Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
Link
X-Pingback
P3P
X-Content-Type-Options
X-XSS-Protection
X-AspNet-Version
X-Cache
X-Frame-Options
Content-Language
Age
CF-RAY
X-UA-Compatible
X-Adblock-Key
Via
Keep-Alive
X-Template
X-Language
X-Check
X-Varnish
Strict-Transport-Security
X-Buckets
Access-Control-Allow-Origin
Content-Location
X-Cacheable
X-Generator
X-Drupal-Cache
Status
X-AspNetMvc-Version
X-Hacker
X-Ac
X-Powered-By-Plesk
MS-Author-Via
X-Request-Id
X-Runtime
WP-Super-Cache
X-Type
X-Pass-Why
X-Cache-Group
P3p
X-Powered-CMS
Ngpass-Ngall
X-Pad
X-Mod-Pagespeed
X-Cache-Hits
Host-Header
Access-Control-Allow-Credentials
X-UA-Device
X-Iinfo
X-Logged-In
Content-Security-Policy-Report-Only
X-Backend
X-Via
X-ShopId
X-ShardId
X-Alternate-Cache-Key
X-Dc
Access-Control-Allow-Headers
Access-Control-Allow-Methods
X-Host
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Tumblr-User
X-Server
X-Tumblr-Pixel-1
X-ServedBy
X-CDN
X-ContextId
X-Served-By
X-Request-ID
MicrosoftOfficeWebServer
X-Served-From-Cache
X-Tumblr-Pixel-2
X-Cache-Hit
X-PC-Key
X-PC-Hit
X-Robots-Tag
X-Cache-Lookup
X-Port
Content-Security-Policy
MicrosoftSharePointTeamServices
X-Rack-Cache
X-PC-Host
X-Request-Country
X-PC-AppVer
X-PC-Date
SPRequestGuid
X-SharePointHealthScore
X-Varnish-Cache
X-Accel-Version
X-BC-Is-HA
Content-Encoding
X-XRDS-Location
X-MS-InvokeApp
Powered-By
X-Safe-Firewall
X-Tumblr-Pixel-3
X-Page-Speed
X-Sucuri-ID
X-Cnection
X-AH-Environment
X-Webserver
X-PhApp
X-Ua-Compatible
X-Amz-Cf-Id
X-Seen-By
X-Wix-Renderer-Server
X-INKT-SITE
X-INKT-URI
X-Wix-Request-Id
X-FullPageCaching
X-Cache-Status
X-W-DC
X-Turbo-Charged-By
Composed-By
CF-Cache-Status
X-Firenze-Processing-Times
X-Timer
Served-By
Request-Id
X-Content-Digest
X-GitHub-Request-Id
Upgrade
SPIisLatency
Public-Key-Pins
SPRequestDuration
X-Pantheon-Endpoint
X-Pantheon-Styx-Hostname
X-Styx-Version
X-Styx-Req-Id
Rating
Liferay-Portal
X-Amz-Id-2
X-Node
X-Amz-Request-Id
X-Cache-Enabled
X-Spip-Cache
X-Tumblr-Content-Rating
X-XN-Trace-Token
X-XN-XNHTML
X-Tumblr-Pixel-4
X-Hyper-Cache
X-Server-Name
X-HeyJason
Permitted-Cross-Domain-Policies
Content-Script-Type
X-Proxy
Cf-Railgun
Content-Style-Type
X-SERVER
X-CF-Powered-By
X-Proxy-Cache
X-Cache-Info
X-FB-Debug
X-Clacks-Overhead
Alternate-Protocol
Public-Key-Pins-Report-Only
Charset
X-Cache-Server
X-CDN-Geo
X-CDN-Geo-IP
X-CDN-Any-IP
X-Hits
Refresh
X-Cached-By
X-Content-Powered-By
X-Powered-By-360WZB
X-Umbraco-Version
Cartoon
X-Cache-Result
Timing-Allow-Origin
X-Content-Security-Policy
X-VCache
X-FW-Hash
X-Device
Real-Hostname
X-TN-ServedBy
X-Loop
X-FW-Serve
X-FW-Type
X-FW-Static
X-Cached
X-Age
X-Px
X-DynaTrace-JS-Agent
X-Hostname
X-Microcachable
X-PersistenceNode
X-TNCMS
X-Permitted-Cross-Domain-Policies
X-Tumblr-Pixel-5
X-Fastly-Request-ID
X-Backend-Server
Access-Control-Max-Age
NS-RTIMER-COMPOSITE
X-Swift-SaveTime
X-Swift-CacheTime
EagleId
Alt-Svc
X-Url
X-ChromeLogger-Data
X-Outils-CS
X-Generated-By
TCN
X-Geo
X-Jimdo-Pid
X-Jimdo-Wid
X-Geo-Port
X-User-Agent
Grace
X-Cache-Config
X-Varnish-Backend
X-MiniProfiler-Ids
X-Varnish-TTL
X-DDC-Arch-Trace
X-Whom
X-CMS-Version
Proxy-Connection
X-DynaTrace
X-From
Response
X-Msg-2-Log
Page-Completion-Status
Content-MD5
Magicmarker
X-URL
X-Varnish-Cacheable
Imagetoolbar
X-Styx-Build-Sha
X-Styx-Build-Date
X-Styx-Build-Num
X-Middleton-Display
Display
X-Sol
X-Middleton-Response
X-Forwarded-For
X-Content-Encoded-By
Generator
X-Micro-Cache
ServedBy
X-Content-Options
Product
X-WebKit-CSP
IBM-Web2-Location
X-Matrix-Proxy
X-Matrix-Server
Fpc-Cache-Id
Surrogate-Control
Fastly-Debug-Digest
X-Expires-Orig
X-Handled-By
ServerName
X-Hosted-By
X-FORWARDED-FOR
X-Server-Powered-By
Rt-Fastcgi-Cache
X-Tumblr-Pixel-6
X-ServerName
X-Country-Code
X-AspNetWebPages-Version
DynaTrace
Powered-By-ChinaCache
X-App-Hosting
X-Firenze-Processing-Time
X-ARC
X-Beta
X-HOST
X-AWS-Id
X-VWS-Id
X-Gateway
X-LJ-Flow-ID
Access-Control-Request-Method
X-TTL
X-Director
X-Version
X-Mobilized-By
X-Processed-By
X-I
X-Original-Request
X-Passed-To
X-Returned-From
X-Passed-To-DLL
X-Returned-From-DLL
X-Actual-URL
X-Art-Request-Id
Content-Hash
Cxy-All
X-Passed-To-BeforeDispatch
X-ApacheServer
X-Returned-From-BeforeDispatch
X-Returned-From-PostProcessResponse
X-Passed-To-PostProcessResponse
X-Instart-Request-ID
PageSpeed
Proxy-Agent
X-SDS
X-Stale
X-LiteSpeed-Cache
Retry-After
Node
X-S
X-Cache-Rule
Pics-Label
Lsrequestid
Content-Encoding-Handler
X-ATG-Version
X-UD-Method
X-Track
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-Cache-TTL
X-Nitra-Side
X-Varnish-Cache-Hits
X-Varnish-Host
RTSS
Fhost
Powered
X-Download-Options
Content-Disposition
CC-CACHE
SID
X-FW
X-PERF
X-Cache-Age
X-Time
X-Duration
X-Gamma-Serve
MIME-Version
X-Varnish-Age
X-Drupal-Dynamic-Cache
X-NoCache
X-CacheServer
Akamai-IP
X-Route-Server
ServerID
X-Cache-Debug
X-Cache-Expires
X-Location-Id
SN
X-Xrds-Location
X-Varnish-Hits
Thanks
X-Powered-By-Server
X-Client-IP
X-Vtex-Remote-Cache
X-Powered-By-VTEX-Janus-Edge
VAR-Cache
X-Powered-By-VTEX-Janus-ApiCache
No
X-VTEX-Cache-Status-Janus-ApiCache
X-Vtex-Processado-Em:
X-VTEX-Janus-Router-Backend-App
X-VTEX-Cache-Status-Janus-Edge
X-Vtex-Processed-At
X-Front
X-Cookie-Domain
Location
X-Srv
X-CJ-Soft
X-Purge-Host
X-Speed-Cache
Ngpass-Vcall
Cache
Edge-Control
X-Cache-Control-Orig
Buuteeq-Source
X-PwB-Node
Server-Info
X-ServerID
Host
X-Varnish-IP
X-DNS-Prefetch-Control
X-GeoIP-Country-Code
X-Do-Esi
X-GeoIP-Country-Name
X-BS
NODE
X-I-Sp
X-Response-Time
X-CDN-Cache-Status
X-CDN-Node
X-Varnish-Hostname
X-Amz-Meta-S3cmd-Attrs
X-App-Status
X-Cache-Operation
X-Server-ID
X-Frontend
X-Speed-Cache-Key
Accept-Charset
X-Goog-Hash
NtCoent-Length
X-PF-Uncompressing
X-Yadis-Location
X-Grace
Srv
X-Distil-CS
Accept-Encoding
X-Cf-Requestid
IISExport
X-Recruiting
X-Purge-URL
PICS-Label
X-Abuse
X-Cache-Tags
BDQID
Origin
Qs-Cache
BDPAGETYPE
BDUSERID
X-Upstream
Access-Control-Expose-Headers
LBVIS
Front-End-Https
X-Blog
NetMindSessionID
X-ACMCache
X-Device-Type
Filter-Revision
Frame-Options
X-Domain-Checked
X-Session-Reinit
A-Powered-By
X-Provisioner-Version
X-N
X-Geo-IP
Webluker-Edge
X-Drectory-Script
X-Translation
X-Developer
X-Yottaa-Metrics
X-Yottaa-Optimizations
COMMERCE-SERVER-SOFTWARE
X-Fastcgi-Cache
X-Microcache-Status
S
Cm-Server
Last-Published
Server-Name
Arr-Disable-Session-Affinity
X-Trace-Cache
X-Trace
X-Magnolia-Registration
X-Server-Id
X-Do-Not-Hack
X-Highwire-SessionId
Backend
X-SmartBan-URL
X-App
X-Highwire-RequestId
X-SmartBan-Host
X-Ttl
X-Libra-UpstreamHost
X-Powered-By-VTEX-Janus-Router
Author
X-ClientSide-Caching
X-Storage
X-WA-Info
X-FIRSTBase
X-WR-Flags
X-Directory-Script
X-Cocoon-Version
Req-Id
X-SRV
X-Real-Server
X-Engine
X-DefendeR-Runtime
X-DefendeR-Status
X-SCProxy
Sfy
Lfy
X-Geo-IP-Country
X-Geo-IP-Metro
X-Litespeed-Cache
X-Sys-Req-ID
X-Geo-IP-Region
X-Varnish-Debug-Age
X-Debug
X-Geo-IPV
X-Src-Webcache
Id
WWW-Authenticate
X-Adobe-Content
X-Adobe-Loc
X-UPSTREAM
X-Orig-Vary
Encoding
X-Distributed-By
Version
X-Cache-Control
X-Daa-Tunnel
Content-Transfer-Encoding
X-Pagename
X-Forwarded-Proto
X-WEBSERVER
X-Varnish-Server
CacheControlHeader
Nodo
X-TempDebug
Set-Cookie2
X-Edge-Location
SVR
X-BackendServer
Cache-By-Node
Mobiquo-Is-Login
X-Bettercache-Proxy
X-Source
X-EDGECONNECT-GUID-DEBUG
SiteName
X-Analytics
Backend-Timing
X-W3TC-Minify
S-Cnection
HCVer
HAVer
X-Distributor
X-NetCat-Version
X-Grid-Server
X-Resolver-IP
X-Varnish-Action
X-Object-Type
X-Object-Id
X-Secret
XDomainRequestAllowed
LBC
SRV
X-ID
Beyond-Iis
X-Balanceador
X-Content-Age
X-Id
X-Cache-Lifetime
X-TTFB-L
Smug-CDN
X-Env
X-TTFB
X-Prefetched
X-SmugMug-Hiring
X-SmugMug-Values
X-VTEX-Janus-SO
CT
X-Origin
X-Server-Instance
Fastcgi-Cache
X-Empowered-By
Hamster
MW-Webserver
X-SRCache-Fetch-Status
X-SE-Debug
X-Vary-Options
X-Uid
X-Origin-Id
X-Amz-Storage-Class
X-Machine-Name
X-Cache-CFC
MIH-PUBLIC-IDENTIFIER
X-SRCache-Store-Status
Web-Server
MIH-PLATFORM
MIH-CLIENT-FARM
X-Full-URL
X-PRAM
X-Nginx-Host
X-Garden-Version
X-JG-Page-Cache
X-Force
NLCacheNote
X-Varnish-Debug-TTL
X-Gannett-Site-Version
X-FreeTag-Count
X-Edge-IP
X-Req-Host
X-Old-Content-Length
X-Source-ID
AMF-Ver
Pool-Info
X-NFE
X-Nurl
X-Nhost
X-SV-Nginx-Duration
X-Cache-Action
X-Server-IP
X-SV-Pid
X-SV-CreatedAt
X-SV-CacheTags
X-SV-Duration
X-SV-Edge
X-SV-FromDBCache
X-SDE-Name
X-Amz-Version-Id
X-AOL-SNH
CLMOB
X-LB
X-Atraveo-From-Varnish-Cache
X-Optimization
X-Atraveo-Set-Cookie
X-Atraveo-TTL
X-Atraveo-Param-Rm
X-Atraveo-Expires
X-Amz-Id-1
X-Cache-Keep
X-AISO-Cacheable
X-AISO-Server
X-Cache-TTL-Remaining
WP-AdvCache-MemCached
X-AISO-Cache
X-Unbounce-PageId
X-Unbounce-Variant
X-Unbounce-VisitorID
X-Atraveo-ETag
X-CacheResult
X-Atraveo-Varnish-Server-Id
X-Revision
X-Atraveo-Zone
X-Cache-On
X-Atraveo-Cache-Control
X-Dynatrace
V-RESP
X-NginX-Cache
SSPAppContext
X-AWS
X-Rocket-Nginx-Bypass
X-Framework
X-NginX-Server
X-Client-Vid
X-Phpwcms-Page-Processed-In
ORIGIN
X-Varnish-Esi-Method
X-Varnish-Esi-Access
X-Cache-Key
Nitro-Cache
X-Phpwcms-Release
X-Cookie
Keywords
X-EPiphany-Vid
X-Symfony-Cache
X-Test
W
X-VTEX-Janus-Processado
From
X-Expires
X-Detected-Device
X-Varnish-HitMiss
Host-Service
B-Powered-By
ScoreTracker
X-PHP-Engine
X-Varnish-Count
X-REDIRECTSERVER
X-Stage
X-Varnish-Grace
X-Real-IP
Cneonction
X-Captured
X-Accel-Expires
Accept-Language
X-Nginx-Cache
X-Turpentine-Esi
TP-L2-Cache
Description
TP-Cache
X-Jphone-Copyright
X-Varnish-Ttl
X-Processing-Time
X-Varnish-Currency
X-Varnish-Seen-By
Worker
X-Dev
X-Varnish-RemainingGrace
X-Varnish-RemainingTTL
X-Cms-Mode
X-DTC
WFE
Apache
X-ASAP-Cache
X-Key
X-Clara-ASAP
X-Span
X-N-ViewType
Ksid
X-Max-Age
X-J-Proxy
Cache-Rule
OT-RequestId
X-BLSR-COST
Open.Jobgate.Se
P3P:CP
Www.Myjob.Se
Www.Mirrorgate.Se
Www.Mabracertifiering.Se
Test.Executivepeople.Se
X-Plat
Jobb.Passal.Se
X-Response-Status
X-J-Proxy-Servername
X-Cache-Served
X-ESI-Enable
X-FFX-B
Jobb.Gil.Se
Jobb.Assistentpoolen.Se
BM-Cache-Bypass
X-J-Proxy-Hostname
X-Powered
X-Is-Mobile
X-CID
X-B-Cache
ServerIP
X-CCC
X-GSL-Server
X-Hit-Cache
X-Environment
X-Invoke-Duration
X-Response
Ttl
X-Webstats-RespID
Debug-3-1
X-SSL
Sophnep-Edge-FX
FROM-SERVER
X-Site:
X-APP
Hash
Sss
X-Hypernode
X-Kirra-SiteId
X-B2f-Not-Route
Cluster-ID
X-VAge
X-Actindo-RS
Cache-Ctrol
X-Cache-Doesi
X-TYPO3-Pid
X-Info
X-Remove-Cookie
BM-Cache-Node
BM-Cache-Key
X-Apm-Telemetry-Syncmark
X-Middleton-PageSpeed
X-ServerIndex
X-Varnish-Bot
SS
X-Varnish-Store
Mime-Version
X-Obvious-Info
X-XTM-Node
Tk
X-Dispatch
X-Obvious-Tid
X-Page-Cache
X-Frames-Options
SBGI-RenderTime
SBGI-RealPath
SBGI-Device
X-NewRelic-App-Data
X-Platform
Device
X-Worker
X-Ruxit-JS-Agent
X-Platform-Router
X-Platform-Processor
SBGI-7
SBGI-9
SBGI-5
X-Powered-By-Anquanbao
SBGI-1
SBGI-10
Ibf5scheme
X-7d-Instance-Id
X-ATM-RServer
Sid
X-MrHost
No-Cache
PROPSON-FARM
X-ATM-RTime
BALANCEDTO
X-7d-Trace-Id
Allow
Myheader
X-Full-Url
X-Remote-Addr
X-Rot
X-DSMX-Rewrite-MS
X-DSMX-Render-MS
SIP
X-PHP-Response-Code
X-DN-Cache-Control
X-GUploader-UploadID
X-SilverStripe-Cache
X-Varnish-URL
X-Goog-Generation
X-Appmachine-Environment
X-Header
X-Sov
X-Goog-Metageneration
X-Goog-Stored-Content-Length
X-Goog-Stored-Content-Encoding
X-Goog-Storage-Class
X-Discourse-Route
X-Smartcache-Timeout
X-ORACLE-DMS-ECID
Progma
X-Webkit-CSP
X-GeoIP
X-SERVER-ID
Warning
X-Cache-Ttl
X-SV
RATING
Microsoftsharepointteamservices
X-Smartcache-Keys
X-Dispatcher
X-Oracle-DMS-ECID
X-B
Nginx-Cache
Xc
Copyright
BM-Cache-Status
NnCoection
X-WP
X-Cache-Original-TTL
X-WorkerInstancename
X-HITS
X-IsCacheURL
X-Twitter-Response-Tags
X-Transaction
Vacache
X-DPWN-IS-SECURE
Fastly-Backend-Name
CpuTime
X-Connection-Hash
X-This-Proto
X-Flow-Powered
X-Sharepointhealthscore
Content-Instance
Bs-Header
INCOMING-TIME
X-4ormat-Cacheable
X-Ms-Invokeapp
Y-Trace
Edgecast
X-Built-By
X-BC
X-Ec-Custom-Error
X-PBY
X-Rack-Cors
X-LW-Web-Server
X-Status
X-Turpentine-Cache
X-Nginx
PServer
X-Node-Name
MachineName
Nodeid
X-Hosts-Backend
Machine
If-Modified-Since
X-ProxyInstancename
Language
Prxy
X-CCM
X-Render-Time
X-Domino-CacheValidationWithETagResult
X-Domino-CacheValidationWithETagReason
Imx-Cookies-Used
X-T
-GCR
X-Cache-Backend
Section-Io-Id
X-WR-MODIFICATION
X-Ocache
X-Varnish-Set-Cookie
Fw-Via
X-Frontal
Sprequestguid
X-SeschatLayout
X-Fw-Static
X-Fw-Hash
X-Fw-Serve
X-IP-Address
X-Fw-Type
Ews
Server-N
X-Cache-Engine
Provider
Connecion
X-Hit
CommunityServer
NZSpeedy
X-Ob-Mode
X-Route
X-Seschat-URL
X-R4L-VHOST
X-Gyrobase-Publication
X-Cache-Set
X-SeschatTemplateID
X-Ar-Debug
X-SeschatRedID
X-SeschatDID
X-Cache-Via
X-Block
X-SayCDN-TTL
X-Edge-V
X-TTL-Age
X-Request-Received
X-SayCDN-Original-UA
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-SayCDN-UA
X-Config-By
X-Channel-Maxage
X-B2f-Cache-Load
XDisk
X-Venda-Hitid
X-View
X-Would-Your-GrandPa-Wait
HOST-SERVICE
X-Time-Microsecs
X-Time-Spent
X-Trace-App
X-ServedByHost
X-Router
X-Say-Cacheable
X-Ratelimit
X-Say-Original-Host
X-VTEX-Janus-System
X-Say-Original-IP
Acdc-Web
X-Pixelsilk-Version
WP-Cache
SERVER-IP
X-OPNET-Transaction-Trace
X-Your-GrandPa-Would-Wait
Mto-License-Status
E-TAG
X-Say-Original-UA
X-SayCDN-Original-Path
X-SayCDN-Original-Host
X-Accel-Cache-Control
X-Router-Backend
X-Pixelsilk-Server
X-MCB-Server
X-UseReverse-Proxy
Backend-Name-Original
Il-Cl
X-Webapp
X-Say-Original-URL
X-Say-TTL
X-Request-Processing-Time
SL-NOREWRITE-REDIRECTS
Server-Ip
Pool
Access-Control-Request-Headers
Rewriter
Esi-Enabled
X-Search-Id
X-Origin-Server
X-ACCELERATE
X-Medium-Entity-Type
X-Medium-Entity-Id
X-EZPublish-InstallationID
X-EZPublish-NodeID
X-Healthy
X-ESI
Og
X-Author
X-Avvio-Cms-Cacheload
Cpu
X-Wikidot-Static-Cache
X-GC-Pointer
X-GC-Read
X-GC-Write
X-GC-App
X-Compressed-By
X-FCMS-Cache
X-Enhanced-By
X-Gondor-Server
X-HOSTTYPE
Noq
X-Webobjects-Loadaverage
X-Wikidot-Backend
X-USERNAME
X-App-Server
X-AOL-HN
Ram
X-II
X-Instance
X-Box
X-Compressor
X-DELIVERYSERVER
X-Cache-Extended
X-Content-Security-Policy-Report-Only
V-Age
Www.Aujourdhui.Com
X-ManagedFusion-Rewriter-Version
X-Nucleus-Cache
X-ServerCache-Info
Requested-Host
X-Sc-Path
X-Sc-Cache
X-Rewritten-By
Tempo
Server-Optimized-By
Server-Id
SV-Duration
X-Ct-Info
X-AppServer-Cache-Rule
Real-Server
Foglight-Request-UUID
X-Fallback
X-EntryPoint
X-Tile-Url
Tracker
X-WebKit-CSP-Report-Only
X-LS-DEBUG
X-Esi
X-Request-Count
X-Static-Version
X-VG-WebCache
RequestId
Sprequestduration
X-HostName
Spiislatency
HostGen
X-Benchmark-Sphinx-Count
X-Benchmark-Total
X-Benchmark-Sphinx
X-Benchmark-Db
X-Server-By
X-Benchmark-Cache
X-PageID
Servername
X-CB-Server
X-Cache-Fix
X-Cache-PageType
X-Tags
X-Server-Addr
X-Backside-Transport
X-Varnish-Instance
X-Webcelerate
BackendServer
X-Aberdeen-Site
User-Agent
X-Backend-Ip
X-JSESSIONID
ClientIP
X-Made-Cache-Ttl
X-LB-Server
X-Aberdeen-Cache
Be-Va
Be-Ip
Countrycode
X-Cluster-Node
X-Global-Transaction-ID
X-Highwire-Cache
X-GeoIP-Country
X-Platform-Cache
X-Highwire-Sitecode
X-HA
Ec
X-Hiring
Cteonnt-Length
CtExclusions
X-Hosting
X-Country
Surrogate-Key
X-Pageid
X-Pb-Mii
DrivedBy
Fpc-Expire
GenSvr
WebServer
F5-IpCliente
SINA-TS
X-PURGE-Server
X-Uplex
Atp-Isdpp
Thinkindot-CacheControl
Gzip
X-Atraveo-Accept-Language
X-Magento-Action
X-Magento-Lifetime
X-ATP-Server
X-Web-Node
X-Varnish-ServiceNetIP
Thinkindot-CacheControl-Type
X-Newrelic-App-Data
X-Artvisual-Server
X-BE
X-Trace-Id
X-HeBS-Cache-Status
X-Varnish-Hashed-On
X-Purge-Level
X-Vhost-ID
X-HW
SINA-LB
X-Device-Group
X-Runtime-Memory
X-Mii-Cache-Hit
X-Flex-Tags
X-We-Are-Hiring
X-Pressidium-NinukisWP-Ver
X-Powered-By-Home.Pl
X-Node-Id
X-Pagely-Cache
X-Panel-Id
X-Panel-Name
Aoestatic
X-Flex-Tag
X-Flex-Evend
X-Flex-Community
Svr
X-Ghost-Cache-Status
X-Flex-Evstart
X-Flex-Lang
X-Flex-Lastmod
Full-Page-Cache
Head
Thinkindot-Control
X-RequesterIP
X-Hitfpm
IsMobile
X-NMT-Proxy
X-Provided-By
Web-Head
X-AccessDev
X-ACLR-Version
X-BKSrc
X-Airee-Node
X-RAMCache
X-Origin-Cache
DPOOL-HEADER
X-Feature
X-EPiLogOnScreen-PostUrl
Apple-Itunes-App
X-PHP
X-Obr-Rule
X-NID
Redirect
X-Cache-Host
X-Cache-Me-Harder
X-EdgeConnect-Cache-Status
X-T3Cache
X-Webbins-Node
X-T3CacheTags
X-Varnish-Restarts
X-Varnish-Debug-Pool-Fetch
X-Varnish-Debug-Pool-Recv
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-MobileDetected
X-Martin
Publisher
RouteID
RSL-Trace-ID
X-EdgeRouter
HA-Front
X-Hstore
X-Hrouter
X-Frame-Option
X-EPiLogOnScreen
DNNOutputCache
MageStack-Cache-Status
MageStack-Cache-Lifetime
MageStack-Cache-Hits
MageStack-Config
MageStack-Debug
MageStack-Tag
MageStack-PageSpeed
MageStack-Loadbalancer
MageStack-Cache
MageStack-Area
X-Amz-Meta-Cb-Modifiedtime
X-Bcwwwid
X-Catalyst
Rt-Server
Content-Cache
X-Varnish-Cookie-Debug
Akamai-Edgescape
MageStack-Web-Node
MageStack-Cacheable
X-Cluster-Host
X-Rq
X-Rack-CORS
X-VhostID
Access-Control-Allow-Origin:
X-IDS-WS
X-Dynamic
X-Esi-Processing
X-Cacheable-TTL
X-Delivered-By
X-BPool
X-Backend-Name
X-Brought-To-You-By
X-BServer
Hostname
X-IP
X-HOSTNAME
X-SERVERID
X-IIJ-Cache
X-RemovedCookies
X-SID
X-ProcessESI
Login-Required
X-MOBILE
X-RE-Ref
X-Cms-Server
Sunucu
Dynatrace
SBMCLOUD
X-Jcms-Ajax-Id
X-Page-Id
X-Pj-Cache-Status
Noahs-Classifieds
X-LTM-ID
X-Varnish-GW-Backend
Cached
X-Server-Generated
X-Allow-Redis
X-Server-Instance-Name
X-Memcached
X-Built-With
Lookup-Cache-Hit
OutputRewritten
X-HTML-Minification-Powered-By
X-Document-Guid
X-Document-Folder-Guid
X-Document-Guid-Path
X-Document-Path
X-Document-Tracking-Type
X-ServerCache-Key
X-ServerCache-Source
TotalTime
X-Varnish-Max-Age
X-Cache-Node
X-Fe
X-CDNZZ-FCACHE
X-UA-Vendor
X-Server-Upstream
X-Accelerated-By
B2C-HG-008
X-Cookie-Request-Debug
X-Cookie-Response-Debug
X-Mod
X-Client-Addr
X-Ants-Machine-Id
X-DealerOn
X-CO-Host
X-ETag
X-GETTER-Cache
X-Lima-Id
X-KoobooCMS-Version
X-AOESTATIC-FETCH
RVBD-CSH:
Robots
MtcHosted
UniqueName
X-Timestamp
X-Trans-Id
X-Proxy-Route
X-Xhr-Current-Location
Cmsid
Aurora-Node
Cmstype
MwpReleaseVersion
X-Ants-Host
X-Machine
Url-Hash
IM-Version
X-ZSITES-DNS
At-Isb
At-Shoptype
DB-Nickname
AC-ELC
X-SL-Notranslate
X-SATserver
X-TargSmaku
Content
Content-ID
X-Orig-Host
X-MCF-ID
X-CPU-Time
X-F-Cache
X-Farm-Server
X-LOCATION
MSSmartTagsPreventParsing
MSThemeCompatible
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-Meta-MSThemeCompatible
X-PressLabs-Stats
X-KO-Site-Id
X-Goog-Meta-Replace
NodeId
Strict-Transport-Security:
X-Goog-Meta-Policy
X-COUNTRY-CODE
X-Boot
X-Kinja-Build
X-Kinja
X-Geo-Segment
X-Cdn-Fetch
X-Kinja-Revision
X-Kinja-Server
X-T3CacheInfo
X-UIN
X-SRVID
X-D-Time
X-FE
X-Ec2-Vpc
X-9XB-Server
X-Application-Context
X-B3-Traceid
Kp-EeAlive
Kanooh-Host
X-Generation-Time
X-S-Misc
Xonnection
X-SL-Norewrite
X-UA
BX-Cache
BX-TTL
FX-Cache
FX-Forwarded-For
X-Server-Node
X-PROCESSED-BY
X-Pardot-Rsp
X-PC3-Control
X-PC3-Time
FX-TTL
X-Debug-Serve
Activity-Id
Http
Orgin-Server
X-Cachable
X-InDy-Time
X-InDy-Query
X-Cluster
X-ENV
X-InDy-Memory
X-Pardot-Route
X-Pardot-LB
X-AVG
X-AVG-REWRITE
X-Confluence-Request-Time
X-Debug-Token
X-AG-MIPS
RlogId
AGI-Request-ID
Hosted-By
Railo-Version
X-EBAY-C-REQUEST-ID
X-PoweredBy
X-Content-Parsed-By
X-Lang
X-Node-ID
X-Obj-Ttl
Powered-By-VeryCDN
Instapage-Variant
X-RSS-CACHE-STATUS
Disablevcache
HostName
X-FarmId