Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
Link
X-AspNet-Version
X-Content-Type-Options
P3P
X-XSS-Protection
X-Cache
Age
X-Adblock-Key
Content-Language
X-UA-Compatible
X-Frame-Options
Via
Keep-Alive
CF-RAY
P3p
X-Template
X-Language
X-Check
X-Buckets
Content-Location
X-Varnish
X-Cacheable
Access-Control-Allow-Origin
X-Generator
Alternate-Protocol
X-Drupal-Cache
X-Ac
X-Hacker
WP-Super-Cache
Strict-Transport-Security
Status
X-Powered-By-Plesk
MS-Author-Via
X-AspNetMvc-Version
X-Request-Id
X-Runtime
X-Geo-Port
X-Geo
X-Pad
X-Powered-CMS
X-Mod-Pagespeed
X-Type
X-Pass-Why
X-Cache-Group
Access-Control-Allow-Credentials
Ngpass-Ngall
X-Xss-Protection
X-Logged-In
MicrosoftOfficeWebServer
X-Cache-Hits
X-Host
X-UA-Device
X-Cache-Lookup
Host-Header
X-Server
X-Proxy-Cache
X-Iinfo
X-Via
MicrosoftSharePointTeamServices
Access-Control-Allow-Headers
X-Tumblr-Pixel
X-Tumblr-User
X-Tumblr-Pixel-0
X-Backend
Access-Control-Allow-Methods
SPRequestGuid
X-Tumblr-Pixel-1
X-SharePointHealthScore
X-Sorting-Hat-ShopId
X-Rack-Cache
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-ShopId-Cached
X-Dc
X-Sorting-Hat-PodId
X-Robots-Tag
X-Served-By
X-CF-Powered-By
X-XRDS-Location
X-Varnish-Cache
X-ShopId
X-ShardId
X-Accel-Version
X-Alternate-Cache-Key
X-ContextId
X-CDN
X-ServedBy
X-MS-InvokeApp
X-Tumblr-Pixel-2
X-Cnection
X-Seen-By
X-Safe-Firewall
Content-Encoding
X-BC-Is-HA
X-INKT-URI
X-INKT-SITE
X-Hostname
X-PC-Hit
X-PC-Key
X-Webserver
X-PC-Host
X-PC-AppVer
X-PC-Date
X-PhApp
Content-Security-Policy-Report-Only
X-FullPageCaching
X-Cache-Hit
X-Page-Speed
Composed-By
Served-By
X-Port
X-AH-Environment
Cartoon
X-FRAME-OPTIONS
X-Tumblr-Pixel-3
X-W-DC
Public-Key-Pins
X-Cache-Status
X-Firenze-Processing-Times
X-Amz-Cf-Id
X-Age
X-XN-Trace-Token
X-XN-XNHTML
X-HeyJason
Cf-Railgun
Request-Id
X-Wix-Renderer-Server
X-Wix-Request-Id
X-Spip-Cache
X-Wix-Dispatcher-Cache-Hit
Content-Security-Policy
X-Powered-By-360WZB
SPIisLatency
SPRequestDuration
Liferay-Portal
X-Served-From-Cache
CF-Cache-Status
X-Amz-Id-2
X-Content-Digest
Content-Style-Type
Content-Script-Type
X-Amz-Request-Id
X-Styx-Build-Sha
X-Styx-Build-Num
X-Pantheon-Endpoint
X-Pantheon-Styx-Hostname
X-Styx-Build-Date
X-Styx-Req-Id
X-Styx-Version
X-Umbraco-Version
X-Timer
X-Server-Name
X-SERVER
Powered-By
X-Clacks-Overhead
X-Cache-Server
Rating
X-Cache-Info
X-Hyper-Cache
X-DynaTrace
X-Turbo-Charged-By
X-Cache-Enabled
X-Device
X-Request-ID
TCN
X-Outils-CS
X-Tumblr-Pixel-4
Real-Hostname
X-TN-ServedBy
DynaTrace
X-Loop
X-PHP-Engine
X-VCache
X-Cache-Resuilt
X-Cached-By
X-Px
X-Microcachable
X-CDN-Geo
X-CDN-Geo-IP
X-CDN-Any-IP
X-PersistenceNode
X-TNCMS
X-FB-Debug
X-Cached
X-Forwarded-For
X-Tumblr-Content-Rating
X-Url
NS-RTIMER-COMPOSITE
X-Hits
X-Generated-By
Refresh
Imagetoolbar
Access-Control-Max-Age
Ms-Author-Via
Product
Charset
Powered-By-ChinaCache
X-Backend-Server
X-From
X-FW-Hash
X-Tumblr-Pixel-5
X-Loc
X-FW-Type
X-FW-Static
X-Content-Security-Policy
X-FW-Serve
X-Matrix-Proxy
X-Matrix-Server
IBM-Web2-Location
Magicmarker
Page-Completion-Status
X-CMS-Version
X-Content-Encoded-By
X-DynaTrace-JS-Agent
X-Permitted-Cross-Domain-Policies
X-Mobilized-By
X-Zephyr
Response
X-Jimdo-Pid
X-Jimdo-Wid
ServedBy
CC-CACHE
X-User-Agent
X-Node
X-DDC-Arch-Trace
Thanks
X-SDS
Ngpass-Vcall
X-Content-Options
X-Swift-CacheTime
X-Middleton-Response
X-Middleton-Display
X-Sol
Display
X-Swift-SaveTime
X-MiniProfiler-Ids
X-Version
Generator
X-Cache-Config
Grace
X-App-Hosting
X-I
Access-Control-Request-Method
Vacache
X-Powered-By-Anquanbao
X-Director
X-Purge-Host
X-Varnish-TTL
Node
X-Firenze-Processing-Time
PICS-Label
X-AspNetWebPages-Version
X-Processed-By
X-WebKit-CSP
X-Whom
X-Micro-Cache
X-ApacheServer
X-Cache-Expires
X-URL
X-UD-Host
X-UD-Method
X-Expires-Orig
Content-Disposition
X-W3TC-Minify
X-Varnish-Host
Host
X-Cache-Debug
X-Hosted-By
X-Purge-URL
Lsrequestid
X-DNS-Prefetch-Control
RTSS
Edge-Control
Content-Encoding-Handler
X-Country-Code
SID
X-Original-Request
X-ATG-Version
X-Handled-By
Retry-After
X-Cache-Result
X-FORWARDED-FOR
Surrogate-Control
X-Varnish-Backend
X-Passed-To-BeforeDispatch
X-Returned-From-BeforeDispatch
X-Returned-From-DLL
X-Returned-From-PostProcessResponse
Accept-Encoding
X-Passed-To-PostProcessResponse
X-Passed-To-DLL
X-Actual-URL
X-Passed-To
X-Instart-Request-ID
MIME-Version
X-Returned-From
Alt-Svc
Proxy-Agent
VAR-Cache
COMMERCE-SERVER-SOFTWARE
X-Nitra-Side
X-TTL
Pics-Label
Set-Cookie2
X-PwB-Node
X-PF-Uncompressing
X-NoCache
X-Duration
Proxy-Connection
X-Xrds-Location
X-PERF
X-Tumblr-Pixel-6
Fpc-Cache-Id
ServerName
X-CJ-Soft
X-App-Status
S
X-Varnish-IP
X-Cookie-Domain
IISExport
X-Varnish-Cacheable
Rt-Fastcgi-Cache
X-FW
X-Varnish-Hits
X-Yadis-Location
X-Location-Id
X-Varnish-Cache-Hits
X-Stale
X-Track
Cache
X-Speed-Cache-Key
X-SRV
X-Speed-Cache
Srv
X-Drectory-Script
X-Front
X-ServerID
SN
Fhost
WWW-Authenticate
Version
AMF-Ver
Webluker-Edge
X-Varnish-Age
Req-Id
X-Amz-Meta-S3cmd-Attrs
ServerID
X-Cache-Age
X-FIRSTBase
Accept-Charset
X-S
NODE
X-Directory-Script
X-GeoIP-Country-Code
X-Cdn
X-Art-Request-Id
X-GeoIP-Country-Name
Filter-Revision
X-Cache-Control-Orig
SEOMOZ
X-LiteSpeed-Cache
X-Cache-Rule
MJ12bot
Cm-Server
Location
Front-End-Https
Upgrade
X-Distil-CS
Powered
X-ACMCache
X-Ttl
X-Cache-Lifetime
X-App
Buuteeq-Source
X-Device-Type
X-Microcache-Status
X-Time
X-Translation
X-BackendServer
X-Vary-Options
X-Domain-Checked
X-Provisioner-Version
X-ServerName
X-Varnish-Beresp-Grace
X-SN
X-Gamma-Serve
X-Cache-CFC
X-Varnish-Beresp-Ttl
X-Session-Reinit
X-Varnish-Beresp-Status
A-Powered-By
Qs-Cache
Nodo
X-Blog
Server-Name
Id
X-Trace
PageSpeed
X-Cache-TTL
X-Cache-Operation
Dispatcher
Content-Transfer-Encoding
Warning
X-Do-Not-Hack
X-Trace-Cache
X-Response-Time
X-Distributed-By
X-HOST
LBVIS
X-Varnish-Server
X-N
Cache-By-Node
X-WR-Flags
X-SBGI-Cache-Codes
X-Server-Id
X-Geo-IP
X-ID
S-Cnection
X-Symfony-Cache
X-CHSN
X-Varnish-Count
X-Highwire-SessionId
X-Varnish-HitMiss
X-Highwire-RequestId
NetMindSessionID
-GCR
X-Orig-Vary
ORIGIN
MIH-PUBLIC-IDENTIFIER
X-Secret
X-Vtex-Processed-At
X-VTEX-Cache-Status-Janus-Edge
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processado-Em
X-Vtex-Remote-Cache
X-Powered-By-VTEX-Janus-Router
X-Powered-By-VTEX-Janus-ApiCache
X-Info
X-AOL-SNH
X-Cocoon-Version
No
X-Frontend
X-Powered-By-VTEX-Janus-Edge
X-Country
X-Old-Content-Length
Apache
XX
X-Src-Webcache
X-Varnish-Action
MIH-PLATFORM
Machine
NLCacheNote
Website-Info
Cteonnt-Length
X-Bettercache-Proxy
X-Adobe-Content
MIH-CLIENT-FARM
Server-Info
Backend
X-Id
CT
REFRESH
W
X-Geo-IP-Metro
Last-Published
X-FreeTag-Count
X-Powered-By-Server
X-Srv
X-Geo-IP-Country
X-Geo-IPV
X-Server-ID
X-Geo-IP-Region
X-LIGHTHTTP-PCDID
X-Object-Id
X-Recruiting
X-Object-Type
X-Cache-Set
X-Who
X-Developer
X-WebServer
X-ChromeLogger-Data
Content-MD5
X-Nginx-Cache
SVR
From
X-Empowered-By
Origin
X-BS
Pool
Progma
NtCoent-Length
X-Cluster-Node
Cxy-All
Beyond-Iis
X-Edge-Location
X-Yottaa-Optimizations
X-Yottaa-Metrics
X-ClientSide-Caching
X-Debug
X-Origin-Id
X-Cache-On
X-Machine-Name
BM-Cache-Node
X-UPSTREAM
X-UD-Target
X-ServerCache-Info
X-Resolver-IP
X-Cache-Control
X-UD-REMOTE-ADDR
BM-Cache-Status
Access-Control-Expose-Headers
BM-Cache-Key
X-UD-Loopcounter
X-ManagedFusion-Rewriter-Version
X-Rewritten-By
X-Frames-Options
X-Cache-Action
X-Gannett-Site-Version
ScoreTracker
X-Sys-Req-ID
X-UseReverse-Proxy
X-Router
X-Router-Backend
X-Webapp
TP-L2-Cache
X-Source-ID
X-PRAM
X-Force
X-Remote-Addr
MW-Webserver
X-Engine
Cneonction
X-SDE-Name
X-Req-Host
X-Header
TP-Cache
XDomainRequestAllowed
CommunityServer
X-NginX-Server
X-Expires
X-Oracle-DMS-ECID
X-REDIRECTSERVER
X-Grid-Server
LBC
X-CACHE-TTL
X-Amz-Id-1
X-Libra-UpstreamHost
X-Accel-Expires
Spiislatency
Sprequestduration
X-Render-Time
No-Cookie
X-CacheServer
X-Flow-Powered
HCVer
HAVer
X-I-Sp
X-DTC
SiteName
X-FFX-B
X-Turbo-Control
X-Response
X-Farm-Server
X-ATM-RTime
X-Beatles
X-ESI-Enable
X-Env
Rt-Server
WFE
X-Loopia-Cache
Provided-Host
Muha
X-ATM-RServer
X-ORACLE-DMS-ECID
NnCoection
X-Ruxit-Js-Agent
Cmsid
X-Wily-Servlet
X-Max-Age
Before
Cmstype
X-Garden-Version
X-WorkerInstancename
X-Atraveo-Varnish-Server-Id
After
ServerConfigManager.WebBugTracker
ExecuteNonQuerySQLParam
X-Atraveo-TTL
X-Wily-Info
X-Atraveo-Cache-Control
Server-N
X-Atraveo-From-Varnish-Cache
SRV
X-Atraveo-NC
Render
Tpt.Renderer
IsFullSiteRequest
Tpt.Renderer1
X-Nginx-Host
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
X-TTFB-L
Sid
LFY
X-Client-Vid
X-Abuse
Cache-Rule
X-Dev
X-Real-Server
Edgecast
X-SmugMug-Hiring
X-TTFB
X-SV
X-Enhanced-By
X-Download-Options
SFY
Smug-CDN
X-SmugMug-Values
X-N-ViewType
X-Uid
X-EPiphany-Vid
X-Kirra-SiteId
X-Varnish-Debug-Age
X-Stage
Servername
X-Webobjects-Loadaverage
X-Storage
X-Seschat-URL
X-Pagename
X-Hit-Cache
X-SeschatTemplateID
Pool-Info
CacheControlHeader
Front
X-SeschatRedID
X-SeschatLayout
X-SeschatDID
X-SilverStripe-Cache
X-Server-Instance
X-WR-MODIFICATION
X-7d-Traceid
X-7dig
Author
X-Li-Pop
X-7d-Version
X-LI-UUID
X-Cache-Doesi
X-Varnish-ID
X-Built-By
X-Cache-Ttl
X-Drupal-Cache-Tags
X-SSL
X-T3CacheTags
X-T3Cache
X-Is-Mobile
X-LB
Www.Mirrorgate.Se
X-FS-UUID
Worker
Www.Myjob.Se
X-App-Server
X-Webstats-RespID
INCOMING-TIME
X-Actindo-RS
Cluster-ID
X-Grace
X-Powered
X-Vhost-ID
FROM-SERVER
Hamster
X-Jphone-Copyright
X-Cms-Mode
BM-CountryCode
Publisher
Accept-Language
Www.Mabracertifiering.Se
WP-AdvCache-MemCached
X-Goog-Hash
SIP
X-Varnish-Device
Cache-Ctrol
Web-Server
BM-Cache-Bypass
Aoestatic
Xonnection
X-Plat
X-Server-IP
X-APP
X-OPNET-Transaction-Trace
X-B2f-Not-Route
X-Client-IP
P3P:CP
Open.Jobgate.Se
Sophnep-Edge-FX
SS-Request-ID2
Test.Executivepeople.Se
Jobb.Passal.Se
Jobb.Gil.Se
X-EPiLogOnScreen-PostUrl
X-EPiLogOnScreen
X-Vhost
X-Li-Fabric
Jobb.Assistentpoolen.Se
X-MCB-Server
X-CID
X-Fastcgi-Cache
X-Powered-By-Srv
X-Hash
Mobiquo-Is-Login
Arr-Disable-Session-Affinity
X-Content-Age
X-Ar-Debug
X-CCC
X-Nhost
X-NFE
Mime-Version
X-ProxyInstancename
Content-Instance
CACHED-RESPONSE
F-In-Cache
X-Venda-Hitid
X-GC-App
X-GC-Read
Ms
X-DefendeR-Status
X-Twitter-Response-Tags
X-GC-Write
X-DefendeR-Runtime
X-Transaction
X-Connection-Hash
X-Content-Security-Policy-Report-Only
X-Web-Node
X-CacheTTL
X-IP-Address
X-Dynamic
X-NginX-Cache
B-Powered-By
X-Backend-IP
X-Artvisual-Server
X-Brought-To-You-By
X-Trace-App
SB-Cache-Version
X-Catalyst
X-Varnish-Debug-Hits
X-ACCELERATE
X-Invoke-Duration
X-DSMX-Rewrite-MS
X-Amz-Version-Id
X-Channel-Maxage
Copyright
BrandBucket-Domain
X-Powered-Developer
X-Block
WEBO
X-Origin
X-PvInfo
X-DSMX-Render-MS
X-Edge-IP
X-PM-ID
X-Unbounce-VisitorID
Backend-Name-Original
X-Pageid
X-Unbounce-Variant
X-Revision
X-Unbounce-PageId
X-FCMS-Cache
X-Apple-Translated-Wo-Url
X-Apple-Orig-Url
X-Apple-Jingle-Correlation-Key
X-Prerender-Token
X-Hstore
X-Middleton-PageSpeed
X-MobileDetected
X-Hrouter
X-EdgeRouter
X-DELIVERYSERVER
X-IP
X-DeliveryServer
X-SERVER-ID
X-DPWN-IS-SECURE
X-Apple-Aka-Ttl
X-Apple-Application-Instance
X-Apple-Application-Site
Apple-Timing-App
X-Ec-Custom-Error
X-Node-Name
Tracker
X-Apple-ATS-Cache-Key
X-Apple-Partner
X-Ants-Machine-Id
X-Akamai-Device-Characteristics
X-IDS-WS
X-D-Time
X-Monstercache-Host
X-Generation-Time
OutputRewritten
X-Monstercache-Hash
X-Domino-CacheValidationWithETagResult
X-DB-Content-Length
SS
X-DC-Origin-IP
X-AISO-Server
X-Domino-CacheValidationWithETagReason
ResourceTag
X-Monstercache-Timeout
X-S-Misc
X-Varnish-ServiceNetIP
X-Varnish-Hashed-On
Ozcache
PServer
X-WLD-LB
X-Confluence-Request-Time
X-HOSTTYPE
CP
X-Mobile
Public-Extension
X-AISO-Cacheable
Backend-Host
X-Fallback
Ksid
Esi-Enabled
X-Foresight-Air
X-Foresight-Customresponse
Allow
Secured
X-UType
X-Healthy
BALANCEDTO
X-BKSrc
Cpu
X-EntryPoint
Unique-Request-Id
X-TLServer
X-App-Container
X-AISO-Cache
NZSpeedy
X-WA-Info
Bs-Header
Ec
X-MSEdge-Ref
WP-Cache
X-Planisys-CDN-Rules
Host-Service
X-Planisys-CDN-Cache
X-TempDebug
X-Site
X-RequesterIP
X-RSS-CACHE-STATUS
D
X-Flex-Community
X-Flex-Evend
X-Flex-Evstart
Nitro-Cache
X-Key
Thinkindot-Control
UNIQUE-ID
Thinkindot-CacheControl-Type
Thinkindot-CacheControl
X-Flex-Tags
Provider
X-Flex-Tag
X-Instance
X-GeoIP-Country
X-Flex-Lang
X-Flex-Lastmod
Language
X-SATserver
X-Cached-Status
Noq
X-CCM
Z-NginxStatus
Ram
X-Author
X-Wikidot-Static-Cache
X-Wikidot-Backend
X-USERNAME
X-GSL-Server
X-RateLimit
Nodeid
X-Magnolia-Registration
X-Node-ID
SV-Duration
X-This-Proto
Redirect
If-Modified-Since
X-ARR
MachineName
X-Your-GrandPa-Would-Wait
X-Dynatrace
X-Would-Your-GrandPa-Wait
X-VhostID
RayEngine
X-CMS-Powered-By
X-Node-Id
MGIT
MwpReleaseVersion
OGHopCount
X-Varnish-Restarts
X-Varnish-Debug-Pool-Fetch
X-Client-Addr
Fastcgi-Cache
X-ACLR-Version
Tracecode
X-Cache-Via
Test
Dynatrace
X-Varnish-Debug-Pool-Recv
X-CDN-Node
X-CDN-Cache-Status
Ibf5scheme
X-WP
X-Varnish-Debug-Varnish-TTL-Set-From-Server
MageStack-Config
X-Cookie
X-Cache-Extended
X-Cookie-Request-Debug
X-Cookie-Response-Debug
X-V-Outer
X-B
X-V-TTL
Tempo
SBMCLOUD
Ttl
UniqueName
DB-Nickname
X-V-I-TTL
X-Frontal
Description
X-Gondor-Server
Keywords
Url-Hash
Server-IP
X-Varnish-Currency
X-Varnish-Cookie-Debug
X-Var-Hash
X-Ocache
X-Req-Url
X-T
X-UA-Profile
Masquerade
MageStack-Tag
X-Serendipity-InterfaceLang
X-Req-Counter
X-Serendipity-InterfaceLangSource
X-Time-Microsecs
X-Varnish-Max-Age
CtExclusions
X-Provided-By
X-Cluster-ID
X-Highwire-Cache
X-GitHub-Request-Id
X-Hit
X-Client-Id
X-Aberdeen-Site
X-Aberdeen-Cache
MageStack-Debug
X-Created
MageStack-Loadbalancer
MageStack-PageSpeed
MageStack-Response-Ttl
MageStack-Cacheable
MageStack-Cache-Status
MageStack-Area
XDisk
MageStack-Cache
MageStack-Cache-Hits
MageStack-Cache-Lifetime
X-Highwire-Sitecode
X-Compressed-By
WebDevSrc
X-Environment
X-ErrorPage
X-Request-Time
X-Nucleus-Cache
X-Magento-Lifetime
X-NID
X-HW
X-Origin-Cache
X-AccessDev
X-Backend-Status
ServerIP
IsMobile
AcceptLangage
CountryCode
X-Magento-Action
X-Hostingcenter
X-HP-CAM-COLOR
X-Static-Version
X-Server-Generated
X-Request-Count
At-Isb
X-Prefetched
X-Upstream
X-Process-Time
X-Compressor
X-Fett
Www.Aujourdhui.Com
X-Server-Node
Railo-Version
X-ESI
X-Cache-Backend
Xc
X-Rack-Cors
X-Checkout
X-Cached-Until
X-Ratelimit
X-T3CacheInfo
X-Hosting
X-ELC-Checkpoint4
X-Dokk-PortalId
X-HA
X-Cookie-Store
X-Cached-On
X-Url-Store
X-Monstercache
X-TTL-Age
X-Test
X-Uplex
X-Route
X-Cache-Host
Orgin-Server
X-WHOIS-Cached
Rewriter
Il-Cl
User-Updated-At
X-ENV
X-GeoIP
X-Purge-Level
X-SERVERID
Rt-Proxy-Cache
Be-Va
Be-Ip
X-Allow-Redis
X-Upstream-Time
Hotelbookingid
X-ProcessESI
X-RemovedCookies
X-TAProxy
Max-Age
Server-Optimized-By
X-Device-Group
X-Mii-Cache-Hit
X-Cache-Key
X-ATP-Server
X-Nocache
X-Pb-Mii
CorrelationVector
Is-Tablet
Is-Wireless-Device
Mobile-Browser
Is-Mobile
Device-Os-Version
Ajax-Preferred-Geoloc-Api
Device-Os
Mobile-Browser-Version
Physical-Screen-Height
Viewport-Width
-Onnection
Viewport-Initial-Scale
Resolution-Width
Physical-Screen-Width
Resolution-Height
X-Mod
Gzip
Requested-Host
X-MidCOM-Meta-Cache
Atp-Isdpp
At-Shoptype
Head
Timing-Allow-Origin
X-VG-WebCache
X-Rot
ClientIP
F5-IpCliente
X-AG-MIPS
SLB
X-Source
X-Sov
User-Id
Protected-By
X-Crafted
X-Request-Received
X-Server-By
X-App-Reload-Settings
Foglight-Request-UUID
X-PoolMember
Access-Ip
X-PageID
ProxiaInstanceId
X-Litespeed-Cache
CData
Time
X-CMS
X-Accelerated-By
SSPAppContext
Content
X-Request-Processing-Time
Webserver
DrivedBy
Content-Cache
Disaptch-Cache-Rule
X-Panel-Name
X-Panel-Id
Encoding
X-Daa-Tunnel
X-AMAZEEIO
X-Built-With
Access-Control-Allow-Origin:
X-Gyrobase-Publication
Content-ID
X-Ants-Host
Sigma
X-R4L-VHOST
X-Rq
X-TISSERVER
TIMESTAMP
HGR-NOCACHE
X-Cdn-View
X-Mobile-Device-Type
X-Webbins-Node
SAVVIS
X-Benchmark-Sphinx
OriginServer
X-Logword
X-Benchmark-Db
X-RAMCache
Noahs-Classifieds
X-Mobile-Device
X-Benchmark-Cache
KinteraFilter
X-Forwarded-Proto
X-Benchmark-Sphinx-Count
X-Restarts
X-Stackable-Node
X-Backend-Name
X-Powered-By-Home.Pl
X-Debug-Serve
X-Fpc
X-Ruxit-JS-Agent
X-Varnish-Hostname
X-Distributor
X-We-Are-Hiring
Device
AMFplus-Ver
Robots
X-Benchmark-Total
X-Bcwwwid
X-Src-Loadbalancer
X-UserAgent
X-Esi
C-TTL
Server-Hostname
X-CDN-Version
X-FRONT-TTL
X-Cacheable-TTL
X-Locale
X-IP-BE
X-NewRelic-App-Data
Cleartype
X-BServer
X-BPool
User-Cache-Control
SL-NOREWRITE-REDIRECTS
X-Avvio-Cms-Cacheload
X-Cachable
X-AppServer-Status
X-Path
WEB-CLUSTER-NODE