Threat Level: green Handler on Duty: Brad Duncan

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
Link
P3P
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
Keep-Alive
X-Frame-Options
CF-RAY
Content-Location
X-Varnish
X-Language
X-Check
X-Buckets
X-Template
X-Cacheable
Access-Control-Allow-Origin
X-Generator
X-Drupal-Cache
P3p
X-Ac
X-Hacker
WP-Super-Cache
Status
MS-Author-Via
X-Powered-By-Plesk
X-AspNetMvc-Version
Strict-Transport-Security
X-Runtime
X-Geo-Port
X-Geo
X-Pad
X-Request-Id
X-Powered-CMS
X-Mod-Pagespeed
X-Type
X-Cache-Group
MicrosoftOfficeWebServer
X-Host
Access-Control-Allow-Credentials
X-Logged-In
Ngpass-Ngall
X-Cache-Hits
X-Cache-Lookup
X-UA-Device
X-Server
Host-Header
X-Pass-Why
X-Rack-Cache
X-Iinfo
MicrosoftSharePointTeamServices
X-Via
X-Backend
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Tumblr-User
Access-Control-Allow-Headers
X-CF-Powered-By
X-Tumblr-Pixel-1
Access-Control-Allow-Methods
X-Varnish-Cache
X-Served-By
X-XRDS-Location
Content-Encoding
X-Seen-By
SPRequestGuid
X-SharePointHealthScore
X-Accel-Version
X-Robots-Tag
X-Tumblr-Pixel-2
X-Sorting-Hat-ShopId
X-Alternate-Cache-Key
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-PodId
X-ShopId
X-ShardId
X-Dc
X-Sorting-Hat-PodId-Cached
X-ContextId
X-Page-Speed
X-Cnection
X-ServedBy
X-INKT-SITE
X-INKT-URI
X-Webserver
X-BC-Is-HA
X-CDN
X-PhApp
X-MS-InvokeApp
X-Safe-Firewall
Composed-By
X-Cache-Hit
X-Proxy-Cache
X-FullPageCaching
X-Request-ID
X-Hostname
X-PC-Key
X-PC-Hit
X-PC-Host
X-PC-Date
X-PC-AppVer
Served-By
X-Url
X-Ua-Compatible
X-FRAME-OPTIONS
X-Port
X-Firenze-Processing-Times
X-AH-Environment
X-FRAME-Options
X-Forwarded-For
X-Tumblr-Pixel-3
X-XN-Trace-Token
X-W-DC
X-XN-XNHTML
X-Cache-Status
Cartoon
X-Wix-Renderer-Server
X-Wix-Dispatcher-Cache-Hit
X-Wix-Request-Id
Public-Key-Pins
X-Age
Cf-Railgun
X-HeyJason
X-Amz-Cf-Id
X-Spip-Cache
Liferay-Portal
Content-Security-Policy
Content-Script-Type
X-Server-Name
X-Powered-By-360WZB
Content-Style-Type
X-Amz-Id-2
X-Cache-Info
X-Served-From-Cache
X-Amz-Request-Id
Request-Id
X-Umbraco-Version
SPIisLatency
X-Content-Digest
SPRequestDuration
X-Timer
X-Pantheon-Endpoint
X-Styx-Version
X-Styx-Req-Id
X-Styx-Build-Sha
X-Styx-Build-Date
X-Pantheon-Styx-Hostname
X-Styx-Build-Num
CF-Cache-Status
X-SERVER
X-Hyper-Cache
X-Cache-Server
X-FB-Debug
X-Clacks-Overhead
X-Device
X-Cache-Result
X-TN-ServedBy
Rating
Real-Hostname
X-Loop
X-PHP-Engine
X-DynaTrace
X-VCache
X-Outils-CS
X-Tumblr-Pixel-4
Powered-By
X-TNCMS
TCN
X-PersistenceNode
Refresh
NS-RTIMER-COMPOSITE
X-Px
X-Cached-By
DynaTrace
X-CDN-Geo
X-CDN-Geo-IP
X-CDN-Any-IP
Imagetoolbar
X-Generated-By
X-Microcachable
X-Tumblr-Content-Rating
X-Cache-Enabled
Powered-By-ChinaCache
X-Cached
X-Content-Encoded-By
Page-Completion-Status
X-Mobilized-By
Access-Control-Max-Age
Thanks
X-Matrix-Proxy
X-Matrix-Server
Product
Charset
X-From
X-Tumblr-Pixel-5
X-CMS-Version
Magicmarker
X-Powered-By-Anquanbao
X-Loc
X-Version
X-Xrds-Location
X-Original-Content-Length
IBM-Web2-Location
X-DynaTrace-JS-Agent
Node
X-Content-Security-Policy
X-DDC-Arch-Trace
X-FW-Hash
CC-CACHE
X-Node
Pics-Label
X-Backend-Server
X-Jimdo-Wid
X-Jimdo-Pid
X-FW-Serve
X-Zephyr
X-FW-Static
X-FW-Type
X-Permitted-Cross-Domain-Policies
Response
X-W3TC-Minify
SID
X-Firenze-Processing-Time
ServedBy
X-Content-Options
X-Hits
Content-Encoding-Handler
X-FORWARDED-FOR
X-Varnish-Cacheable
X-User-Agent
Generator
X-Varnish-Host
Lsrequestid
X-Sol
Display
X-Middleton-Display
X-Varnish-Backend
Proxy-Agent
X-Whom
X-NoCache
X-Middleton-Response
X-App-Hosting
X-I
X-Cache-Debug
X-WebKit-CSP
X-UD-Method
X-UD-Host
X-Original-Request
Access-Control-Request-Method
MIME-Version
Retry-After
X-AspNetWebPages-Version
X-Cache-Config
X-Passed-To-BeforeDispatch
X-Passed-To
X-Handled-By
X-Passed-To-DLL
X-Returned-From-DLL
X-Actual-URL
X-Returned-From-BeforeDispatch
X-Returned-From
X-Passed-To-PostProcessResponse
X-Returned-From-PostProcessResponse
X-Purge-Host
X-Drectory-Script
X-Cache-Expires
Set-Cookie2
X-SN
Sprequestguid
X-DNS-Prefetch-Control
RTSS
X-Processed-By
X-Sharepointhealthscore
X-SDS
X-ApacheServer
X-Varnish-TTL
ServerName
X-Duration
Edge-Control
Surrogate-Control
Host
X-TTL
X-Cookie-Domain
X-Cdn
X-Speed-Cache-Key
X-Micro-Cache
X-Speed-Cache
X-PF-Uncompressing
X-MiniProfiler-Ids
X-PERF
X-Expires-Orig
X-Hosted-By
Content-Disposition
COMMERCE-SERVER-SOFTWARE
X-Purge-URL
Fhost
X-Nitra-Side
X-Ms-Invokeapp
PICS-Label
X-Front
VAR-Cache
Website-Info
Server-Info
X-Varnish-Hits
X-URL
X-Cache-Control-Orig
X-ATG-Version
IISExport
Accept-Encoding
X-ServerID
WWW-Authenticate
X-Director
X-GeoIP-Country-Name
X-PwB-Node
X-GeoIP-Country-Code
X-FIRSTBase
X-CJ-Soft
X-Response-Time
S
AMF-Ver
SN
X-Swift-CacheTime
X-Swift-SaveTime
Cm-Server
X-Vary-Options
X-Tumblr-Pixel-6
Filter-Revision
X-LiteSpeed-Cache
Proxy-Connection
X-App-Status
X-Session-Reinit
X-Blog
X-Cache-Rule
X-S
ServerID
X-Varnish-Age
X-Art-Request-Id
Grace
SEOMOZ
Microsoftsharepointteamservices
MJ12bot
X-ServerName
Location
X-Cache-TTL
X-HOST
Cache-By-Node
Cache
Srv
X-Distil-CS
X-Microcache-Status
X-Device-Type
X-Varnish-IP
X-Amz-Meta-S3cmd-Attrs
X-Stale
X-Trace-Cache
X-ACMCache
Id
Accept-Charset
X-Cache-Operation
Qs-Cache
X-Trace
X-Provisioner-Version
X-Domain-Checked
Rt-Fastcgi-Cache
X-Country-Code
X-Gamma-Serve
X-Engine
X-Track
X-Translation
X-FW
X-Cluster-Node
Req-Id
X-Highwire-SessionId
Fpc-Cache-Id
X-Highwire-RequestId
X-Cocoon-Version
X-App
X-Time
A-Powered-By
X-SRV
X-Server-ID
X-Varnish-Object-Age
Nodo
NtCoent-Length
Powered
PageSpeed
NODE
Server-Name
X-BackendServer
X-ID
Ngpass-Vcall
Buuteeq-Source
X-Varnish-Beresp-Status
X-Yadis-Location
X-Varnish-Beresp-Grace
X-Directory-Script
X-Ttl
X-Varnish-Beresp-Ttl
X-Orig-Vary
X-Srv
X-CHSN
Upgrade
NetMindSessionID
X-LIGHTHTTP-PCDID
X-Frontend
CT
X-Varnish-Server
X-Transaction
Ms
X-Twitter-Response-Tags
X-Connection-Hash
X-Secret
Content-Security-Policy-Report-Only
LBVIS
MIH-CLIENT-FARM
MW-Webserver
MIH-PUBLIC-IDENTIFIER
X-Varnish-Cache-Hits
Beyond-Iis
X-Instart-Request-ID
MIH-PLATFORM
X-Cache-Age
X-Src-Webcache
X-Adobe-Content
X-Sys-Req-ID
X-Resolver-IP
X-Do-Not-Hack
X-Location-Id
Backend
X-Source-ID
X-AOL-SNH
X-Atraveo-TTL
X-Atraveo-NC
X-Atraveo-Cache-Control
X-FreeTag-Count
X-Atraveo-From-Varnish-Cache
X-Atraveo-Varnish-Server-Id
Content-Transfer-Encoding
X-Force
X-Bettercache-Proxy
NLCacheNote
-GCR
X-Recruiting
Dispatcher
X-Request-Locale
BM-Cache-Key
X-PRAM
BM-Cache-Node
X-ServerCache-Info
X-TempDebug
X-Cached-Status
XX
Content-MD5
X-Object-Id
Webluker-Edge
X-Old-Content-Length
X-Object-Type
ORIGIN
X-Cache-On
X-Powered-By-VTEX-Janus-Router
X-Powered-By-VTEX-Janus-Edge
RATING
X-Powered-By-VTEX-Janus-ApiCache
No
X-VTEX-Cache-Status-Janus-ApiCache
X-Uid
X-GeoIP
X-Vtex-Processado-Em
X-Vtex-Processed-At
X-Cache-Action
X-Vtex-Remote-Cache
X-VTEX-Cache-Status-Janus-Edge
X-VTEX-Janus-Router-Backend-App
X-Developer
X-SDE-Name
Origin
X-Info
X-Country
X-Wily-Info
CommunityServer
X-Req-Host
X-Wily-Servlet
SS
BM-Cache-Status
X-Geo-IP
X-MJ-Upstream-Addr
X-ChromeLogger-Data
X-Distributed-By
Machine
X-Grid-Server
X-Venda-Hitid
X-Web-Node
X-Powered-By-Server
X-Origin-Id
Front-End-Https
X-BS
X-Rewritten-By
X-B2f-Cache-Load
X-Frames-Options
Progma
X-ManagedFusion-Rewriter-Version
If-Modified-Since
X-Expires
XDomainRequestAllowed
X-REDIRECTSERVER
X-Varnish-Count
X-Symfony-Cache
X-WA-Info
X-WR-MODIFICATION
X-Varnish-HitMiss
Apache
Access-Control-Expose-Headers
X-Accel-Expires
X-Gannett-Site-Version
X-Content-Age
X-Amz-Id-1
X-Cache-Lifetime
X-Origin
Author
Ibm-Web2-Location
X-Nginx-Host
From
X-Varnish-Cache-Local
Cteonnt-Length
X-Geo-IP-Metro
X-ORACLE-DMS-ECID
X-Geo-IPV
X-Geo-IP-Region
X-Header
SiteName
X-Geo-IP-Country
CP
X-Turbo-Control
Be-Ip
X-N-ViewType
Be-Va
X-Varnish-ID
UniqueName
NnCoection
X-Varnish-Device
SIP
MirrorName
X-Goog-Hash
X-Machine-Name
X-EPiLogOnScreen-PostUrl
X-EPiLogOnScreen
X-Powered
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
X-UD-Target
X-UD-REMOTE-ADDR
X-UD-Loopcounter
Last-Published
Accept-Language
TP-L2-Cache
X-Cms-Mode
X-Garden-Version
Worker
X-Enhanced-By
X-Dev
X-UPSTREAM
X-N
TP-Cache
X-Ar-Debug
X-Jphone-Copyright
X-Varnish-Action
X-Flex-Community
X-Flex-Lastmod
X-Flex-Tag
X-DeliveryServer
X-Flex-Tags
X-Flex-Lang
X-Flex-Evstart
SVR
X-App-Container
X-DefendeR-Runtime
X-Flex-Evend
Content-Instance
X-Via-Kemp
X-Vhost
Compression-Control
X-Storage
X-B2f-Not-Route
X-Trace-App
X-Vhost-ID
Cmstype
Cmsid
X-Pagename
X-Hit-Cache
X-Beatles
X-HostName
Web-Server
X-Server-By
X-FS-UUID
X-MJ-Serve-Req-Time
Backend-Name-Original
X-ACCELERATE
X-LI-UUID
X-Li-Pop
X-Id
X-Li-Fabric
Front
X-WP
X-Block
X-Channel-Maxage
X-Edge-Location
Version
X-Monstercache-Timeout
X-Stage
X-SV
X-UseReverse-Proxy
X-Monstercache-Hash
X-Allow-Redis
X-Monstercache-Host
X-Full-URL
X-Cache-Set
X-Monstercache
X-Purge-Level
ScoreTracker
X-Router-Backend
X-Router
Bs-Header
X-Webapp
AppDynamics-BT
X-Response
Fw-Via
Noq
WP-AdvCache-MemCached
X-Varnish-Debug-Age
P3P:CP
Open.Jobgate.Se
Server2
X-Upstream
SS-Request-ID2
7e-Page-Cache
Ram
X-PvInfo
X-DTC
Il-Cl
Ksid
Www.Mirrorgate.Se
X-Built-By
PServer
Www.Myjob.Se
X-Client-IP
Rt-Server
Www.Mabracertifiering.Se
Provided-Host
X-Kirra-SiteId
X-Actindo-RS
X-CacheServer
X-ATM-RTime
Test.Executivepeople.Se
Cpu
X-ATM-RServer
BM-Cache-Bypass
No-Cookie
Tpt.Renderer
SRV
X-DSMX-Render-MS
X-DSMX-Rewrite-MS
X-Server-Id
X-GC-App
B-Powered-By
ServerConfigManager.WebBugTracker
Sophnep-Edge-FX
Tpt.Renderer1
X-Empowered-By
X-SSL
Jobb.Gil.Se
BM-CountryCode
Jobb.Assistentpoolen.Se
LBC
Provider
Cluster-ID
X-T3CacheInfo
X-T3CacheTags
Render
Pool
X-Catalyst
X-Varnish-Debug-Hits
X-Pre-Strip-Debug
X-GC-Write
IsFullSiteRequest
After
X-GC-Read
Jobb.Passal.Se
ExecuteNonQuerySQLParam
Before
Server-N
X-Dynatrace
X-Amz-Version-Id
X-Real-Server
SFY
X-Route
Pool-Info
X-SilverStripe-Cache
X-Max-Age
LFY
X-Remote-Addr
X-MCB-Server
X-Varnish-URL
HAVer
X-Drupal-Cache-Tags
HCVer
X-Snapsis-PageBlaster
Hotelbookingid
X-IDS-WS
X-PM-ID
Aoestatic
X-MobileDetected
X-Artvisual-Server
X-Webstats-RespID
X-Author
X-Vivastreet
X-Vivastreet-KiwiiPage
D
ServerIP
X-Hash
X-Hrouter
X-DefendeR-Status
X-EdgeRouter
X-T3Cache
X-CacheTTL
X-Varnish-Cache-Server
X-Debug
X-Oracle-DMS-ECID
Disaptch-Cache-Rule
X-CCM
X-Distributor
Content
X-CacheHits
X-ESI-Enable
Access-Ip
X-DB-Content-Length
CacheControlHeader
X-FFX-B
X-Farm-Server
X-Hstore
Host-Service
X-Server-Instance
X-Flow-Powered
Svr
X-LB
X-OPNET-Transaction-Trace
WP-Cache
Test
X-Abuse
Cneonction
X-ESI
Tracker
Cache-Ctrol
X-TTFB
X-TTFB-L
X-Server-IP
Copyright
CPOINT
Muha
X-UserAgent
X-Locale
Sid
X-SmugMug-Values
X-SmugMug-Hiring
X-Nginx-Backend
Acdc-Web
X-LAvg
X-Cookie
X-Cache-Extended
Backend-Host
BALANCEDTO
X-7dig
F-In-Cache
X-7d-Version
X-7d-Traceid
X-Varnish-Debug-Pool-Fetch
CDN
Smug-Env
Edgecast
ProxiaInstanceId
DBG-Timestamp
DBG-TargetHost
DBG-HTTPHOST
Server-Optimized-By
SL-NOREWRITE-REDIRECTS
X-Magento-Lifetime
X-MSEdge-Ref
X-Magento-Action
X-Client-Addr
X-Hit
X-ProcessESI
X-RemovedCookies
BE
X-BKSrc
X-Uplex
X-Varnish-Restarts
X-Varnish-Debug-Pool-Recv
X-Node-Name
INCOMING-TIME
POOL
Nitro-Cache
Xonnection
X-Varnish-Ttl
X-FCMS-Cache
X-Edge-IP
Ttl
Allow
X-Domino-CacheValidationWithETagResult
X-Domino-CacheValidationWithETagReason
X-XHR-Current-Location
X-Revision
X-DELIVERYSERVER
X-App-Server
X-Unbounce-PageId
X-Yqk-Set
X-Mod-Oboe-PS
X-Middleton-PageSpeed
X-Varnish-Cookie-Debug
X-NginX-Server
X-NginX-Cache
X-Unbounce-Variant
X-TLServer
X-NFE
ServerId
X-Unbounce-VisitorID
X-Server-Node
X-Powered-By-Yqk
S-Cnection
Publisher
Public-Extension
X-WorkerInstancename
Warning
Servername
Portlet.Expiration-Cache
X-Src-Loadbalancer
EXT-CACHEEXPIRE
X-Dokk-PortalId
X-Render-Time
OGHopCount
No-Cache
Content-Cache
X-Static-Version
X-Bcwwwid
X-D-Time
X-PoweredBy
X-Request-Count
X-Server-Generated
X-Generation-Time
X-S-Misc
X-HOSTTYPE
X-Confluence-Request-Time
Ec
X-HW
X-Source
User-Cache-Control
MwpReleaseVersion
X-AppServer-Status
X-Instance
X-Yottaa-Metrics
X-Yottaa-Optimizations
X-ARR
X-Environment
Mobiquo-Is-Login
At-Isb
Ibf5scheme
X-MidCOM-Meta-Cache
X-Nginx-Cache
X-SeschatTemplateID
X-SeschatRedID
X-USERNAME
MachineName
Foglight-Request-UUID
MGIT
X-SATserver
ResourceTag
X-RSS-CACHE-STATUS
OutputRewritten
PROPSON-FARM
X-Seschat-URL
X-SeschatDID
X-SeschatLayout
X-Dynamic
X-Client-Vid
Redirect
X-Brought-To-You-By
X-Binarysec-Via
X-EPiphany-Vid
X-Benchmark-Total
X-Request-Time
X-Nucleus-Cache
X-Benchmark-Sphinx-Count
X-Benchmark-Sphinx
X-Benchmark-Cache
X-Benchmark-Db
X-CMS
X-DC-Origin-IP
X-PBY
X-Varnish-Currency
X-WLD-LB
X-Hostingcenter
X-IP
X-CDN-Node
X-CDN-Cache-Status
X-Rq
WEBO
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-Time-Microsecs
X-Req-Counter
X-Ratelimit
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Powered-Developer
Xc
X-ErrorPage
Time
Web-Head
WebDevSrc
X-Cache-Ttl
X-APP
Content-ID
XDisk
X-Optimization
MageStack-Loadbalancer
MageStack-Config
X-Cache-Control
MageStack-Debug
MageStack-Response-Ttl
MageStack-Tag
MageStack-Cache
MageStack-Area
MageStack-Cacheable
X-Purge-Url
MageStack-Cache-Lifetime
MageStack-Cache-Status
MageStack-PageSpeed
MageStack-Cache-Hits
X-DEBUG
Dynatrace
X-Nhost
X-Dynatrace-Js-Agent
Ozcache
X-Litespeed-Cache
X-This-Proto
X-Mii-Cache-Hit
X-Cache-Via
X-Debug-Serve
X-Cache-Key
X-Your-GrandPa-Would-Wait
X-Cachable
X-Device-Group
X-Fastcgi-Cache
X-Pb-Mii
X-Checkout
X-Cookie-Store
X-ELC-Checkpoint4
X-IP-Address
X-Cached-Until
X-Cached-On
X-Backend-Status
X-Cache-Backend
X-Cluster
X-JSON-API-LATENCY
SBMCLOUD
97YES.COM
X-Var-Hash
X-ATP-Server
X-FarmId
X-Url-Store
X-TTL-Age
X-Page-Generated-At
X-Page-Generation-Time
Hamster
X-Would-Your-GrandPa-Wait
V-Cache
X-Is-Mobile
X-Process-Time
UNIQUE-ID
REFRESH
X-Content-Security-Policy-Report-Only
Head
Robots
Srv-N
WFE
X-Aws-Ec2
X-Planisys-CDN-Rules
X-RequesterIP
Access-Control-Allow-Method
X-Planisys-CDN-Cache
X-GL-SRV
X-App-Reload-Settings
SV-Duration
X-GeoIP-Country
Esi-Enabled
Atp-Isdpp
X-HP-CAM-COLOR
X-Request-Received
X-Varnish-Hit
SBGI-CACHE-CODES
X-Hosting
X-AccessDev
X-ESI-Processing
SSPAppContext
X-Request-Processing-Time
Be
Ap-Exec-Time-Mks
Protected-By
At-Shoptype
X-Crafted
W
CacheControlMode
X-Proxy
Www.Aujourdhui.Com
X-Forwarded-Proto
X-V-TTL
X-Wikidot-Backend
X-V-Outer
X-V-I-TTL
X-Invoke-Duration
X-Wikidot-Static-Cache
Keywords
X-Varnish-Hashed-On
X-Varnish-Set-Cookie
Noahs-Classifieds
X-GitHub-Request-Id
Language
X-BIN
X-SBGI-Cache-Codes
X-Time-Spent
X-TAG
X-Fett
X-View
X-Static
X-RNDPAGE
Mime-Version
X-Req-Url
X-Created
X-Backend-Name
SLB
X-Mobile
Http
AcceptLangage
X-Pixelsilk-Version
X-Sov
X-Gyrobase-Publication
X-Rot
Nginx-Cache
Apple-Itunes-App
X-Pixelsilk-Server
X-Turpentine-Cache
X-Stackable-Node
IsMobile
Description
CountryCode
X-SERVER-ID
OriginServer
X-B2f-Cache-NotFromUrl
X-AVG-REWRITE
X-Twinwave
Url-Hash
Railo-Version
X-AVG
X-Varnish-Hostname
X-Client-Ip
X-Mobile-Device
X-CacheStore
Cached
X-Fpc
X-CMS-Server
X-CachedURL
-Onnection
X-Content-Parsed-By
CACHED-RESPONSE
Rt-Proxy-Cache
X-RE-Ref
Orgin-Server
X-WentThroughDrupal-Deliver
X-ServicedByDrupal
X-WentThroughDrupal-Recv
X-OrgURL
X-InDy-Time
ContentType
Device
Sigma
X-Turpentine-Esi
X-InDy-Memory
X-InDy-Query
X-LTM-ID
X-Prerender-Token
X-SiteConInfo
X-WAP
X-VG-WebCache
X-Amz-Meta-S3fox-Filesize
X-Amz-Meta-S3fox-Modifiedtime
X-V
X-Svr-Id
X-Powered-Load
X-SUPERCACHE
X-TISSERVER
Tempo
X-Header-Set-Id
X-Pagecache
X-Cdn-View
X-Caching-Rule-Id
HGR-NOCACHE
TIMESTAMP
X-Backend-IP
X-Gondor-Server
X-Nginx-Server
Server-IP
X-SEA-Instance-Name
X-RAMCache
X-Life
X-Loopia-Cache
X-Jcms-Ajax-Id
X-AISO-Cache
X-Framework
GenSvr
X-Debug-Token
X-Cached-From
X-AISO-Server
X-Hosting-Env
Powered-By-Scs
X-D2id
X-Provided-By
X-Varnish-Max-Age
X-Accel-Cache-Control
X-Path
X-PHP-Cache
X-ACLR-Version
X-Http-Host
Gzip
User-Updated-At
X-Client-Id
X-Apublish-Id
Web
X-Ec-Custom-Error
X-Who
User-Id
X-Accelerated-By
Requested-Host
Arr-Disable-Session-Affinity
X-Cache-Host
X-Upstream-Server
X-Nginx-UpstreamHost
X-Libra-UpstreamHost
X-Nginx-Pool
X-Compressed-By
X-Backend-Ip
X-PS-MURDOCK-ORIG-PROTOCOL
X-VhostID
X-PS-MURDOCK-ORIG-FILEEXT
X-PS-MURDOCK-CASE-NORMALIZATION
X-Docuri
X-Nocache
Fpc-Expire