Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-Frame-Options
X-XSS-Protection
X-Pingback
X-Cache
X-AspNet-Version
Content-Language
Age
CF-RAY
X-UA-Compatible
Strict-Transport-Security
Via
X-Adblock-Key
Access-Control-Allow-Origin
X-Varnish
X-Language
X-Template
X-Check
X-Buckets
X-Generator
X-Cacheable
X-Drupal-Cache
Content-Location
X-AspNetMvc-Version
X-Hacker
P3p
X-Ac
X-Powered-By-Plesk
X-Request-Id
X-Type
X-Pass-Why
X-Cache-Group
MS-Author-Via
X-Runtime
WP-Super-Cache
X-Cache-Hits
X-Powered-CMS
Status
X-Permitted-Cross-Domain-Policies
Host-Header
Ngpass-Ngall
X-Download-Options
X-ShopId
X-Dc
X-Alternate-Cache-Key
X-ShardId
Access-Control-Allow-Credentials
X-UA-Device
Keep-Alive
Content-Security-Policy
X-Request-ID
Access-Control-Allow-Headers
X-Iinfo
X-Via
Access-Control-Allow-Methods
X-Tumblr-Pixel
X-Tumblr-User
X-Tumblr-Pixel-0
X-Mod-Pagespeed
X-Logged-In
X-Tumblr-Pixel-1
X-Served-By
X-Backend
X-Pad
Upgrade
X-Contextid
X-Tumblr-Pixel-2
X-ServedBy
X-PC-Key
X-PC-Hit
Powered-By
X-Cache-Status
X-Host
X-CDN
X-Xss-Protection
X-Server
X-Cache-Hit
Content-Encoding
X-PC-AppVer
X-PC-Date
X-PC-Host
X-Port
X-Tumblr-Pixel-3
X-Timer
X-Robots-Tag
X-Accel-Version
X-Varnish-Cache
X-Cache-Lookup
X-Amz-Cf-Id
X-Rack-Cache
X-Server-Powered-By
X-Cnection
SPRequestGuid
X-Request-Country
MicrosoftSharePointTeamServices
X-SharePointHealthScore
MicrosoftOfficeWebServer
Alt-Svc
X-Turbo-Charged-By
X-Safe-Firewall
CF-Cache-Status
X-Page-Speed
X-MS-InvokeApp
X-Content-Powered-By
X-XRDS-Location
X-AH-Environment
Rating
X-Node
X-Tumblr-Content-Rating
X-Content-Digest
X-Cache-Enabled
X-GitHub-Request-Id
X-Tumblr-Pixel-4
Public-Key-Pins
X-PhApp
X-FullPageCaching
Timing-Allow-Origin
Request-Id
X-Webserver
Content-Security-Policy-Report-Only
X-INKT-URI
X-INKT-SITE
X-Ua-Compatible
X-Seen-By
X-Wix-Renderer-Server
X-Wix-Request-Id
Composed-By
SPIisLatency
SPRequestDuration
X-Proxy-Cache
X-SERVER
Served-By
X-HeyJason
X-Firenze-Processing-Times
Permitted-Cross-Domain-Policies
Cf-Railgun
X-W-DC
X-Amz-Id-2
X-Amz-Request-Id
Liferay-Portal
X-Swift-SaveTime
X-Swift-CacheTime
EagleId
Access-Control-Expose-Headers
X-Pantheon-Endpoint
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
X-Styx-Version
X-Hyper-Cache
Surrogate-Key-Raw
X-Spip-Cache
X-Drupal-Dynamic-Cache
Xkey
X-Nginx-Cache-Status
Access-Control-Max-Age
X-Content-Security-Policy
Charset
X-Server-Name
Surrogate-Key
Grace
X-Tumblr-Pixel-5
X-CDN-Pop-IP
X-CDN-Pop
Content-Script-Type
X-Hits
Content-Style-Type
Access-Control-Allow-Method
X-FW-Hash
X-Dw-Request-Base-Id
Content-MD5
X-FB-Debug
X-FW-Static
X-FW-Type
X-FW-Serve
X-XN-XNHTML
X-XN-Trace-Token
X-Device
X-VCache
Public-Key-Pins-Report-Only
X-Fastly-Request-ID
X-CF-Powered-By
X-Backend-Server
Refresh
X-User-Agent
X-Clacks-Overhead
X-VWS-Id
X-LJ-Flow-ID
X-AWS-Id
X-TNCMS
Real-Hostname
X-Loop
X-LiteSpeed-Cache
X-Tumblr-Adult-Blog
X-DDC-Arch-Trace
X-Cache-Config
X-Cache-Server
X-Age
X-Jimdo-Wid
X-Jimdo-Instance
Fastly-Debug-Digest
X-ServerName
X-Cache-Result
X-Cloud-Trace-Context
X-Tumblr-Pixel-6
X-Generated-By
X-Umbraco-Version
Edge-Control
X-MiniProfiler-Ids
X-Cached-By
X-Cached
Surrogate-Control
WZWS-RAY
X-Powered-By-360WZB
Cartoon
X-DynaTrace-JS-Agent
X-URL
X-Px
NS-RTIMER-COMPOSITE
PageSpeed
Fpc-Cache-Id
X-Outils-CS
X-DynaTrace
X-Whom
X-Hostname
X-CMS-Version
DynaTrace
TCN
X-Newrelic-App-Data
X-Url
X-WebKit-CSP
Product
Response
X-Servedby
X-BC-Stapler
Imagetoolbar
X-Handled-By
Display
X-Sol
Rt-Fastcgi-Cache
X-Middleton-Response
X-Middleton-Display
X-AspNetWebPages-Version
Front-End-Https
ServedBy
X-Content-Options
Origin
X-Forwarded-For
X-From
X-FORWARDED-FOR
X-Varnish-Cache-Hits
X-TTL
X-Recruiting
Edge-Control-Message
X-Msg-2-Log
X-Do-Not-Hack
Access-Control-Request-Method
X-Micro-Cache
X-NetCat-Version
Akamai-IP
X-Engine
X-Cdn
X-Country-Code
Fhost
X-EC-Security-Audit
X-Matrix-Proxy
X-Matrix-Server
Server-Info
X-LiteSpeed-Cache-Control
X-Returned-From
X-Passed-To
X-Original-Request
X-Returned-From-DLL
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
X-UD-Method
X-Actual-URL
X-Passed-To-DLL
Generator
X-Varnish-Beresp-Grace
X-Returned-From-BeforeDispatch
X-Stale
Referrer-Policy
X-Passed-To-PostProcessResponse
X-Returned-From-PostProcessResponse
Alternate-Protocol
X-Passed-To-BeforeDispatch
X-Hosted-By
Page-Completion-Status
X-Content-Encoded-By
X-Cache-Info
X-I
IBM-Web2-Location
X-App-Hosting
X-Track
X-Expires-Orig
X-Cache-Rule
Surrogate-Keys
X-I-Sp
X-BS
X-ApacheServer
X-Varnish-Backend
X-PERF
Host
X-Director
X-Daa-Tunnel
X-Magnolia-Registration
X-Platform
X-Firenze-Processing-Time
Content-Encoding-Handler
X-Xrds-Location
X-Varnish-Host
X-Server-ID
X-CacheServer
X-Location-Id
X-Duration
X-S
X-Abuse
X-DNS-Prefetch-Control
X-Art-Request-Id
MIME-Version
Powered-By-ChinaCache
X-Microcachable
Powered
X-SRCache-Fetch-Status
X-Gamma-Serve
Magicmarker
X-Response-Time
X-SRCache-Store-Status
X-Varnish-TTL
X-Dispatcher
Ag-Server-Time
X-Goog-Hash
Content-Disposition
Ag-Send-Time
Ag-Execution-Time
X-Varnish-Cacheable
X-Request-Time
X-Cache-Age
ServerName
X-Origin
X-RESOURCE
X-Vtex-Remote-Cache
X-VTEX-Janus-Router-Backend-App
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-ApiCache
X-URLSCHEME
No
X-Vtex-Processado-Em:
X-Vtex-Processed-At
X-Powered-By-VTEX-Janus-Edge
X-Version
X-VTEX-Cache-Status-Janus-ApiCache
X-SDS
X-Cf-Powered-By
X-Last-Modified
X-ATG-Version
X-Varnish-RemainingTTL
X-Varnish-ObjectSource
X-Varnish-RemainingLife
X-Varnish-Seen-By
X-Device-Type
X-Varnish-GracePeriod
X-Microcache-Status
USPLoggingUUID
X-Translation
X-Cache-TTL
X-Cache-Debug
X-Developer
X-Varnish-Age
Lsrequestid
X-HOST
X-B-Cache
Proxy-Agent
X-Rocket-Nginx-Bypass
X-Cache-Operation
Fastcgi-Cache
X-Zen-Fury
X-AOL-HN
X-Storage
ServerID
X-Fastcgi-Cache
X-CJ-Soft
X-DefendeR-Status
X-DefendeR-Runtime
Node
SN
X-Debug
X-Upstream
X-Route-Server
Arr-Disable-Session-Affinity
X-OneAgent-JS-Injection
X-Source
X-ServerID
RTSS
X-Cache-Lifetime
X-Amz-Version-Id
X-NoCache
Cache
Req-Id
X-Instart-Request-ID
X-Cache-Expires
X-Vcap-Request-Id
X-Cache-Control-Orig
X-Revision
Proxy-Connection
X-PwB-Node
Version
X-Server-Id
X-Client-IP
Buuteeq-Source
X-Nbs
X-Front
X-SV-Pid
Content-Hash
X-SV-FromDBCache
X-SV-CacheTags
X-SV-Duration
X-SV-Edge
X-Cache-Tags
X-SV-CreatedAt
X-SV-Nginx-Duration
X-SV-Expires
Last-Published
Content-Security-Policy-Rerport-Only
Backend
X-Cache-Key
PICS-Label
Location
Pics-Label
X-UPSTREAM
SEOMOZ
MJ12bot
X-Varnish-Hits
X-FW
X-Mobile-URL
X-Kinsta-Cache
X-Cookie-Domain
X-Varnish-HitMiss
X-Varnish-Count
X-Purge-URL
X-Geo-IP
X-Content-Age
X-NFE
X-Nurl
X-Akamai-Device-Characteristics
X-Drectory-Script
X-N
X-Akamai-Device-Model
X-Nhost
X-Frontend
X-WEBSERVER
X-Correlation-Id
X-Grace
X-Platform-Router
X-Platform-Processor
Webluker-Edge
X-Mobilized-By
X-CDN-Forward
Ufe-Result
X-Edge-Location
S
Content-Transfer-Encoding
Cache-Key
X-ACMCache
HAVer
HCVer
X-LB-Node
Mobiquo-Is-Login
X-Page-Cache
X-Purge-Host
X-Dispatch
NetMindSessionID
Filter-Revision
Qs-Cache
X-Supported-By
X-LB
Srv
X-Cache-Doesi
AMF-Ver
Author
X-Speed-Cache-Key
X-ClientSide-Caching
X-Speed-Cache
X-Geo-IPV
X-Geo-IP-Country
X-Geo-IP-Region
X-Varnish-IP
X-Geo-IP-Metro
X-Server-Upstream
W
X-B2f-Cache-Load
X-Hypernode
X-Yadis-Location
X-Nginx-Host
A-Powered-By
Cm-Server
X-Application-Context
Retry-After
X-Real-Server
Cached
X-SE-Debug
Warning
X-HOSTNAME
X-Platform-Cache
X-Processing-Time
X-Blog
X-Edge-IP
X-Time
X-Config-Blacklist-Version
X-Ttl
CC-CACHE
X-Varnish-Hostname
Accept-Charset
X-BKSrc
X-Varnish-Ttl
X-CDN-Cache-Status
X-Orig-Vary
X-CDN-Node
WSR-Cache
X-Discourse-Route
X-Directory-Script
Nodo
SRV
X-NB-Cached-Page
Rewriter
X-GeoIP-Country-Code
X-Empowered-By
X-Cache-Control
X-WebServer
CT
X-GeoIP-Country-Name
X-F-Cache
X-NginX-Upstream-Addr
X-NginX-Upstream-Response-Time
X-AbeBooks-Version
X-NginX-Upstream-Status
X-NginX-Node
X-Session-Reinit
Ngpass-Vcall
X-Browser
Accept-Encoding
X-SSL-Protocol
X-Varnish-Server
X-Yottaa-Metrics
X-IIJ-Cache
X-Trace
X-Yottaa-Optimizations
Eomportal-Instance
Server-Name
X-PF-Uncompressing
X-SSL-Cipher
X-Framework
X-StackifyID
X-HP-Trace-Project
Thanks
X-Resolver-IP
X-Processed-By
X-ID
WWW-Authenticate
X-Sys-Req-ID
COMMERCE-SERVER-SOFTWARE
X-Garden-Version
X-Cocoon-Version
SSPAppContext
X-HP-Trace-ID
Beyond-Iis
X-Connection-Hash
X-Symfony-Cache
X-Transaction
Backend-Timing
Nitro-Cache
X-WR-Flags
X-Twitter-Response-Tags
X-Analytics
X-Signature
X-Hit-Cache
X-Worker
X-Adobe-Loc
X-Unique-ID
Host-Service
X-Key
X-GeoIP
X-Adobe-Content
X-Pagename
X-ServerIndex
A
IISExport
Front
X-AOL-SNH
X-Nginx-Cache
S-Cnection
NODE
MW-Webserver
X-Domain-Checked
X-App-Status
Frame-Options
X-Provisioner-Version
X-Vhost
X-Hiawatha-Cache
X-Machine-Name
Section-Io-Id
X-BackendServer
Allow
X-Webcelerate
X-Grid-Server
X-ARC
Pool-Info
X-Magento-Tags
X-Highwire-SessionId
X-SmartBan-Host
X-SmartBan-URL
Cneonction
X-Cache-Only-Varnish
Ibm-Web2-Location
X-Highwire-RequestId
X-EDGECONNECT-GUID-DEBUG
X-Config-By
X-Cache-Fix
Ibf5scheme
X-Cache-PageType
X-Atraveo-Set-Cookie
X-Goog-Metageneration
X-Atraveo-TTL
X-LW-Web-Server
MC
X-Atraveo-Zone
X-Atraveo-Varnish-Server-Id
X-Avvio-Cms-Cacheload
Cteonnt-Length
X-Atraveo-Expires
X-We-Are-Hiring
X-Atraveo-ETag
X-Atraveo-Cache-Control
X-Atraveo-From-Varnish-Cache
Machine
P-LB
P-WS
X-Atraveo-Param-Rm
X-Sucuri-ID
X-Amz-Storage-Class
Cmsid
X-V
X-GUploader-UploadID
X-Balanceador
X-Goog-Stored-Content-Length
X-Goog-Stored-Content-Encoding
X-Goog-Storage-Class
Cmstype
X-IsCacheURL
X-NginX-Cache
X-Goog-Generation
X-Litespeed-Cache-Control
X-Flow-Powered
Smug-CDN
X-Amz-Meta-S3cmd-Attrs
X-Force
X-Env
X-PRAM
X-Captured
X-SmugMug-Hiring
X-SmugMug-Values
X-TTFB-L
Bios
BALANCEDTO
X-Source-ID
X-Prefetched
X-TTFB
X-Real-IP
X-Cache-Provider
X-Cache-Source
X-AEM
X-Dns-Prefetch-Control
CLMOB
X-Jphone-Copyright
X-Frames-Options
X-Platform-Server
SVR
Myheader
X-Plat
X-RiS-UFDI
X-ORACLE-DMS-ECID
X-HW
X-Plat-Va-Ip
X-Plat-Be-Ip
X-NginX-Server
X-Client-Image-Vid
NtCoent-Length
X-Client-Vid
X-EPiphany-Vid
X-WA-Info
CacheControlHeader
Resin-Trace
Keywords
X-Server-IP
X-Vary-Options
X-Cache-Engine
Mime-Version
NnCoection
X-HydroSheep
X-WP
X-Varnish-Cache-Local
X-Varnish-Debug-TTL
X-Server-Response-Time
X-Varnish-Debug-Age
X-Cache-CFC
X-Domino-CacheValidationWithETagReason
X-Microcache
X-Domino-CacheValidationWithETagResult
X-PG
X-Smartcache-Keys
Content-Server
Real-Server
X-Smartcache-Timeout
NLCacheNote
X-EdgeConnect-MidMile-RTT
X-HTML-Minification-Powered-By
X-EdgeConnect-Origin-MEX-Latency
X-App-Server
X-AWS
X-ACLR-Version
X-LB-Server
From
X-Nginx
X-Optimization
X-Unbounce-PageId
RN-Server
X-Detected-Device
X-Unbounce-Variant
X-SRV
X-Unbounce-VisitorID
X-Id
Head
X-Server-Instance
XDomainRequestAllowed
X-Sucuri-Cache
ScoreTracker
Id
X-Restarts
X-Rebelmouse-Surrogate-Control
X-DTC
X-Custom-Header
Il-Cl
Proxy-Cache
X-VC-TTL
X-RDP
Cache-Rule
X-Cache-Set
X-APP
X-Apm-Telemetry-Syncmark
X-Rebelmouse-Cache-Control
X-Amz-Id-1
X-Lifetime
Hamster
Ec
X-GSL-Server
X-FIRSTBase
X-Webstats-RespID
Sid
X-MrHost
X-Nitra-Side
X-Origin-Id
Xc
X-Qnm-Cache
X-Server-Start-Time
Set-Cookie2
VAR-Cache
Prxy
X-Response
Paypal-Debug-Id
X-B
X-Span
Logging-CorrelationId
X-This-Proto
X-REDIRECTSERVER
X-Render-Time
Imx-Cookies-Used
N365rili
PServer
Yoncu-Errno
Cpu:
Sophnep-Edge-FX
Ram:
X-Environment
X-Varnish-Set-Cookie
Web
X-CB-Server
Cluster-ID
Noq:
X-OPNET-Transaction-Trace
Rel
X-A
X-B2f-Not-Route
Description
AsisCache
Hash
X-Varnish-Esi-Method
X-Varnish-Store
X-KoobooCMS-Version
X-DSMX-Render-MS
X-Varnish-Currency
X-Desc
X-Cache-On
OT-RequestId
X-Route
X-DSMX-Rewrite-MS
X-Server-By
X-JG-Page-Cache
X-Turpentine-Cache
X-Varnish-Esi-Access
X-Actindo-RS
INCOMING-TIME
Actual-Object-TTL
X-DealerOn
X-Airee-Node
X-Dynatrace
X-Rack-CORS
X-Distributor
NS-VaryByCustom-Key
Identity
X-App
Fastly-Backend-Name
X-HITS
X-Pj-Cache-Status
X-Accel-Expires
WP-AdvCache-MemCached
X-DB-Content-Length
X-Srv
X-MAT-GEO
X-Oracle-DMS-ECID
X-Forwarded-Proto
X-Magento-Action
X-ProxyInstancename
X-Jcms-Ajax-Id
D
X-7d-Instance-Id
X-SV
X-IP-Address
X-7d-Trace-Id
X-Enhanced-By
X-Forwarded-Host
X-Varnish-Cache-Control
VServer
X-OpenCart-Lightning
M
X-Upstream-Backend
X-WR-MODIFICATION
Backend-Node
Accept-Language
X-Varnish-Action
X-MSEdge-Ref
X-AccessDev
X-SDE-Name
X-Pj-Cache-Time
Cdate
X-Pj-Cache-Key
X-Pj-Cache-Flags
X-Pj-Cache-Gzip
X-Powered-By-Anquanbao
X-ProcessTime
X-PBY
X-App-Runtime
IM-Version
Content-Instance
X-RequestId
WFE
X-Pj-Cache-Expires
X-Is-Mobile
X-Turpentine-Esi
X-Name
X-Stage
X-Gyrobase-Publication
X-Cluster-Node
X-ACCELERATE
X-DN-Cache-Control
X-Ob-Mode
PowerCDN
Host-Name
WWW
X-Original-Host
X-Content-Type
X-CCM
X-Catalyst
X-Trace-Id
X-Transaction-Id
X-Site:
X-RealServer
Cpu
X-Appmachine-Environment
If-Modified-Since
Note
ServerTokens
Fw-Cache-Status
Fw-Via
X-Tile-Url
Device-Type
ServerSignature
CmsCacheEngine
IsMobile
Noq
X-Hrouter
X-Hstore
X-Cms-Mode
X-Cache-Level
X-Pressidium-NinukisWP-Ver
X-Dev
X-HA
Worker
X-Runtime-Affili
X-SilverStripe-Cache
Ram
X-Pixelsilk-Version
X-Cache-Handler
X-Pixelsilk-Server
X-Cache-Action
Server-Ip
X-Rewritten-By
X-Cache-Me-Harder
X-EC-Lua
X-ManagedFusion-Rewriter-Version
X-Wikidot-Static-Cache
X-Cache-Keep
X-Backend-Name
X-WorkerInstancename
X-Hosting
Nginx-Cache
X-Varnish-URL
X-Varnish-Error-Restart
X-Cache-Node
X-COUNTRY-CODE
Servername
Server-Id
X-Varnish-Backend-Healthy
RATING
X-Cache-TTL-Remaining
X-Wikidot-Backend
Actioncode
NZSpeedy
X-CacheResult
Provider
Realaction
X-Artvisual-Server
X-RateLimit-Remaining
X-Esi
X-CSRF-TOKEN
Disablevcache
Ctx
X-RSS-CACHE-STATUS
X-RequesterIP
X-Ocache
X-Checkout
X-FCMS-Cache
X-Cache-ID
X-Beatles-Hits
X-Built-By
X-Backend-TTL
WSCLoggingUUID
VANITY-HOST
BKREF
X-Matched-Rule
DrivedBy
X-Cms-Server
X-Cluster
Thinkindot-CacheControl-Type
Thinkindot-Control
Content-Generator
X-Time-Spent
Thinkindot-CacheControl
X-Hash
X-VC-Enabled
HOST-SERVICE
X-TTL-Age
X-NewCloud-V-Cache
B-Powered-By
X-Would-Your-GrandPa-Wait
X-Proto
X-DPWN-IS-SECURE
X-Does-He-Have-Time
X-Header
X-Src-Webcache
X-ESI-Enable
X-Secret
X-OCTOPOD
X-Request-Processing-Time
X-Flex-Evstart
X-Flex-Evend
X-Flex-Lang
X-Flex-Lastmod
X-Flex-Tag
X-Flex-Community
X-Company
RequestId
Pool
Ozcache
Www.Aujourdhui.Com
X-Cjtype
X-Flex-Tags
X-Generated
X-T3CacheInfo
X-T3Cache
X-T3CacheTags
X-Title
X-Varnish-Max-Age
X-Search-Id
X-Rack-Cors
X-HP-CAM-COLOR
X-Hcom-Styx-Info
X-Layout
X-Max-Age
CpuTime
Be
MageStack-Web-Node
X-SeschatRedID
X-SeschatLayout
X-SeschatTemplateID
X-UUID
X-VARITI-CCR
X-SeschatDID
X-Seschat-URL
X-Pubstack
X-Info
Dispatcher
X-Request-Received
Cleartype
X-Vhost-ID
Language
MageStack-Debug
MageStack-Config
MageStack-Loadbalancer
MageStack-PageSpeed
MageStack-Tag
MageStack-Cacheable
MageStack-Cache-Warning
MageStack-Cache
MageStack-Area
MageStack-Cache-Hits
MageStack-Cache-Lifetime
MageStack-Cache-Status
X-FFX-B
Hosted-By
X-Farm-Server
X-HAProxy
X-Hosts-Backend
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Do-Esi
X-PoweredBy
X-AppServer-Cache-Rule
Content
Response-Time
X-4ormat-Cacheable
X-Ratelimit-Remaining
Svr
X-TB-M
X-NewRelic-App-Data
X-WHOIS-Cached
X-Distributed-By
X-WebNode
X-Varnish-Instance
XDisk
SS
X-Amz-Meta-Cb-Modifiedtime
Tracker
X-RateLimit-Reset
Hostname
Tracecode
X-GRACE
X-Fedora-School-Id
X-GoCache-CacheStatus
X-RateLimit-Limit
X-Akamai-Edgescape
X-Healthy
Pv
X-Server-Generated
Device
X-Proxy-Cache-Key
VC-NoCache
Content-Cache
X-Server-Instance-Name
Debug-Status
X-SID
X-Cache-2
X-Invoke-Duration
Ttl
MSThemeCompatible
X-Serendipity-InterfaceLangSource
X-Serendipity-InterfaceLang
X-PF-CACHE-FAILED
MSSmartTagsPreventParsing
RouteID
X-Status
X-Goog-Meta-Policy
Session-Id
X-Author
X-CACHE-TTL
Cache-Control:
X-Server-Addr
X-Unique-Id
X-Your-GrandPa-Would-Wait
X-FreeTag-Count
X-Meta-MSThemeCompatible
X-Fstrz
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
Powerd-By
X-VERSION
X-Pagely-Cache
Og
X-RAMCache
X-Box
X-Cache-Extended
X-Depends
X-DEBUG
X-Bcwwwid
X-Old-Content-Length
X-Nginx-Request-Time
X-Goog-Meta-Replace
X-Content-Security-Policy-Report-Only
X-HostName
X-MCF-ID
X-DataDome
Serverid
X-FastCGI-Cache
ORIGIN
Expire
X-E
Origin-Server
X-Frame-Option
X-Akamai-Transformed
X-Timing
X-RemovedCookies
QC-Hit
Powered-By-VeryCDN
AC-ELC
X-TempoPesquisa
QC-Key
QC-Time
X-Old-Varnish
X-AISO-Server
Webserver
X-Sid
X-ProcessESI
X-Client-Ip
X-Brought-To-You-By
Tempo
E-Tag
X-Delivered-By
X-DeliveryServer
X-PHP-Response-Code
X-LS-DEBUG
X-Dynamic
CommunityServer
LX-Tipo-Container
Aurora-Node
X-Venda-Hitid
X-ORACLE-DMS-RID
HostName
X-Content-Parsed-By
X-IP
X-Hit
X-Clara-ASAP
X-ASAP-Cache
Debug-Cache-Control
CD2
AGI-Request-ID
Debug-Expires
MwpReleaseVersion
X-ASAP-Age
X-AG-MIPS
X-SP-AP
X-SP-PR
From-Origin
Ews
X-Reason-Bp
X-Beatles
X-Drupal-Cache-Tags
X-ENV
X-Ec-Custom-Error
X-PM-ID
X-Origin-Cache
MageStack-Cacheable-Reason
CACHED-RESPONSE
X-SP-TE
MageStack-Magento-Version
MageStack-Response-Ttl
X-Obr-Rule
X-Cache-UA
X-UA
X-SL-Notranslate
LX-Version
LX-Url-Skin-Container
LX-Url-Photo-Container
LX-Version-Package
X-Fpc
X-Powered-By-Home.Pl
X-LW-T
LX-Type
LX-Static
LX-Host
LX-Cliente
LX-Ambiente
LX-Host-Api
LX-MachineName
LX-Site
LX-Server-GetCache-Id
X-Powered-By-Server
X-UltraCart-Critical-Path-CSS-Injected
X-Instance-Name
X-Cache-Device-Type
X-Cache-Backend
X-Nginx-Page-Cache
X-Page
X-SL-Norewrite
X-SERVER-ID
Httpd-Identifier
Expiries
X-UltraCart-Inject-Critical-Path-CSS
X-UltraCart-Critical-Path-CSS-Key
X-UltraCart-Server-Round-Trip
X-ETag
X-Ruxit-JS-Agent
X-Runtime-Memory
Kanooh-Host
X-Device-Group
Gzip
F5-IpCliente
Kp-EeAlive
P
Url-Hash
ClientIP
Cache-Status
At-Shoptype
At-Isb
Atp-Isdpp
Brandcast-Brand-Id
Brandcast-Load-Balancer
X-Built-With
X-Cache-Detail
X-Ghost-Cache-Status
X-Dw-Trace-Id
X-Member
Served-From
X-Bypass-Ssl-Transform
Fpc-Expire
Pw-Value
X-PageType
X-CPU-Time
X-LOCATION
X-Node-Name
X-BeResp-Ttl
"
X-Time-Microsecs
X-NGINX-Cache
User-Cache-Control
X-NewsFlow-Sitename
X-NewsFlow-DoCache
X-Clx-Request
X-Not-Cacheable
Requested-Host
TP-Cache
TP-L2-Cache
Max-Age
E-TAG
Copyright
X-Faeria
X-Forwarded-Server
X-AppServer-Status
Progma
X-ClusterID
X-Fe
Dynatrace
X-VG-WebCache
X-Diehard
X-Dynamic-Cache
X-MSU-SOURCE
X-Diehard-Tags
X-Diehard-Blocks-Removed
X-Diehard-Blocks-Added
X-Compressed-By
X-FG-RequestId
X-Router-Backend
X-Router
X-Site-Name
X-SuperCache
X-T
X-Provided-By
X-Pageid
X-Cache-Via
RSL-Trace-ID
X-DDM-SERVER
X-DDM-SERVER-UPDATED
X-Front-Cache
X-UseReverse-Proxy
X-VCS-Billing
X-Webapp
X-VCS-Url
X-Zendesk-Origin-Server
MachineName
ReqUrl
X-VCS-Ttl
X-VCS-Status
X-VCS-Cacheable
X-VCS-Cache-Server
X-VCS-Hit
X-VCS-Host
X-VCS-Nrhit
Lb
X-ITKG-Cache-Tags
X-Expose-Site
X-Expose-Hostname
X-Expose-Took
X-EZPublish-InstallationID
X-EZPublish-NodeID
X-Expose-Generated
X-ESI
REFRESH
X-Gannett-Site-Version
X-Apache2-RT-MicroSec
X-Me
X-Cache-Time
X-Nginx-VM-RT
X-DEBUG-TTL
X-Rq
X-Pb-Mii
X-Ser
X-Accel-Cache-Control
X-Batcache
X-Mobile
Apache
ServerIP
X-Distil-CS
Lookup-Cache-Hit
SiteName
X-Highwire-Sitecode