM
X-Varnish-Server
Content-Transfer-Encoding
X-Gamma-Serve
No
X-LIGHTHTTP-PCDID
X-Varnish-Beresp-Grace
X-Vtex-Processado-Em
X-Varnish-Beresp-Status
X-Varnish-Beresp-Ttl
X-Vtex-Remote-Cache
X-Powered-By-VTEX-Janus-Router
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processed-At
X-VTEX-Cache-Status-Janus-Edge
X-VTEX-Cache-Status-Janus-ApiCache
X-Powered-By-VTEX-Janus-ApiCache
X-Powered-By-VTEX-Janus-Edge
X-Sys-Req-ID
X-Source-Host
X-Bettercache-Proxy
X-Frontend
X-AOL-SNH
X-Adobe-Content
X-Twitter-Response-Tags
X-Transaction
X-Cache-Age
X-Geo-IP
CT
X-Header
X-Cache-Action
Ms
X-Connection-Hash
Backend
Rt-Fastcgi-Cache
X-Location-Id
X-Source-ID
Origin
X-Secret
X-CHSN
MW-Webserver
X-Object-Type
NLCacheNote
X-TempDebug
Server2
Dispatcher
SS
X-Cache-On
Cteonnt-Length
X-Object-Id
X-CacheHits
X-MJ-Upstream-Addr
Author
X-Wily-Info
X-Src-Webcache
Beyond-Iis
X-Cluster-Node
X-Wily-Servlet
CommunityServer
X-Recruiting
Apache
PageSpeed
X-Info
X-Varnish-HitMiss
X-Varnish-Count
X-Grid-Server
XDomainRequestAllowed
X-Enhanced-By
Allow
X-Machine-Name
X-Cache-Lifetime
X-Resolver-IP
X-ORACLE-DMS-ECID
X-FS-UUID
X-Li-Fabric
X-Li-Pop
X-Debug
X-Cache-TTL
X-LI-UUID
-GCR
X-Venda-Hitid
LBVIS
X-FreeTag-Count
X-N
X-Server-Id
X-Atraveo-From-Varnish-Cache
X-Atraveo-TTL
X-Atraveo-Cache-Control
X-Atraveo-Varnish-Server-Id
X-Id
X-Server-By
X-Atraveo-NC
X-PRAM
Content-MD5
X-Expires
X-Old-Content-Length
X-Empowered-By
X-Amz-Id-1
X-GeoIP
MirrorName
X-Developer
From
X-ChromeLogger-Data
X-Force
X-Turbo-Control
Public-Key-Pins
X-Accelerated-By
SiteName
X-MJ-Serve-Req-Time
UniqueName
X-Stage
X-Trace
X-Cached-Status
Backend-Name-Original
X-Request-Locale
Access-Control-Expose-Headers
X-Router-Backend
X-UseReverse-Proxy
X-ManagedFusion-Rewriter-Version
X-Powered-By-Server
X-Rewritten-By
X-Vhost
X-N-ViewType
Warning
SVR
X-Nginx-Server
X-Channel-Maxage
X-Block
X-ServerCache-Info
X-Trace-App
X-Frames-Options
X-Ar-Debug
X-Webapp
X-Varnish-Cache-Local
X-Router
LFY
X-PvInfo
X-Geo-IPV
X-Geo-IP-Region
X-Geo-IP-Metro
X-UD-Target
X-UD-REMOTE-ADDR
X-UD-Loopcounter
X-Distributed-By
Cmsid
X-Geo-IP-Country
Cmstype
SFY
X-Garden-Version
X-Uid
X-GSL-Server
X-Max-Age
X-Varnish-Debug-Hits
X-Vhost-ID
X-Varnish-Debug-Age
X-Webkit-CSP
X-T3CacheInfo
X-Cache-Ttl
Front
Worker
X-Cms-Mode
Provided-Host
X-Jphone-Copyright
X-Dev
X-Origin-Id
X-Upstream
X-Accel-Expires
Mark
BM-Cache-Key
Be-Va
X-Real-Server
Be-Ip
X-WR-MODIFICATION
X-Remote-Addr
X-UPSTREAM
ScoreTracker
REFRESH
BM-Cache-Node
X-Hosting-Env
X-Yottaa-Metrics
X-GC-App
X-GC-Write
X-CacheTTL
X-Yottaa-Optimizations
CDN
Cluster-ID
X-Farm-Server
X-GC-Read
Noq
X-Drupal-Cache-Tags
ServerConfigManager.WebBugTracker
X-ESI
Tpt.Renderer
Tpt.Renderer1
SS-Request-ID2
X-Kirra-SiteId
Render
IsFullSiteRequest
X-Response
X-SSL
X-T3CacheTags
After
Before
Hamster
ExecuteNonQuerySQLParam
Ram
Rt-Server
WP-Cache
XX
SIP
WFE
Ttl
X-PM-ID
X-Origin
Web-Server
X-B2f-Not-Route
X-Varnish-ID
X-Via-Kemp
Cpu
X-Powered
X-OPNET-Transaction-Trace
Cache-Ctrol
X-Goog-Hash
AppDynamics-BT
Ksid
X-Powered-By-Yqk
X-HOSTNAME
X-ATM-RServer
No-Cookie
X-ATM-RTime
ORIGIN
User-Id
Version
X-Content-Age
7e-Page-Cache
User-Updated-At
Cneonction
X-SilverStripe-Cache
WP-AdvCache-MemCached
X-Cache-Set
X-Yqk-Set
Last-Published
X-Varnish-Action
OriginServer
At-Shoptype
BM-Cache-Status
At-Isb
LBC
Aoestatic
X-Phpwcms-Page-Processed-In
X-HostName
X-Phpwcms-Release
Atp-Isdpp
Provider
X-Server-Instance
X-Varnish-Device
Jobb.Gil.Se
X-Distributor
Jobb.Passal.Se
Jobb.Assistentpoolen.Se
Copyright
Edgecast
Progma
Compression-Control
X-Gannett-Site-Version
Content-Security-Policy-Report-Only
BALANCEDTO
Backend-Host
X-Client-IP
Il-Cl
X-Actindo-RS
X-Nginx-Host
X-Web-Node
X-Pagename
X-Purge-Url
X-Hit-Cache
X-SV
X-WP
X-Vivastreet-KiwiiPage
X-Catalyst
X-Vivastreet
X-B2f-Cache-Load
X-Monstercache-Timeout
Www.Mirrorgate.Se
Www.Mabracertifiering.Se
Test.Executivepeople.Se
P3P:CP
Www.Myjob.Se
Content-Instance
X-Monstercache-Host
X-Monstercache-Hash
X-Monstercache
X-Abuse
Open.Jobgate.Se
X-ASTRO-REWRITE
X-BS
X-DTC
Sid
Redirect
X-Host-Url
X-Varnish-Currency
X-CacheServer
X-Varnish-Cache-Server
X-FFX-B
X-Nginx-Backend
CP
SRV
X-ESI-Enable
X-Route
X-Client-Vid
X-MCB-Server
X-EPiphany-Vid
X-DeliveryServer
HAVer
X-LB
HCVer
X-ACCELERATE
X-Varnish-URL
X-DefendeR-Runtime
X-WorkerInstancename
ServerId
X-EdgeRouter
Server-N
X-Allow-Redis
X-Purge-Level
B-Powered-By
PServer
ServerIP
X-IDS-WS
X-MobileDetected
X-Varnish-Cookie-Debug
X-Node-Name
X-Hstore
X-Hrouter
PageSpeedFilters
X-Artvisual-Server
Ec
X-ARR
X-Flex-Tags
User-Cache-Control
X-Flex-Lastmod
X-Flex-Lang
SV-Duration
Foglight-Request-UUID
X-Server-Generated
X-Hit
X-Flex-Tag
X-Symfony-Cache
Front-End-Https
Nitro-Cache
X-Compressed-By
X-MSEdge-Ref
X-WA-Info
INCOMING-TIME
Content
Acdc-Web
X-Flex-Evstart
X-Instart-Request-ID
X-T3Cache
Pool
X-Hash
X-Full-URL
Svr
X-Binarysec-Via
Pool-Info
X-Varnish-Debug-Pool-Recv
X-Varnish-Restarts
If-Modified-Since
Test
X-TTFB
X-Varnish-Debug-Pool-Fetch
X-Brought-To-You-By
X-SmugMug-Hiring
Sigma
X-SmugMug-Values
X-Uplex
X-Flow-Powered
TP-Cache
TP-L2-Cache
X-TTFB-L
X-DB-Content-Length
Smug-Env
X-Client-Addr
X-Edge-Location
Accept-Language
Ibm-Web2-Location
X-Confluence-Request-Time
X-Dynamic
X-Server-Node
X-Flex-Community
X-Flex-Evend
X-LAvg
X-CCM
X-Internal-IP
X-FCMS-Cache
X-IP-Address
Ozcache
Server-Optimized-By
Xonnection
NnCoection
X-RemovedCookies
X-ProcessESI
Bs-Header
X-NginX-Server
Head
X-Oracle-DMS-ECID
X-Wix-Route-ID
X-NginX-Cache
X-Magento-Action
X-Cache-Backend
X-Magento-Lifetime
X-Time-Spent
X-SeschatDID
X-Timestamp
X-Trans-Id
X-Seschat-URL
X-Mobile
X-CMS
X-SATserver
X-SeschatTemplateID
Mobiquo-Is-Login
X-SeschatLayout
Tempo
X-SeschatRedID
X-Planisys-CDN-Rules
X-NID
X-S-Misc
X-TLServer
No-Cache
X-AISO-Server
X-AISO-Cache
X-Revision
X-Generation-Time
X-Framework
X-D-Time
X-Unbounce-VisitorID
X-Unbounce-Variant
X-Unbounce-PageId
X-7dig
X-7d-Version
D
X-Wikidot-Static-Cache
PROPSON-FARM
X-Cluster-ID
X-Planisys-CDN-Cache
X-Environment
X-Wikidot-Backend
X-USERNAME
Tracker
X-7d-Traceid
X-Gondor-Server
X-HOSTTYPE
X-Svr-Id
SLB
X-Powered-Developer
X-Ratelimit
X-PS-MURDOCK-ORIG-PROTOCOL
X-Server-IP
X-TTL-Age
X-UserAgent
X-PS-MURDOCK-ORIG-FILEEXT
X-PS-MURDOCK-CASE-NORMALIZATION
X-JSON-API-LATENCY
X-Locale
X-Page-Generated-At
X-Page-Generation-Time
X-Varnish-Set-Cookie
X-Webstats-RespID
MGIT
Publisher
X-App-Server
X-Author
MachineName
Ibf5scheme
X-Would-Your-GrandPa-Wait
X-XHR-Current-Location
X-Your-GrandPa-Would-Wait
Xc
X-Hosting
X-ELC-Checkpoint4
MageStack-Tag
Ngpass-All
X-Fett
X-Hostingcenter
X-Nucleus-Cache
DBG-Timestamp
DBG-TargetHost
X-SERVER-ID
POOL
X-CACHE-TTL
DBG-HTTPHOST
ExecutionTime
Hotelbookingid
Portlet.Expiration-Cache
X-Country
X-DC-Origin-IP
X-Dokk-PortalId
F-In-Cache
X-Stackable-Node
X-Cluster-Host
X-Config-By
X-Optimization
X-REDIRECTSERVER
X-Benchmark-Cache
SL-NOREWRITE-REDIRECTS
MageStack-Config
MageStack-Cacheable
MageStack-Cache-Status
X-Benchmark-Total
MageStack-Debug
X-PBY
MageStack-Response-Ttl
MageStack-PageSpeed
X-Benchmark-Sphinx-Count
MageStack-Loadbalancer
MageStack-Cache
X-Time-Microsecs
X-Benchmark-Sphinx
MageStack-Cache-Hits
MageStack-Cache-Lifetime
X-Benchmark-Db
MageStack-Area
X-App-Container
Servername
Fw-Via
X-Magnolia-Registration
X-Pb-Mii
X-Mii-Cache-Hit
X-PHP-Cache
CACHED-RESPONSE
OutputRewritten
CountryCode
X-Gyrobase-Publication
AcceptLangage
X-Cache-Key
X-DSMX-Rewrite-MS
X-DSMX-Render-MS
ProxiaInstanceId
X-Created
X-Mod-Oboe-PS
X-Backend-Status
X-ATP-Server
W
X-Device-Group
X-Domino-CacheValidationWithETagResult
X-Obvious-Info
X-Obvious-Tid
X-RequesterIP
X-Nocache
X-GL-SRV
X-Client-Id
X-GeoIP-Country
X-Varnish-Mode
S-Cnection
CData
CPOINT
97YES.COM
X-Work-With-Me
X-Snapsis-PageBlaster
X-Edge-IP
X-Aws-Ec2
UNIQUE-ID
X-Var-Hash
X-Turpentine-Cache
X-Turpentine-Esi
X-Url-Store
XDisk
X-Cookie-Store
X-Domino-CacheValidationWithETagReason
X-Varnish-Esi-Access
X-Varnish-Esi-Method
X-AspNet-Browser-ID
X-Test
X-ProxyInstancename
Disaptch-Cache-Rule
X-Varnish-Store
X-WLD-LB
X-Checkout
Www.Aujourdhui.Com
X-Wm-1
X-Varnish-Hit
X-V-TTL
X-Wm-VIP
X-Process-Time
SBMCLOUD
AC-ELC
X-Life
X-V-Outer
X-V-I-TTL
X-Site
X-Req-Url
X-Cache-Host
X-Status
X-Req-Counter
X-Provided-By
Server-IP
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-Do-Not-Hack
X-PoweredBy
OGHopCount
Modurl
Time
X-MSU-SOURCE
X-Ec-Custom-Error
X-ACLR-Version
Modhost
Modcookie
CC-UP
X-Cache-Via
X-WAP
Esi-Enabled
Content-Cache
Initialhost
Xforwardhost
X-AccessDev
X-Hc-Host
X-NGINX-CACHED-AT
Keywords
Description
X-Forwarded-Proto
X-Continum-Server
X-Varnish-Max-Age
X-Debug-Token
IsMobile
X-NGINX-CACHED
X-Req-Host
X-RSS-CACHE-STATUS
WebDevSrc
X-Middleton-PageSpeed
X-Nginx-Cache
X-VHOST
X-Varnish-Ttl
X-Cluster
Countrycode
X-Pixelsilk-Server
X-Pixelsilk-Version
X-RE-Ref
Access-Control-Allow-Method
X-CMS-Powered-By
AV1080
X-Medium-Entity-Type
X-Medium-Entity-Id
X-Header-Set-Id
Http
V-Cache
X-IP
X-APP
X-Debug-Serve
X-Backend-Ip
X-Frontal
X-Nc
X-ESI-Processing
Server-Ip
Prama
Requested-Host
X-SDE-Name
X-VG-WebCache
Vacache
X-B
Host-Service
DB-Nickname
X-FRONT-TTL
X-View
X-TAG
X-GitHub-Request-Id
B2C-F-008
X-Czt
X-Cache-Control
X-Apublish-Id
Language
EWHSERVER
X-Http-Host
X-RNDPAGE
X-BIN
X-Amz-Version-Id
Web-Head
X-Accel-Cache-Control
Z-NginxStatus
MwpReleaseVersion
DrivedBy
Protected-By
Arr-Disable-Session-Affinity
TIMESTAMP
Rt-Proxy-Cache
X-Papaya-Cache
X-Docuri
X-Ocache
X-CMS-Server
X-Papaya-Gzip
X-Xhr-Current-Location
X-Upstream-Server
X-D2id
X-Cached-From
X-Instance
X-ASPID
X-Answer
X-Libra-UpstreamHost
X-DELIVERYSERVER
X-Cdn-View
X-NSPID
X-Nginx-UpstreamHost
X-Nginx-Pool
X-Dynatrace-Js-Agent
X-Src-Loadbalancer
BrandBucket-Domain
Robots
Ap-Exec-Time-Mks
X-CID
X-DN-Cache-Control
Srv-N
X-CCC
X-T
AppServer
X-Bcwwwid
X-JG-Page-Cache
X-Panel-Name
X-FarmId
X-V
X-VhostID
X-Varnish-Hashed-On
HGR-NOCACHE
X-HW
X-Panel-Id
X-Content-Parsed-By
X-Cms-Server
Content-ID
BE
X-Caching-Rule-Id