Threat Level: green Handler on Duty: Tom Webb

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-XSS-Protection
X-Pingback
X-Frame-Options
X-AspNet-Version
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
Strict-Transport-Security
Via
X-Adblock-Key
X-Language
X-Template
X-Check
Access-Control-Allow-Origin
X-Varnish
X-Buckets
X-Generator
X-Cacheable
X-Drupal-Cache
Content-Location
X-Hacker
X-Ac
X-AspNetMvc-Version
X-Request-Id
X-Powered-By-Plesk
MS-Author-Via
X-Type
X-Pass-Why
X-Cache-Group
X-Runtime
WP-Super-Cache
X-Powered-CMS
Status
X-Cache-Hits
Ngpass-Ngall
X-Permitted-Cross-Domain-Policies
Host-Header
X-Download-Options
X-UA-Device
Access-Control-Allow-Credentials
X-ShopId
X-Dc
X-ShardId
X-Alternate-Cache-Key
Keep-Alive
Access-Control-Allow-Headers
X-Iinfo
Content-Security-Policy
X-Via
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Tumblr-User
Access-Control-Allow-Methods
X-Mod-Pagespeed
X-Tumblr-Pixel-1
X-Logged-In
X-Backend
X-Pad
X-Served-By
X-Tumblr-Pixel-2
X-Cache-Status
X-Contextid
X-ServedBy
X-PC-Hit
X-PC-Key
X-Request-ID
X-Server
Powered-By
Upgrade
X-Host
X-CDN
Content-Encoding
X-FRAME-OPTIONS
X-Cache-Hit
X-Tumblr-Pixel-3
X-PC-AppVer
X-PC-Date
X-PC-Host
X-Port
X-Robots-Tag
X-Timer
X-Accel-Version
X-Varnish-Cache
SPRequestGuid
X-Cache-Lookup
X-Cnection
X-SharePointHealthScore
MicrosoftSharePointTeamServices
X-Rack-Cache
X-Amz-Cf-Id
X-Request-Country
MicrosoftOfficeWebServer
X-Server-Powered-By
X-MS-InvokeApp
X-Page-Speed
X-XRDS-Location
X-Safe-Firewall
Alt-Svc
X-Turbo-Charged-By
X-Content-Powered-By
CF-Cache-Status
X-AH-Environment
Rating
X-W-DC
X-Tumblr-Content-Rating
X-Wix-Renderer-Server
X-Seen-By
X-Wix-Request-Id
X-Node
X-Content-Digest
X-FullPageCaching
X-Tumblr-Pixel-4
X-Cache-Enabled
X-GitHub-Request-Id
Request-Id
X-Webserver
Public-Key-Pins
X-PhApp
Content-Security-Policy-Report-Only
X-INKT-SITE
X-INKT-URI
SPIisLatency
SPRequestDuration
Composed-By
X-Firenze-Processing-Times
Served-By
Timing-Allow-Origin
Cf-Railgun
X-Amz-Id-2
X-Amz-Request-Id
X-Proxy-Cache
Permitted-Cross-Domain-Policies
X-HeyJason
Liferay-Portal
X-Hyper-Cache
X-Spip-Cache
X-Styx-Version
X-Pantheon-Styx-Hostname
Surrogate-Key-Raw
X-Styx-Req-Id
X-Pantheon-Endpoint
Xkey
Access-Control-Max-Age
Access-Control-Expose-Headers
X-Server-Name
Charset
Surrogate-Key
X-Content-Security-Policy
X-Drupal-Dynamic-Cache
X-Swift-SaveTime
X-Swift-CacheTime
X-CF-Powered-By
Grace
X-Tumblr-Pixel-5
X-CDN-Pop-IP
X-CDN-Pop
EagleId
X-SERVER
Content-Script-Type
Content-Style-Type
X-XN-Trace-Token
X-XN-XNHTML
Access-Control-Allow-Method
X-FW-Hash
Refresh
X-Hits
Content-MD5
X-FB-Debug
X-Dw-Request-Base-Id
X-FW-Serve
X-FW-Static
X-FW-Type
X-Device
X-Clacks-Overhead
X-Tumblr-Adult-Blog
Public-Key-Pins-Report-Only
X-VCache
X-Fastly-Request-ID
X-LJ-Flow-ID
X-VWS-Id
X-AWS-Id
X-User-Agent
X-TNCMS
X-Loop
Real-Hostname
X-Jimdo-Instance
X-Jimdo-Wid
X-Cache-Config
X-Cache-Server
X-Backend-Server
X-Umbraco-Version
X-DDC-Arch-Trace
X-Url
X-Generated-By
X-Cache-Result
X-MiniProfiler-Ids
Edge-Control
X-LiteSpeed-Cache
X-Cloud-Trace-Context
X-HOST
Fastly-Debug-Digest
X-Hostname
X-Cached-By
X-Age
X-ServerName
X-Cached
Cartoon
X-Tumblr-Pixel-6
PageSpeed
X-Px
X-Cdn
X-Outils-CS
NS-RTIMER-COMPOSITE
WZWS-RAY
X-Powered-By-360WZB
Surrogate-Control
X-CMS-Version
X-Whom
Fpc-Cache-Id
X-DynaTrace-JS-Agent
Response
TCN
X-Sol
Display
X-Forwarded-For
X-Middleton-Response
X-Middleton-Display
X-DynaTrace
X-WebKit-CSP
X-Handled-By
Imagetoolbar
ServedBy
X-TTL
X-From
Product
Rt-Fastcgi-Cache
Front-End-Https
X-Msg-2-Log
X-Varnish-Cache-Hits
X-Content-Options
X-AspNetWebPages-Version
DynaTrace
X-Recruiting
X-Newrelic-App-Data
X-Country-Code
X-EC-Security-Audit
X-BC-Stapler
IBM-Web2-Location
X-URL
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Status
X-Varnish-Beresp-Ttl
X-Passed-To-DLL
X-Passed-To
X-Actual-URL
X-Original-Request
X-NetCat-Version
X-Returned-From
X-Returned-From-DLL
X-Do-Not-Hack
X-Micro-Cache
Fhost
X-Passed-To-PostProcessResponse
X-Returned-From-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Stale
Access-Control-Request-Method
X-Returned-From-BeforeDispatch
X-Platform
X-Hosted-By
X-LiteSpeed-Cache-Control
X-App-Hosting
X-Art-Request-Id
X-Varnish-Host
Alternate-Protocol
X-ApacheServer
X-FORWARDED-FOR
X-Content-Encoded-By
X-Servedby
X-Matrix-Proxy
X-Matrix-Server
X-Track
Generator
X-Expires-Orig
Origin
Akamai-IP
X-SRCache-Fetch-Status
X-SRCache-Store-Status
Page-Completion-Status
X-Origin
Powered
X-PERF
X-Varnish-TTL
X-Firenze-Processing-Time
X-CacheServer
X-Server-ID
X-I
X-Daa-Tunnel
X-UD-Method
Powered-By-ChinaCache
X-Location-Id
X-S
X-Magnolia-Registration
Host
X-Version
X-Varnish-Backend
Ag-Send-Time
X-Abuse
Ag-Server-Time
Ag-Execution-Time
X-Varnish-Cacheable
X-Engine
Magicmarker
X-Powered-By-VTEX-Janus-ApiCache
X-Cache-Rule
X-Powered-By-VTEX-Janus-Edge
X-VTEX-Cache-Status-Janus-Edge
ServerName
X-Vtex-Processado-Em:
X-Vtex-Remote-Cache
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processed-At
Server-Info
No
USPLoggingUUID
Content-Hash
X-I-Sp
Content-Disposition
X-BS
Surrogate-Keys
X-Microcachable
X-Cache-TTL
Content-Encoding-Handler
X-Gamma-Serve
X-Goog-Hash
Lsrequestid
X-Route-Server
X-ATG-Version
X-Source
X-Cache-Info
X-Duration
X-Request-Time
X-RESOURCE
X-URLSCHEME
X-Response-Time
X-Cache-Debug
MIME-Version
X-OneAgent-JS-Injection
X-Director
X-Cache-Age
X-B-Cache
X-Varnish-Seen-By
X-Varnish-RemainingTTL
X-DNS-Prefetch-Control
SN
X-Cache-Lifetime
X-Developer
X-Cache-Control-Orig
Edge-Control-Message
Content-Security-Policy-Rerport-Only
X-Geo-IP
X-Upstream
X-NoCache
X-Translation
X-Instart-Request-ID
X-Microcache-Status
X-Device-Type
X-Cache-Expires
Node
X-CJ-Soft
X-Varnish-Age
Version
X-SDS
Fastcgi-Cache
Location
X-Speed-Cache
X-Speed-Cache-Key
Proxy-Agent
X-Rocket-Nginx-Bypass
X-DefendeR-Runtime
X-DefendeR-Status
X-Cache-Operation
X-Storage
X-PwB-Node
X-Front
X-Cookie-Domain
X-N
Req-Id
Last-Published
X-Varnish-GracePeriod
X-Varnish-ObjectSource
X-FW
X-Varnish-RemainingLife
X-Geo-IP-Country
Proxy-Connection
Cache-Key
X-Geo-IP-Metro
X-Geo-IPV
Buuteeq-Source
X-Fastcgi-Cache
X-Geo-IP-Region
X-GeoIP-Country-Code
X-Varnish-Server
Arr-Disable-Session-Affinity
Retry-After
X-Zen-Fury
X-Drectory-Script
X-Revision
Nitro-Cache
X-GeoIP-Country-Name
X-Akamai-Device-Characteristics
X-Akamai-Device-Model
X-Time
ServerID
S
X-SV-Pid
X-SV-Nginx-Duration
PICS-Label
X-Server-Id
X-SV-FromDBCache
X-SV-CreatedAt
X-SV-Duration
X-ServerID
X-Processing-Time
Webluker-Edge
X-Powered-By-Server
X-SV-CacheTags
X-SV-Expires
X-SV-Edge
X-Mobilized-By
X-Cache-Tags
SEOMOZ
X-LB
RTSS
Cache
X-Content-Age
X-Hypernode
X-Client-IP
MJ12bot
X-Grace
CC-CACHE
X-Varnish-Count
X-Varnish-HitMiss
X-Platform-Processor
X-Kinsta-Cache
X-Platform-Router
X-UPSTREAM
Pics-Label
Accept-Charset
Srv
W
X-Server-Upstream
X-Dispatch
X-Vcap-Request-Id
X-Amz-Version-Id
X-Edge-Location
X-StackifyID
Filter-Revision
X-Varnish-IP
X-Correlation-Id
X-AOL-HN
X-Purge-URL
X-Varnish-Hits
X-Xrds-Location
X-Page-Cache
X-ACMCache
COMMERCE-SERVER-SOFTWARE
X-BKSrc
SVR
X-Real-Server
X-Config-Blacklist-Version
X-CDN-Cache-Status
Qs-Cache
X-CDN-Node
X-Orig-Vary
X-SE-Debug
Accept-Encoding
NODE
X-VARNISH-Cache
X-Yadis-Location
X-Cache-Key
X-Trace
Nodo
X-Yottaa-Metrics
X-Directory-Script
X-Yottaa-Optimizations
X-Nginx-Host
X-Ttl
X-NFE
X-Nhost
X-Nurl
NetMindSessionID
Id
HCVer
X-Framework
HAVer
Cm-Server
X-Nginx-Cache-Status
X-Processed-By
X-Platform-Cache
IISExport
X-Cache-Engine
X-Application-Context
X-WEBSERVER
Backend
X-Mobile-URL
Content-Transfer-Encoding
Frame-Options
X-App-Server
X-Purge-Host
AMF-Ver
X-TempDebug
X-Frontend
X-Cache-Doesi
Cached
X-Cocoon-Version
SSPAppContext
X-Varnish-Hostname
X-Blog
X-Server-Response-Time
Host-Service
Mobiquo-Is-Login
X-Empowered-By
Front
X-PG
A-Powered-By
X-Config-By
X-Member
X-ClientSide-Caching
X-IIJ-Cache
X-Worker
X-GeoIP
X-NginX-Cache
X-PF-Uncompressing
Pool-Info
X-NB-Cached-Page
X-Edge-IP
X-Machine-Name
Referrer-Policy
X-CDN-Forward
X-AbeBooks-Version
X-Sys-Req-ID
X-TTFB
CacheControlHeader
X-NginX-Upstream-Response-Time
X-SmugMug-Values
X-NginX-Upstream-Addr
X-ARC
Myheader
X-Plat
Smug-CDN
Author
X-Plat-Be-Ip
X-SmugMug-Hiring
X-Discourse-Route
X-NginX-Node
X-NginX-Upstream-Status
X-F-Cache
X-Prefetched
X-Env
X-Browser
X-Plat-Va-Ip
X-Resolver-IP
X-TTFB-L
SRV
X-Highwire-SessionId
X-Twitter-Response-Tags
X-Transaction
Allow
X-Connection-Hash
X-Supported-By
X-Flow-Powered
X-SmartBan-URL
X-SmartBan-Host
IM-Version
X-Debug
Section-Io-Id
X-Highwire-RequestId
X-Cf-Powered-By
X-Source-ID
Cneonction
X-NginX-Server
X-Client-Vid
X-Varnish-Debug-Age
Eomportal-Instance
X-Origin-Id
X-Nitra-Side
X-Client-Image-Vid
X-Grid-Server
X-EPiphany-Vid
Logging-CorrelationId
X-Session-Reinit
X-Dynatrace
X-Server-Start-Time
Rewriter
X-V
X-Amz-Storage-Class
WWW-Authenticate
X-WA-Info
X-Dns-Prefetch-Control
Ngpass-Vcall
X-Amz-Meta-S3cmd-Attrs
X-Dispatcher
Server-Name
X-Cache-Control
X-Analytics
X-Sucuri-ID
X-AOL-SNH
X-LW-Web-Server
WSR-Cache
X-Garden-Version
Backend-Timing
X-Vary-Options
X-Adobe-Loc
Thanks
X-Varnish-Debug-TTL
X-Adobe-Content
X-XTM-Node
X-EDGECONNECT-GUID-DEBUG
X-ORACLE-DMS-ECID
Ibf5scheme
X-Force
X-SRV
XDomainRequestAllowed
X-PRAM
Bios
X-NginX-Cache-Status
X-IsCacheURL
X-ID
X-Trace-Id
X-Varnish-Ttl
X-Symfony-Cache
X-Optimization
X-WR-Flags
X-Balanceador
X-Jphone-Copyright
CT
NLCacheNote
VAR-Cache
X-Domain-Checked
X-App-Status
X-Pagename
X-Provisioner-Version
X-BackendServer
A
Dynatrace
X-Hit-Cache
Head
X-LB-Server
X-HP-Trace-Project
X-HP-Trace-ID
BALANCEDTO
Ram
X-Distributed-By
X-Atraveo-Cache-Control
X-Atraveo-ETag
X-Atraveo-Varnish-Server-Id
X-Atraveo-Param-Rm
X-Atraveo-Expires
X-Atraveo-Set-Cookie
X-Atraveo-TTL
X-Atraveo-Zone
X-Vhost
X-Hiawatha-Cache
X-Airee-Node
Beyond-Iis
Noq
Cpu
MW-Webserver
X-Atraveo-From-Varnish-Cache
Mime-Version
X-Signature
X-Unique-Id
X-Real-IP
X-Webstats-RespID
X-JG-Page-Cache
CLMOB
S-Cnection
X-Esi
X-Hosts-Backend
Set-Cookie2
X-DTC
Sid
X-Avvio-Cms-Cacheload
X-Unique-ID
X-Key
X-MrHost
Keywords
Cmsid
ORIGIN
Cmstype
X-RiS-UFDI
X-Server-By
X-Captured
X-Cache-Fix
X-Cache-PageType
Cache-Rule
X-Nginx-Cache
CmsCacheEngine
X-DealerOn
P-WS
X-Dev
X-HTML-Minification-Powered-By
P-LB
X-Magento-Tags
Worker
X-Cms-Mode
X-Runtime-Affili
X-Varnish-Grace
X-HOSTNAME
SBGI-1
SBGI-10
SBGI-5
X-HW
MC
X-Id
X-ServerIndex
From
ServerSignature
X-Server-IP
Servername
SBGI-RealPath
SBGI-RenderTime
SBGI-7
X-Cache-Set
X-SV
SBGI-9
ServerTokens
SBGI-Device
X-Srv
X-Goog-Stored-Content-Encoding
X-Goog-Storage-Class
X-AISO-Server
X-Goog-Generation
X-SDE-Name
X-Goog-Stored-Content-Length
X-Goog-Metageneration
X-T3Cache
X-EdgeConnect-Origin-MEX-Latency
X-T3CacheTags
D
X-T3CacheInfo
X-Ob-Mode
X-EdgeConnect-MidMile-RTT
X-GUploader-UploadID
X-Varnish-Esi-Method
Web
If-Modified-Since
X-Appmachine-Environment
X-Cache-Level
DrivedBy
X-ASAP-Cache
X-Secret
X-Webcelerate
X-Clara-ASAP
X-B
X-NewRelic-App-Data
X-Pressidium-NinukisWP-Ver
X-Varnish-Store
Ctx
NnCoection
X-CB-Server
X-Varnish-Set-Cookie
X-Detected-Device
X-Turpentine-Cache
X-Varnish-Currency
X-Varnish-Esi-Access
OT-RequestId
X-Litespeed-Cache-Control
X-WP
X-Smartcache-Timeout
Imx-Cookies-Used
Backend-Node
X-APP
X-Smartcache-Keys
AsisCache
X-Restarts
X-FIRSTBase
Actual-Object-TTL
Real-Server
X-Backend-Name
MageStack-PageSpeed
MageStack-Debug
X-SSL-Protocol
X-SSL-Cipher
MageStack-Tag
MageStack-Config
X-Turpentine-Esi
X-Info
X-Rack-Cors
HitInfo
X-Fstrz
X-Varnish-RemainingGrace
X-Header
X-DOM
MageStack-Web-Node
MageStack-Loadbalancer
X-Upstream-Backend
X-Ser
MageStack-Cache-Status
MageStack-Cache-Lifetime
MageStack-Cacheable
X-Distributor
X-REDIRECTSERVER
MageStack-Area
MageStack-Cache
MageStack-Cache-Hits
X-7d-Trace-Id
Paypal-Debug-Id
X-Nginx
X-Remote-Addr
Access-Control-Request-Headers
X-Custom-Header
N365rili
Sophnep-Edge-FX
X-7d-Instance-Id
X-GSL-Server
X-We-Are-Hiring
ScoreTracker
X-Rebelmouse-Surrogate-Control
X-Rebelmouse-Cache-Control
Ksid
X-Response
X-Server-Instance
X-RDP
Warning
X-Unbounce-Variant
Prxy
X-Cache-On
Content-Server
VnhCdn-Status
B-Powered-By
BKREF
X-Desc
X-Actindo-RS
X-RequestId
X-Invoke-Duration
X-Environment
X-Platform-Server
Cluster-ID
X-B2f-Not-Route
X-Apm-Telemetry-Syncmark
X-Middleton-PageSpeed
X-Accel-Expires
Proxy-Cache
X-DSMX-Render-MS
X-DSMX-Rewrite-MS
Resin-Trace
X-Unbounce-PageId
Ec
X-Sov
Fw-Via
X-FastCGI-Cache
X-Cache-Var
X-Varnish-URL
X-Rot
Device-Type
X-Cache-Provider
X-MAT-GEO
X-Cache-Source
X-Unbounce-VisitorID
X-Lifetime
X-Cache-Var-Map
X-Site:
X-Phpwcms-Release
X-Cache-Node
NZSpeedy
X-Frames-Options
X-Phpwcms-Page-Processed-In
X-Enhanced-By
Description
INCOMING-TIME
Provider
Serverid
X-RealServer
M
Server-Ip
X-SeschatRedID
X-Rewritten-By
CommunityServer
Xc
X-VC-TTL
X-HostName
X-SeschatTemplateID
X-ManagedFusion-Rewriter-Version
X-Rack-CORS
X-Cluster-Node
X-Magento-Action
X-Seschat-URL
Content-Generator
X-4ormat-Cacheable
X-Artvisual-Server
WP-AdvCache-MemCached
X-SeschatDID
X-SeschatLayout
X-HITS
Il-Cl
GenSvr
X-OPNET-Transaction-Trace
X-Dw-Trace-Id
RequestId
X-Generated
X-DN-Cache-Control
X-DN-GyrobaseID
X-Hstore
Cteonnt-Length
X-Hrouter
X-Bcwwwid
X-Vhost-ID
X-FFX-B
X-AISO-Cacheable
X-AISO-Cache
SS
User-Agent
X-ESI-Enable
X-Amz-Id-1
X-Hcom-Styx-Info
X-Varnish-Action
WFE
Pool
X-Author
Copyright
Nginx-Cache
X-Span
X-Varnish-Backend-Healthy
X-Time-Microsecs
Atp-Isdpp
X-Tile-Url
X-Varnish-Error-Restart
T
X-CSRF-TOKEN
X-Render-Time
X-SID
X-ORACLE-DMS-RID
X-ASAP-Age
X-Proto
X-Oracle-DMS-ECID
X-Ocache
X-Gannett-Site-Version
X-FCMS-Cache
X-Server-Addr
X-Bypass-Ssl-Transform
X-Mobile
X-Src-Webcache
X-Is-Mobile
Accept-Language
X-EZPublish-NodeID
X-Search-Id
X-Pagely-Cache
Fastly-Restarts
X-Xhr-Current-Location
X-Hit
X-Depends
Max-Age
Ttl
X-Runtime-Memory
X-PBY
X-DataDome
X-EZPublish-InstallationID
Expiries
X-Varnish-Instance
X-AccessDev
X-W3TC-Minify
X-TB-M
X-Hosting
X-Stage
NS-VaryByCustom-Key
IsMobile
X-Distil-CS
X-DEBUG
VServer
Mto-License-Status
User-Cache-Control
X-ACCELERATE
X-Healthy
Server-Id
X-COUNTRY-CODE
PServer
X-Nbs
X-Clx-Request
X-App
X-Content-Security-Policy-Report-Only
X-Forwarded-Proto
X-GRACE
Apachenode
QC-Time
Debug-Status
Content
QC-Hit
QC-Key
X-Hosting-Env
WSCLoggingUUID
X-MSU-SOURCE
X-Node-Name
X-LW-T
X-OCTOPOD
X-OpenCart-Lightning
X-Ratelimit-Remaining
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-HAProxy
Vacache
X-WorkerInstancename
Kanooh-Host
Progma
AC-ELC
X-WR-MODIFICATION
X-A
VC-NoCache
X-Application
X-Box
X-Cache-Action
X-Nocache
TP-L2-Cache
E-TAG
X-Security
Expire
X-RequesterIP
TP-Cache
X-Cache-Extended
X-CDN-COMPRESS
X-Wikidot-Backend
X-WHOIS-Cached
X-Wikidot-Static-Cache
X-Wm-1
X-Wm-VIP
X-Timing
X-ProxyInstancename
X-Cluster-Host
X-Company
X-E
X-Litespeed-Tag
Hamster
X-HP-CAM-COLOR
X-BServer
X-BPool
X-Cacheable-TTL
X-Layout
X-T
Language
X-VARITI-CCR
X-Built-By
VANITY-HOST
X-Catalyst
X-Pubstack
X-UUID
X-Rq
X-This-Proto
X-EPiLogOnScreen-PostUrl
X-EPiLogOnScreen
CIPHER-NAME
RN-Server
X-PoweredBy
X-Domino-CacheValidationWithETagResult
X-Domino-CacheValidationWithETagReason
X-Title
X-ACLR-Version
X-IP-Address
X-Varnish-Cache-Local
EXT-CACHEEXPIRE
X-Venda-Hitid
X-Farm-Server
Url-Hash
X-Ar-Debug
Content-ID
Httpd-Identifier
Powerd-By
Og
Edgecast
At-Shoptype
Brandcast-Brand-Id
Brandcast-Load-Balancer
Cache-Status
MSSmartTagsPreventParsing
MSThemeCompatible
Hosted-By
AGI-Request-ID
MwpReleaseVersion
X-AG-MIPS
X-RSS-CACHE-STATUS
X-UA
X-Meta-MSThemeCompatible
X-Cache-Backend
X-Instance-Name
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-Not-Cacheable
At-Isb
Version-Epoch
SAVVIS
NtCoent-Length
Host-Name
Fastly-Backend-Name
Note
Http
PowerCDN
X-Would-Your-GrandPa-Wait
X-Your-GrandPa-Would-Wait
Apache
X-FreeTag-Count
Cdate
X-Protected-By
Cache-Control:
X-N-ViewType
RouteID
Session-Id
APP-VERSION
X-VhostID
X-PoolMember
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-SilverStripe-Cache
X-TTL-Age
X-Route
X-Flex-Tags
X-RateLimit-Remaining
X-Flex-Tag
X-Flex-Lastmod
X-Uid
X-PM-ID
X-Hash
X-Max-Age
X-Mii-Cache-Hit
X-Obr-Rule
X-Pb-Mii
X-Flex-Lang
X-Flex-Evstart
X-CCM
X-Beatles-Hits
X-Cms-Server
X-Does-He-Have-Time
Www.Aujourdhui.Com
X-ATP-Server
ServerIP
X-Flex-Evend
X-Flex-Community
Be
X-Device-Group
X-AWS
X-Gyrobase-Publication
X-Status
X-NewsFlow-DoCache
X-Firewall
X-Fedora-School-Id
Aurora-Node
X-Router-Backend
X-Old-Content-Length
X-RAMCache
X-BC
X-Router
X-UseReverse-Proxy
X-Faeria
X-Cache-2
X-Cache-Device-Type
X-Cache-Keep
X-Cache-TTL-Remaining
X-ETag
MageStack-Cache-Warning
X-Contact
X-Webapp
X-CacheResult
XDisk
X-Nginx-Request-Time
X-Ghost-Cache-Status
X-Jcms-Ajax-Id
X-NewsFlow-Sitename
X-Amz-Meta-Cb-Modifiedtime
X-Pj-Cache-Status
X-Cache-Me-Harder
X-Mod-Oboe-PS
X-VCS-Url
X-Zendesk-Origin-Server
Beon-Cache-Status
X-Logword
X-VCS-Ttl
X-VCS-Status
HA-Front
X-VCS-Host
Exires
X-VCS-Nrhit
Aoestatic
X-Zendesk-User-Id
X-Pixelsilk-Server
X-NewCloud-V-Cache
X-Beresp-Ttl
X-CACHE-TTL
Server-ID
X-Pixelsilk-Version
XX
X-VC-Enabled
X-Time-Spent
ReqUrl
X-VCS-Hit
X-VCS-Cacheable
X-Tags
X-PF-CACHE-FAILED
TMP
RSL-Trace-ID
X-SuperCache
Web-Head
X-Provided-By
X-Session-ID
X-Cache-Via
X-Site-Name
ResourceTag
X-Pageid
X-VCS-Cache-Server
X-DDM-SERVER-UPDATED
X-Magento-Lifetime
LB
Orgin-Server
Public-Extension
X-Tradeindia-Request-GUID
X-Tradeindia-SMgmt
X-VCS-Billing
Redirect
X-DDM-SERVER
X-PS-MURDOCK-ORIG-FILEEXT
X-Page
WebServer
X-Qnm-Cache
Debug-Cache-Control
Debug-Expires
X-Powered-By-Home.Pl
X-MCF-ID
HA-Urlpath
HA-Servedtime
NKBVHEADER
X-Location
X-Capoed
Foglight-Request-UUID
Rt-Proxy-Cache
X-Magento-Cache-Control
X-C
X-Magento-Cache-Debug
X-NMT-Proxy
X-Static
X-App-Runtime
X-Ants-Machine-Id
X-Pass-Through
Web-Server
X-TempoPesquisa
FastCGI-Cache
X-Ants-Host
HA-Ipaddr
HA-Host
X-AREQUESTID
X-9XB-Server
X-ASEN
X-AUSERNAME
X-CDN-Any-IP
X-WebNode
X-PS-MURDOCK-ORIG-PROTOCOL
X-Obj-Ttl
X-LOCATION
X-POPSUGAR-Server-Name
X-PS-MURDOCK-CASE-NORMALIZATION
X-Theme
X-Client-Ip
X-DeliveryServer
HA-Geocountry
HA-Geocity
HA-Geolat
HA-Geolon
HA-Georegion
HA-Cloudapp
X-Cache-Ttl
X-HASH
X-Geo
X-LS-DEBUG
X-ProcessESI
X-RemovedCookies
X-Nginx-Page-Cache
X-Pj-Cache-Key
ClientIP
X-FG-RequestId
F5-IpCliente
Gzip
V-Cache
X-Accel-Cache-Control
X-Batcache
X-Proxy-Cache-Key
X-Memcached
X-Server-Generated
X-Server-Instance-Name
X-FarmId
X-Feed
X-Requested-Page
X-Goog-Meta-Replace
X-Goog-Meta-Policy
X-Nginx-VM-RT
X-Test
X-SL-Norewrite
X-Matched-Rule
Svr
Dispatcher
OutputRewritten
X-Highwire-Sitecode
X-CO-Host
X-Mobile-Device
X-Powered-Developer
SiteName
X-IP
X-Expose-Hostname
X-MOBILE
X-Apache2-RT-MicroSec
X-Do-Esi
Fpc-Expire
X-MCB-Server
X-BeResp-Ttl
X-Cache-Handler
Pw-Value
X-Expose-Generated
LBC
X-TargSmaku
Served-From
REFRESH
X-AppServer-Cache-Rule
X-AppServer-Status
HOST-SERVICE
X-Expose-Took
LBVIS
Thinkindot-Control
Thinkindot-CacheControl-Type
X-Expose-Site
Thinkindot-CacheControl
X-SL-Notranslate
CD1
X-Original-Host
From-Origin
X-Pj-Cache-Expires
X-Pj-Cache-Flags
X-Pj-Cache-Gzip
X-HA
X-DB-Content-Length
X-JSESSIONID
WWW
X-Cache-Ua
X-Checkout
X-Content-Type
X-ESI
X-Pj-Cache-Time
Lookup-Cache-Hit
Content-Instance
X-Backend-TTL
X-Cache-ID
X-DEBUG-TTL
Cleartype
X-Varnish-Cache-Control
X-Powered-By-Anquanbao
X-ProcessTime
X-Reason-Bp
X-Transaction-Id
SLB
MageStack-Response-Ttl
X-Original-IP
Disablevcache
HostName
SERVER-IP
X-DynamicCache
DeleGate-Ver
WP-Cache
Machine
X-Cache-Why
DB-Nickname
X-Cache-Served
X-Content-Parsed-By
X-Compressed-By
X-Region
Origin-Server
X-Web-Node
X-Varnish-Max-Age
MageStack-Cacheable-Reason
"
X-NGINX-Cache
Ews
X-Request-Processing-Time
X-Request-Received
P
X-SATserver