Threat Level: green Handler on Duty: Tom Webb

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
Link
X-AspNet-Version
P3P
X-Content-Type-Options
X-XSS-Protection
X-Cache
Age
Content-Language
X-Adblock-Key
X-UA-Compatible
X-Frame-Options
Via
Keep-Alive
CF-RAY
X-Language
X-Template
X-Check
X-Buckets
Content-Location
X-Varnish
P3p
X-Cacheable
Access-Control-Allow-Origin
Alternate-Protocol
X-Generator
X-Drupal-Cache
WP-Super-Cache
X-Ac
X-Hacker
Strict-Transport-Security
Status
X-Powered-By-Plesk
MS-Author-Via
X-AspNetMvc-Version
X-Request-Id
X-Runtime
X-Geo-Port
X-Geo
X-Pad
X-Powered-CMS
X-Mod-Pagespeed
X-Type
X-Pass-Why
X-Cache-Group
X-Xss-Protection
Access-Control-Allow-Credentials
Ngpass-Ngall
X-Logged-In
MicrosoftOfficeWebServer
X-Cache-Hits
X-Cache-Lookup
Host-Header
X-Host
X-UA-Device
X-Server
X-Proxy-Cache
X-Iinfo
MicrosoftSharePointTeamServices
X-Via
Access-Control-Allow-Headers
Access-Control-Allow-Methods
X-Backend
X-Tumblr-Pixel
X-Tumblr-Pixel-0
SPRequestGuid
X-Tumblr-User
X-SharePointHealthScore
X-Rack-Cache
X-XRDS-Location
X-Robots-Tag
X-Served-By
X-CF-Powered-By
X-Tumblr-Pixel-1
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-PodId
X-Dc
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId-Cached
X-Varnish-Cache
X-Accel-Version
X-CDN
X-ContextId
X-ShardId
X-Alternate-Cache-Key
X-ShopId
X-ServedBy
X-MS-InvokeApp
X-Safe-Firewall
Content-Encoding
X-Cnection
X-Tumblr-Pixel-2
X-Seen-By
X-Hostname
X-INKT-SITE
X-INKT-URI
X-BC-Is-HA
X-Webserver
X-PhApp
X-PC-Hit
X-PC-Key
X-PC-Date
X-PC-Host
X-PC-AppVer
X-Page-Speed
Composed-By
X-Cache-Hit
X-FullPageCaching
Served-By
Content-Security-Policy-Report-Only
X-FRAME-OPTIONS
X-Port
X-AH-Environment
Cartoon
X-Firenze-Processing-Times
Public-Key-Pins
X-Cache-Status
X-Tumblr-Pixel-3
X-Age
X-Amz-Cf-Id
Cf-Railgun
X-W-DC
X-HeyJason
X-XN-Trace-Token
X-XN-XNHTML
X-Request-ID
Request-Id
X-Wix-Renderer-Server
X-Spip-Cache
X-Powered-By-360WZB
X-Wix-Request-Id
Content-Security-Policy
Liferay-Portal
SPIisLatency
X-Wix-Dispatcher-Cache-Hit
SPRequestDuration
X-Served-From-Cache
Content-Script-Type
Content-Style-Type
CF-Cache-Status
X-Content-Digest
X-Amz-Id-2
X-Amz-Request-Id
X-Umbraco-Version
X-Styx-Req-Id
X-Pantheon-Styx-Hostname
X-Styx-Build-Num
X-Styx-Build-Sha
X-Styx-Version
X-Pantheon-Endpoint
X-Styx-Build-Date
X-Server-Name
X-Timer
X-Cache-Server
X-Clacks-Overhead
Powered-By
X-Cache-Info
X-SERVER
X-Hyper-Cache
Rating
X-DynaTrace
X-Turbo-Charged-By
X-Cache-Enabled
X-Device
X-Outils-CS
TCN
X-TN-ServedBy
Real-Hostname
X-Tumblr-Pixel-4
X-Loop
X-Cache-Resuilt
X-PHP-Engine
X-VCache
X-Px
DynaTrace
X-Forwarded-For
X-Cached-By
X-Url
X-From
X-FB-Debug
X-CDN-Any-IP
X-CDN-Geo-IP
X-CDN-Geo
X-TNCMS
X-PersistenceNode
NS-RTIMER-COMPOSITE
X-Cached
X-Microcachable
Refresh
X-Hits
Imagetoolbar
X-Generated-By
Ms-Author-Via
X-Tumblr-Content-Rating
Product
Access-Control-Max-Age
Charset
Powered-By-ChinaCache
Page-Completion-Status
Magicmarker
X-Backend-Server
X-Loc
IBM-Web2-Location
X-FW-Hash
X-Content-Security-Policy
X-FW-Serve
X-Content-Encoded-By
X-FW-Static
X-FW-Type
X-Matrix-Proxy
X-Matrix-Server
X-Tumblr-Pixel-5
X-CMS-Version
X-DynaTrace-JS-Agent
X-Permitted-Cross-Domain-Policies
X-Zephyr
X-Mobilized-By
Response
X-Director
X-Node
X-Processed-By
X-User-Agent
CC-CACHE
X-Jimdo-Wid
X-Jimdo-Pid
Thanks
X-SDS
ServedBy
X-DDC-Arch-Trace
X-Content-Options
X-Middleton-Display
X-Sol
Display
X-Middleton-Response
Access-Control-Request-Method
Generator
X-I
X-Firenze-Processing-Time
X-Version
X-Swift-CacheTime
X-Swift-SaveTime
X-Powered-By-Anquanbao
X-MiniProfiler-Ids
Grace
X-Cache-Config
X-App-Hosting
X-UD-Method
X-UD-Host
X-Expires-Orig
PICS-Label
X-Whom
Node
X-Varnish-TTL
X-AspNetWebPages-Version
X-WebKit-CSP
X-Purge-Host
X-Micro-Cache
X-ApacheServer
Ngpass-Vcall
X-W3TC-Minify
X-DNS-Prefetch-Control
SID
Vacache
Retry-After
X-Country-Code
Lsrequestid
X-ATG-Version
X-Varnish-Host
RTSS
Edge-Control
Content-Disposition
Host
X-Cache-Expires
Content-Encoding-Handler
X-Cache-Debug
X-Varnish-Backend
X-Cache-Result
X-Hosted-By
VAR-Cache
Proxy-Agent
X-Instart-Request-ID
Pics-Label
MIME-Version
X-Purge-URL
X-Original-Request
Surrogate-Control
Accept-Encoding
X-Handled-By
X-SRV
X-Nitra-Side
Alt-Svc
X-URL
X-Actual-URL
X-Passed-To-DLL
X-Passed-To-PostProcessResponse
X-Returned-From-BeforeDispatch
X-Returned-From-PostProcessResponse
X-Passed-To
X-Passed-To-BeforeDispatch
X-Returned-From-DLL
X-Returned-From
Set-Cookie2
X-FW
COMMERCE-SERVER-SOFTWARE
X-PF-Uncompressing
X-FORWARDED-FOR
X-PERF
X-NoCache
X-PwB-Node
X-TTL
ServerName
X-Duration
X-Cdn
X-Varnish-Hits
Proxy-Connection
X-ACMCache
X-Varnish-Cacheable
X-Varnish-IP
WWW-Authenticate
X-ServerID
IISExport
Srv
Fpc-Cache-Id
X-Cookie-Domain
X-Varnish-Cache-Hits
X-CJ-Soft
X-Drectory-Script
S
X-Yadis-Location
X-App-Status
Rt-Fastcgi-Cache
Cache
X-Front
X-Track
X-Tumblr-Pixel-6
Cm-Server
NODE
X-Art-Request-Id
ServerID
X-Speed-Cache-Key
X-Speed-Cache
X-LiteSpeed-Cache
X-S
X-Stale
Fhost
X-Cache-Age
Accept-Charset
SN
X-Cache-Control-Orig
Webluker-Edge
X-Location-Id
X-Distil-CS
X-Varnish-Age
X-Time
MJ12bot
Version
Filter-Revision
AMF-Ver
SEOMOZ
Upgrade
X-ServerName
X-BackendServer
X-Directory-Script
X-GeoIP-Country-Name
X-GeoIP-Country-Code
X-Vary-Options
X-Ttl
X-SN
X-Cache-Rule
X-Amz-Meta-S3cmd-Attrs
Qs-Cache
Id
Nodo
Req-Id
A-Powered-By
Powered
X-Trace-Cache
X-FIRSTBase
X-Translation
Location
X-Microcache-Status
X-Gamma-Serve
X-Session-Reinit
X-Device-Type
Buuteeq-Source
PageSpeed
X-Adobe-Content
X-Response-Time
X-Cache-Lifetime
Front-End-Https
NetMindSessionID
X-Blog
X-Cache-TTL
X-Distributed-By
X-Cache-CFC
X-CHSN
Server-Name
X-Xrds-Location
X-Varnish-Beresp-Grace
Cache-By-Node
X-Varnish-Beresp-Status
X-Varnish-Beresp-Ttl
X-Provisioner-Version
X-Bettercache-Proxy
Dispatcher
X-Domain-Checked
X-HOST
Warning
MIH-PUBLIC-IDENTIFIER
ORIGIN
X-Do-Not-Hack
X-WR-Flags
X-App
X-Trace
X-Object-Id
X-Orig-Vary
Content-Transfer-Encoding
X-Old-Content-Length
X-Highwire-SessionId
MIH-PLATFORM
X-Cache-Operation
X-Object-Type
MIH-CLIENT-FARM
X-Highwire-RequestId
X-VTEX-Cache-Status-Janus-Edge
X-Vtex-Processado-Em
X-VTEX-Janus-Router-Backend-App
LBVIS
X-Vtex-Remote-Cache
No
X-Vtex-Processed-At
X-VTEX-Cache-Status-Janus-ApiCache
X-Powered-By-VTEX-Janus-ApiCache
X-Powered-By-VTEX-Janus-Router
X-AOL-SNH
X-Powered-By-VTEX-Janus-Edge
X-Frontend
X-Secret
X-SBGI-Cache-Codes
XX
CT
S-Cnection
X-Country
X-Cocoon-Version
X-N
Backend
X-Varnish-Action
NtCoent-Length
Server-Info
Website-Info
X-Sys-Req-ID
X-Src-Webcache
X-Symfony-Cache
X-Recruiting
X-Server-ID
X-Server-Id
X-Id
From
X-Cache-Action
X-Varnish-Server
-GCR
X-Cache-On
X-ID
NLCacheNote
X-Geo-IP
X-Varnish-Count
Cteonnt-Length
Machine
X-Varnish-HitMiss
X-WebServer
X-FreeTag-Count
X-ClientSide-Caching
X-LIGHTHTTP-PCDID
Content-MD5
X-Header
Apache
Beyond-Iis
X-Powered-By-Server
X-Expires
XDomainRequestAllowed
W
Pool
X-Origin-Id
Cxy-All
X-Cache-Control
X-Machine-Name
Access-Control-Expose-Headers
X-Geo-IP-Metro
X-Geo-IP-Region
X-Who
X-Geo-IPV
X-Geo-IP-Country
MW-Webserver
BM-Cache-Key
BM-Cache-Node
BM-Cache-Status
X-Edge-Location
X-ChromeLogger-Data
X-Yottaa-Optimizations
X-Yottaa-Metrics
X-Wily-Servlet
X-UD-REMOTE-ADDR
X-UD-Target
X-Wily-Info
X-UD-Loopcounter
X-Info
Origin
X-Remote-Addr
TP-L2-Cache
X-Developer
X-Source-ID
X-Turbo-Control
TP-Cache
X-ServerCache-Info
X-Empowered-By
ScoreTracker
X-Resolver-IP
X-PRAM
X-Loopia-Cache
X-Req-Host
X-Cache-Set
X-Force
X-ORACLE-DMS-ECID
SVR
X-Engine
X-Cluster-Node
X-Srv
X-UPSTREAM
X-Rewritten-By
X-Amz-Id-1
X-Gannett-Site-Version
X-Nginx-Cache
X-ManagedFusion-Rewriter-Version
X-BS
X-UseReverse-Proxy
X-Frames-Options
X-Router
Last-Published
Spiislatency
Sprequestduration
X-Router-Backend
X-SDE-Name
X-Webapp
X-Abuse
Front
X-Accel-Expires
SiteName
Progma
CommunityServer
X-Ms-Invokeapp
X-ATM-RServer
X-Actindo-RS
Cluster-ID
NnCoection
REFRESH
X-Beatles
X-ATM-RTime
X-Farm-Server
X-Real-Server
Provided-Host
LBC
X-REDIRECTSERVER
X-Max-Age
X-DPWN-IS-SECURE
X-Atraveo-From-Varnish-Cache
X-Ruxit-Js-Agent
X-Server-Instance
X-Atraveo-Varnish-Server-Id
X-Atraveo-TTL
X-Atraveo-NC
X-Atraveo-Cache-Control
X-Debug
WFE
X-Dev
X-Flow-Powered
SFY
X-Response
X-Phpwcms-Page-Processed-In
LFY
X-Oracle-DMS-ECID
X-Phpwcms-Release
X-WorkerInstancename
Muha
Rt-Server
X-Ar-Debug
Jobb.Passal.Se
X-ESI-Enable
Open.Jobgate.Se
Jobb.Gil.Se
Jobb.Assistentpoolen.Se
X-Env
BM-CountryCode
P3P:CP
Test.Executivepeople.Se
Edgecast
X-Uid
Www.Myjob.Se
Www.Mirrorgate.Se
Www.Mabracertifiering.Se
X-FFX-B
Servername
Cneonction
X-Storage
X-Venda-Hitid
X-SilverStripe-Cache
X-SV
Content-Instance
X-Render-Time
Pool-Info
Author
X-Grid-Server
X-Amz-Version-Id
X-7dig
X-7d-Version
X-7d-Traceid
X-Invoke-Duration
Hamster
X-Vhost-ID
X-Jphone-Copyright
Smug-CDN
X-PM-ID
WEBO
Accept-Language
X-TTFB
X-Drupal-Cache-Tags
X-Goog-Hash
X-Built-By
X-N-ViewType
SIP
BM-Cache-Bypass
X-T3Cache
X-SSL
Aoestatic
WP-AdvCache-MemCached
SS-Request-ID2
X-B2f-Not-Route
X-EPiLogOnScreen
X-EPiLogOnScreen-PostUrl
X-Vhost
Web-Server
Cache-Ctrol
Sophnep-Edge-FX
X-Varnish-Device
X-Varnish-ID
X-T3CacheTags
HCVer
X-Unbounce-Variant
X-Unbounce-VisitorID
X-WR-MODIFICATION
SRV
X-Unbounce-PageId
X-TTFB-L
X-Grace
X-SmugMug-Hiring
X-SmugMug-Values
No-Cookie
X-Enhanced-By
Publisher
X-Webstats-RespID
Cache-Rule
HAVer
Cmstype
X-DTC
X-Stage
Cmsid
X-CacheServer
X-Kirra-SiteId
X-Powered
X-Nginx-Host
X-CACHE-TTL
X-Cache-Ttl
X-Libra-UpstreamHost
Worker
X-TempDebug
X-Cms-Mode
X-APP
X-CCC
If-Modified-Since
Mime-Version
Arr-Disable-Session-Affinity
X-Content-Age
X-Webobjects-Loadaverage
X-Garden-Version
X-Prerender-Token
X-NFE
X-Nhost
X-CID
F-In-Cache
Server-N
Mobiquo-Is-Login
X-I-Sp
CACHED-RESPONSE
X-Fastcgi-Cache
X-NginX-Server
CacheControlHeader
X-Web-Node
X-Block
X-Pageid
X-Edge-IP
X-Dynamic
X-Channel-Maxage
X-Download-Options
X-Artvisual-Server
X-Brought-To-You-By
X-LI-UUID
X-MSEdge-Ref
X-Plat
X-Powered-Developer
Sid
ServerConfigManager.WebBugTracker
Render
Tpt.Renderer
Tpt.Renderer1
X-Hit-Cache
X-ProxyInstancename
X-Pagename
X-Server-IP
IsFullSiteRequest
Xonnection
X-OPNET-Transaction-Trace
X-Varnish-Debug-Age
X-App-Server
After
Before
ExecuteNonQuerySQLParam
X-Trace-App
X-CacheTTL
X-MCB-Server
Backend-Name-Original
Ttl
X-Li-Fabric
X-Client-IP
X-Li-Pop
Bs-Header
X-IP-Address
X-DSMX-Rewrite-MS
X-DSMX-Render-MS
X-WA-Info
X-FS-UUID
X-EdgeRouter
Ms
X-MobileDetected
INCOMING-TIME
X-SERVER-ID
X-Hash
X-Transaction
X-GC-App
X-Akamai-Device-Characteristics
X-Node-Name
X-DeliveryServer
X-GC-Write
X-Hrouter
X-Middleton-PageSpeed
X-LB
X-Is-Mobile
X-GC-Read
X-Twitter-Response-Tags
X-Ec-Custom-Error
X-Connection-Hash
X-Hstore
X-Frontal
X-Cookie-Request-Debug
X-App-Container
X-Cookie-Response-Debug
X-Monstercache-Host
Secured
X-DefendeR-Runtime
X-Monstercache-Hash
B-Powered-By
X-Monstercache-Timeout
X-PvInfo
X-Client-Vid
X-FCMS-Cache
X-Backend-IP
Copyright
D
X-Content-Security-Policy-Report-Only
X-EPiphany-Vid
X-Origin
X-BKSrc
XDisk
X-Node-ID
X-Revision
SS
X-Foresight-Air
X-Fallback
X-Cached-Status
X-EntryPoint
X-Foresight-Customresponse
X-Healthy
X-SeschatTemplateID
X-GSL-Server
FROM-SERVER
Ksid
X-This-Proto
X-Flex-Community
X-Flex-Tag
X-Flex-Tags
Noq
X-DefendeR-Status
Unique-Request-Id
Nodeid
X-Flex-Evend
X-Flex-Evstart
X-Flex-Lang
X-Flex-Lastmod
CP
Cpu
WP-Cache
X-ACCELERATE
X-DB-Content-Length
X-Confluence-Request-Time
X-DC-Origin-IP
X-Domino-CacheValidationWithETagReason
X-Cache-Extended
Ram
Ec
X-Domino-CacheValidationWithETagResult
X-SeschatRedID
X-UType
X-Seschat-URL
BALANCEDTO
X-SeschatDID
X-SeschatLayout
Allow
Ozcache
PServer
X-Mobile
X-IP
Tracker
X-DELIVERYSERVER
X-NginX-Cache
X-Apple-Application-Instance
X-Cache-Doesi
X-Apple-Partner
X-Apple-ATS-Cache-Key
X-Apple-Application-Site
X-Apple-Translated-Wo-Url
X-Ants-Machine-Id
X-Apple-Aka-Ttl
X-Apple-Jingle-Correlation-Key
X-IDS-WS
X-Apple-Orig-Url
Apple-Timing-App
X-Checkout
X-Compressed-By
X-B
X-Cache-Backend
X-Cache-Host
X-Cached-On
X-Cached-Until
X-Dokk-PortalId
MageStack-Tag
X-ELC-Checkpoint4
X-HA
Masquerade
SBMCLOUD
UniqueName
Tempo
X-Cookie
X-Cookie-Store
X-UA-Profile
X-V-I-TTL
IsMobile
X-Req-Url
OutputRewritten
X-V-Outer
X-Powered-By-Srv
X-V-TTL
AcceptLangage
X-WLD-LB
CountryCode
ServerIP
X-Created
X-Varnish-Cookie-Debug
X-Backend-Status
X-Hosting
X-T
X-AccessDev
X-Varnish-Currency
X-Origin-Cache
Url-Hash
Keywords
Description
X-Ocache
MageStack-Loadbalancer
X-Varnish-Debug-Pool-Recv
X-CMS-Powered-By
X-CDN-Node
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-Varnish-Restarts
X-Varnish-Debug-Pool-Fetch
X-GitHub-Request-Id
X-Url-Store
X-Site
X-Var-Hash
X-Hit
X-VhostID
X-CDN-Cache-Status
MachineName
MGIT
OGHopCount
X-ACLR-Version
X-Cache-Via
Ibf5scheme
X-Would-Your-GrandPa-Wait
X-WP
X-Your-GrandPa-Would-Wait
Fastcgi-Cache
X-Uplex
X-TTL-Age
MageStack-Cache-Status
MageStack-Cache-Lifetime
X-Rack-Cors
X-Ratelimit
MageStack-Cacheable
MageStack-Config
MageStack-PageSpeed
Test
X-Monstercache
MageStack-Debug
X-Route
MageStack-Cache-Hits
X-Serendipity-InterfaceLang
X-Req-Counter
X-Test
X-Provided-By
X-Serendipity-InterfaceLangSource
X-Time-Microsecs
MageStack-Cache
MageStack-Area
X-Varnish-Max-Age
X-T3CacheInfo
MageStack-Response-Ttl
Thinkindot-CacheControl
Nitro-Cache
Host-Service
Provider
SB-Cache-Version
Thinkindot-CacheControl-Type
BrandBucket-Domain
Z-NginxStatus
X-TLServer
X-USERNAME
X-Wikidot-Backend
X-Wikidot-Static-Cache
Thinkindot-Control
UNIQUE-ID
X-RSS-CACHE-STATUS
X-SATserver
Redirect
SV-Duration
X-RequesterIP
X-Planisys-CDN-Rules
X-GeoIP-Country
X-Instance
X-Key
X-Planisys-CDN-Cache
X-S-Misc
X-HOSTTYPE
At-Isb
Backend-Host
X-Prefetched
X-ProcessESI
X-CMS
Access-Ip
Tracecode
X-Dynatrace
Dynatrace
X-HP-CAM-COLOR
X-RemovedCookies
X-Request-Count
X-AISO-Server
X-Catalyst
X-D-Time
X-Generation-Time
X-AISO-Cacheable
X-AISO-Cache
X-Server-Generated
X-Upstream
Esi-Enabled
NZSpeedy
X-Author
X-Static-Version
Www.Aujourdhui.Com
X-Magento-Lifetime
X-Varnish-Debug-Hits
X-NID
X-HW
X-Nucleus-Cache
X-Magento-Action
X-ErrorPage
X-Hostingcenter
X-Fett
X-Compressor
X-Varnish-ServiceNetIP
X-Varnish-Hashed-On
Public-Extension
X-Request-Time
WebDevSrc
X-Environment
X-CCM
X-RateLimit
X-Magnolia-Registration
ResourceTag
X-WHOIS-Cached
Orgin-Server
X-Cache-Key
X-ATP-Server
X-Device-Group
Max-Age
Server-Optimized-By
X-Upstream-Time
X-Client-Addr
Hotelbookingid
X-Allow-Redis
RayEngine
Webserver
X-Aberdeen-Cache
DB-Nickname
Be
X-Gondor-Server
CPOINT
X-Aberdeen-Site
X-Client-Id
MwpReleaseVersion
Protected-By
X-Node-Id
X-Highwire-Sitecode
X-Cluster-ID
X-Highwire-Cache
X-ARR
Be-Va
Device-Os-Version
Is-Mobile
Is-Tablet
Device-Os
Ajax-Preferred-Geoloc-Api
X-Rot
X-Source
X-Sov
Is-Wireless-Device
Mobile-Browser
Resolution-Width
Viewport-Initial-Scale
Viewport-Width
Resolution-Height
Physical-Screen-Width
Mobile-Browser-Version
Physical-Screen-Height
X-VG-WebCache
X-MidCOM-Meta-Cache
Rt-Proxy-Cache
X-ENV
X-GeoIP
Be-Ip
X-SERVERID
X-Pb-Mii
X-Purge-Level
X-Litespeed-Cache
X-Nocache
Atp-Isdpp
CorrelationVector
Requested-Host
At-Shoptype
Timing-Allow-Origin
X-PageID
Head
X-Mii-Cache-Hit
Content
X-Panel-Id
Xc
SSPAppContext
X-Panel-Name
X-Process-Time
Content-Cache
Encoding
X-PoolMember
DrivedBy
Time
X-ESI
X-Server-Node
X-Accelerated-By
Server-IP
ProxiaInstanceId
Railo-Version
Language
CData
User-Updated-At
Il-Cl
User-Id
Rewriter
Device
X-TAProxy
Disaptch-Cache-Rule
-Onnection
X-Dynatrace-Js-Agent
X-Daa-Tunnel
F5-IpCliente
Gzip
X-Mod
X-ESI-Processing
X-AG-MIPS
X-SID
X-SiteConInfo
X-Fpc
X-Server-By
Cleartype
HGR-NOCACHE
WEB-CLUSTER-NODE
SLB
ClientIP
X-Ants-Host
X-Powered-By-Home.Pl
X-Request-Processing-Time
X-Webbins-Node
X-Ruxit-JS-Agent
OriginServer
Foglight-Request-UUID
X-Varnish-Hostname
X-Crafted
X-Request-Received
AMFplus-Ver
X-Cdn-View
KinteraFilter
X-UserAgent
X-Gyrobase-Publication
X-AMAZEEIO
X-FRONT-TTL
Noahs-Classifieds
X-Built-With
TIMESTAMP
X-Benchmark-Sphinx-Count
X-Forwarded-Proto
X-Bcwwwid
X-IP-BE
X-CDN-Version
X-Cacheable-TTL
X-Src-Loadbalancer
X-BPool
X-BServer
Robots
X-NewRelic-App-Data
X-App-Reload-Settings
X-TISSERVER
Access-Control-Allow-Origin:
Server-Hostname
X-Esi
X-RAMCache
X-R4L-VHOST
X-Rq
X-Backend-Name
Content-ID
X-Benchmark-Db
X-Benchmark-Sphinx
X-Benchmark-Total
X-Avvio-Cms-Cacheload
X-Cachable
Sigma
X-Benchmark-Cache
X-Path
C-TTL
X-Locale
User-Cache-Control
X-AppServer-Status
X-Debug-Serve
X-Restarts
X-We-Are-Hiring
X-Logword
X-Distributor
SL-NOREWRITE-REDIRECTS
SAVVIS