Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Set-Cookie
Content-Type
Date
Connection
Server
Cache-Control
Vary
Expires
Content-Length
X-Frame-Options
Strict-Transport-Security
X-Content-Type-Options
Accept-Ranges
Last-Modified
Pragma
X-Powered-By
CF-RAY
ETag
Link
X-XSS-Protection
Expect-CT
Via
X-Cache
Age
Content-Security-Policy
Access-Control-Allow-Origin
Content-Language
P3P
X-UA-Compatible
X-Cache-Hits
X-Amz-Cf-Pop
X-Amz-Cf-Id
Referrer-Policy
X-Served-By
X-Varnish
X-Request-Id
X-Xss-Protection
CF-Cache-Status
X-Timer
Access-Control-Allow-Headers
Access-Control-Allow-Methods
X-AspNet-Version
X-Download-Options
X-Runtime
Access-Control-Allow-Credentials
X-Drupal-Cache
X-Adblock-Key
X-Check
Alt-Svc
X-Cacheable
X-Generator
Content-Security-Policy-Report-Only
X-DNS-Prefetch-Control
X-Cache-Status
X-AspNetMvc-Version
X-Permitted-Cross-Domain-Policies
X-Template
X-Iinfo
X-Language
Status
Timing-Allow-Origin
X-Buckets
X-Content-Security-Policy
Content-Encoding
X-Kinja-Server-Push
Xkey
X-Turbo-Charged-By
Upgrade
X-CDN
X-Type
Keep-Alive
Access-Control-Expose-Headers
X-Request-ID
WPE-Backend
X-Pass-Why
X-AH-Environment
X-Backend
Access-Control-Max-Age
X-Age
X-Drupal-Dynamic-Cache
X-Cache-Group
X-Server
X-Proxy-Cache
X-Via
Grace
X-Pingback
X-Nginx-Cache-Status
X-Server-Powered-By
X-Robots-Tag
X-Amz-Request-Id
X-Amz-Id-2
X-Hacker
X-Varnish-Cache
X-UA-Device
X-Page-Speed
EagleId
Request-Context
X-LiteSpeed-Cache
Cf-Railgun
X-Envoy-Upstream-Service-Time
X-Ua-Compatible
X-CST
X-Swift-CacheTime
X-Swift-SaveTime
X-Server-Id
Ali-Swift-Global-Savetime
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
X-Device
X-Amz-Version-Id
X-WebKit-CSP
Server-Timing
X-Ac
X-Node
Allow
Feature-Policy
X-Response-Time
X-OneAgent-JS-Injection
X-Rq
X-Iejgwucgyu
X-Cnection
Content-Location
X-Cache-Lookup
Report-To
X-Backend-Server
EagleEye-TraceId
Surrogate-Control
X-Readtime
X-Host
X-Application-Context
Request-Id
X-ORACLE-DMS-ECID
X-Url
P3p
X-Rack-Cache
X-Origin-Cache
X-Cdn
X-Clacks-Overhead
X-Country
X-FTR-Request-ID
Rating
NEL
X-Country-Code
X-Cloud-Trace-Context
X-EdgeConnect-MidMile-RTT
X-EdgeConnect-Origin-MEX-Latency
X-DataDome
X-Ruxit-JS-Agent
X-Instart-Request-ID
X-Px
X-Vhost
X-Mod-Pagespeed
X-MS-InvokeApp
X-VARITI-CCR
Charset
Accept-CH
Edge-Control
Verso
X-Goog-Hash
X-GitHub-Request-Id
X-TTL
X-Mobile-Rewrite
PB-RID
X-TtlSet
X-Vname
PB-PID
Arc-Version
X-PC
Pinterest-Generated-By
X-ESI
X-Server-Name
X-Version
X-DynaTrace
X-Upstream-Env
X-B3-TraceId
X-D2id
X-Powered-By-Plesk
X-Cached
X-Kinja-Revision
X-Use-Magma
X-Kinja-Build
X-Kinja-Server
X-Exp-Variant
X-Exp-Id
X-Kinja
X-Cdn-Fetch
X-GoogleNews-Bot
X-Origin-Upstream-Status
X-Dispatcher
SPRequestGuid
X-Varnish-TTL
X-SharePointHealthScore
X-Abt-Application-Version
X-Recruiting
MS-Author-Via
X-Powered-CMS
Accept-CH-Lifetime
RTSS
X-Navigation-Version
X-T
Content-MD5
X-ORACLE-DMS-RID
Public-Key-Pins
X-Oracle-Dms-Rid
X-Shield-Request-Id
AR-CACHE
AR-ATIME
AR-PoweredBy
X-Trace
X-DynaTrace-JS-Agent
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Client-IP
X-HW
X-Accel-Buffering
X-Wix-Server-Artifact-Id
Arr-Disable-Session-Affinity
X-Fastly-Request-ID
X-Forwarded-Proto
X-Amz-Rid
SPRequestDuration
SPIisLatency
Realpath
X-DIS-Request-ID
X-B
Service-Worker-Allowed
X-Upstream
X-Goog-Stored-Content-Encoding
X-Goog-Metageneration
X-Goog-Generation
X-Goog-Stored-Content-Length
X-F-Cache
X-Amz-Meta-S3cmd-Attrs
X-Ser
X-Pinterest-Rid
Pinterest-Version
Paypal-Debug-Id
X-Via-JSL
AR-Request-ID
Front-End-Https
X-Country-Code-Real
X-FTR-Balancer
X-FTR-DC
X-FTR-Realm
X-FTR-Backend-Server
X-FTR-Backend
X-FTR-Cache-Status
X-FTR-Expires
X-Id
X-Dw-Request-Base-Id
X-Vcap-Request-Id
X-Varnish-Age
X-Dns-Prefetch-Control
X-Debug
Ar-Sid
X-XRDS-Location
X-MSEdge-Ref
X-Acc-Meta-Resource-Type
X-Goog-Storage-Class
Nginx-Cache
X-Kinsta-Cache
X-Server-ID
X-Hits
X-N
X-NF-Request-ID
X-FTR-Cache-Host
X-TEC-API-ROOT
X-TEC-API-VERSION
X-TEC-API-ORIGIN
X-NewRelic-App-Data
X-Logged-In
S
X-Ttl
X-Mrf-Item-Lastmod
X-Mrf-Section-Lastmod
Mrf-Cache-Status
X-B3-TraceId-Primal
MRF-Tech
X-DataStream-Cache-Status
X-Akam-SW-Version
X-Forwarded-For
X-Frontend
Tracecode
Alternate-Protocol
X-PressLabs-Stats
X-HS-Content-Id
X-HS-Hub-Id
X-Grace
X-User-Agent
X-Amzn-Trace-Id
X-CACHE-GROUP
Server-Name
X-Pad
X-Content-Digest
AMP-Access-Control-Allow-Source-Origin
X-Content-Options
X-FastCGI-Cache
TCN
Refresh
DynaTrace
Powered-By-ChinaCache
X-Content-Type
Access-Control-Request-Method
X-Analytics
MicrosoftSharePointTeamServices
Backend-Timing
Fastcgi-Cache
X-LB-Cache
Accept-Charset
X-Az
X-Sol
X-AppVersion
Display
X-Middleton-Display
X-Activity-Id
X-Rid
FilterID
X-Zen-Fury
X-CF-Powered-By
X-Page-Id
X-Debug-Info
X-IPLB-Instance
Host
X-Cache-Key
MS-CV
ServerID
Response
X-Middleton-Response
X-Fastcgi-Cache
TP-L2-Cache
TP-Cache
Cache-Status
X-RateLimit-Remaining
X-Cache-Hit
X-Magnolia-Registration
X-Hostname
X-Content-Powered-By
X-VCache
X-Srv
X-Seen-By
X-ATG-Version
X-Mobile
X-Oneagent-Js-Injection
X-WA-Info
X-TA-CDN-Provider
X-Revision
X-Cached-By
Surrogate-Key
X-Varnish-Backend
X-B3-Sampled
X-Request-Processing-Time
X-Request-Received
X-SS-Set-Cookie
X-Signature
X-B-Cache
Host-Header
X-Cluster
X-Whom
X-Drupal-Cache-Tags
VIX-Pulpo-Upstream-Status
VIX-Pulpo-Node
Rt-Fastcgi-Cache
X-Platform-Server
X-Instance
X-Tumblr-Pixel-0
X-Tumblr-User
X-Tumblr-Pixel
X-Request-Guid
X-Handled-By
ViewerVersion
X-GUploader-UploadID
X-PHP-Backend
Cleartype
X-Wix-Request-Id
X-Cache-Action
X-Origin-Server
X-Content-Security-Policy-Report-Only
X-Akamai-Edgescape
Source
X-App-Environment
Server-Info
X-Framework
X-TT
X-XRDS-LOCATION
X-Cache-Age
DC
X-Amz-Apigw-Id
X-Amzn-RequestId
X-Edge-Location
X-Cache-Control
X-Geo-Country
X-BCube-Filmed-By
Fusion-Source
Fusion-Content-Id
X-App-Server
X-Generated-By
Fusion-Component-Id
Fusion-Content-Source
Fusion-Template-Id
X-FW-Server
X-FW-Static
X-FW-Type
X-FW-Serve
X-FW-Hash
X-Varnish-Server
X-AOL-HN
Server-Node
X-Cache-Rule
X-Real-IP
X-NWS-LOG-UUID
X-Varnish-Hostname
Retry-After
X-Ruxit-Js-Agent
X-Cache-2
X-Correlation-Id
Payment
Eomportal-Instance
X-Varnish-Grace
X-FB-Debug
Webserver
X-Amz-Server-Side-Encryption
X-Response-Served-From
Access-Control-Allow-Method
Actual-Object-TTL
X-Tumblr-Pixel-2
X-Cacheable-TTL
X-Varnish-Hits
X-Amz-Replication-Status
X-Tumblr-Pixel-1
Content-Script-Type
Ms-Operation-Id
Content-Style-Type
X-Drupal-Cache-Contexts
X-TX-ID
X-TT-TIMESTAMP
X-Jobs
GEO-INFO
Healthy
X-RTag
NGB
Filters
ServedBy
AsisCache
X-UA-Device-Type
X-Varnish-IP
Viewport
X-WebKit-CSP-Report-Only
X-Region
X-UUID
X-RequestSource
Upgrade-Insecure-Requests
X-Rendered-As
Cache-Tv-Group
Country
X-Locale
X-Cache-Config
X-Servedby
X-Accel-Expires
X-Device-Type
X-Ezoic-Cdn
From-Origin
X-Contextid
X-Adobe-Content
HitType
X-Adobe-Loc
X-WPE-Loopback-Upstream-Addr
X-VG-WebCache
X-Cache-TTL
X-BACKEND-TTL
X-Cache-Server
X-Cache-TTL-Remaining
Fastcgi-Useragent
X-Upstream-Proxy
Cache
X-FW-Dynamic
Edge-Cache-Tag
X-Cache-Remote
Pagespeed
X-Content-Age
X-Cache-Operation
X-Kong-Proxy-Latency
X-Kong-Upstream-Latency
Cache-Tags
X-Redis-Cache
X-Webkit-Csp
Fastly-Restarts
X-Hit
X-Upgrade-Enabled
X-APP-VERSION
X-RateLimit-Limit
X-Source
X-Esi
Datacenter
X-CACHE-KEY
X-Storage
X-S
X-DataStream-Origin-MEX-Latency
X-Mode
X-DataStream-MidMile-RTT
Cache-Tag
Served-By
X-GeoIP
X-Backend-Name
X-NGENIX-Cache
X-NCache
X-Time-Microsecs
X-Path-Route
X-RN-RSRV
Machine
Load-Balancing
Meta-Geo
Origin-Cache-Control
X-Cache-Var-Map
Origin-Edge-Control
X-Rule
X-Cache-Var
X-Internal-Host
X-Is-Bot
NtCoent-Length
X-Daa-Tunnel
X-Detected-As
X-Generated
X-JoinUs
X-Proxy-Build
X-Agile
X-Varnish-Cache-Hits
X-TNCMS
X-Timing-Wait
X-Agile-Id
X-Tb
X-Agile-Age
SRV
X-Status
X-Hl-Ver
Now
X-Grey
X-Hosted-By
X-ProxyCache-Status
Vix-Hermes-Req-Id
X-Edge-IP
Selected-FE
X-ServerID
X-Akamai-Request-ID
X-App-Version
X-Proxy
Xserver
X-Varnish-Cacheable
X-Www-Served-By
X-ProxyCache-Key
X-CDN-Cache
X-Origin-Response-Time
X-BYPASS-REASON
X-Cache-Category-Id
X-Labrador-Cache-Channel
X-Loop
X-FC-Vary-Parameters
TWC-Device-Class
TWC-GeoIP-Country
X-PCL
TWC-Connection-Speed
X-Origin-Hint
X-Format
X-OCL
TWC-GeoIP-LatLong
S-Rt
X-Origin-Host
X-Human
X-Via-Fastly
X-IP
X-Web-Node
X-L-Path
X-Environment-Context
X-Birta-Served
X-Birta-Cache-Post
Webcakes-Region
Cache-Name
TWC-Privacy
TWC-Locale-Group
X-ProcessESI
X-Pubstack
Webcakes-App-Version
Webcakes-App-Name
X-RemovedCookies
Property-Id
Cache-Key
X-Akamai-Transformed
X-Pc-Key
X-Pc-Hit
X-PERF
X-Guploader-Uploadid
X-Access
X-Pc-Appver
X-MP-GENERATED-AT
X-Cache-Enabled
X-CCM
X-Debug-Cache
X-Site-Version
X-ApacheServer
X-Section
Public-Key-Pins-Report-Only
Azure-SiteName
Azure-Version
Azure-SlotName
Azure-RegionName
Azure-InstanceId
DB-Nickname
Fastcgi-X-Cache-Version
X-Viewer-Country
X-App-Name
X-GEO
X-Zipkin-Id
X-Routing-Service
X-Proxied
X-Xfnlog-Site
X-VG-TLSProxy
Access-Control-Request-Headers
We-Hiring
Mail-Subject
X-Microcachable
Nel
X-Cache-NE
Liferay-Portal
X-Original-Request
X-EdgeConnect-Cache-Status
User-Agent
X-Origin
S-Cnection
X-Protected-By
X-Nginx-Cache
User-Cache-Control
Cache-Hits
X-Node-Name
X-FW-Version
X-Sucuri-ID
X-Request-Time
X-ES-SERVER
X-Ocache
LB
X-Cdn-Forward
X-Proto
X-Yottaa-Optimizations
X-Yottaa-Metrics
X-Ua
X-Trace-Id
X-Webstats-RespID
Powered
X-Nc
X-Tumblr-Pixel-3
X-GRACE
X-UA
PageSpeed
Ohc-File-Size
X-Varnish-Ttl
CACHE
X-Forwarded-Host
X-Endurance-Cache-Level
X-FB-TRIP-ID
X-Origin-CC
X-Correlation-ID
Frame-Options
L5d-Success-Class
X-Time
X-Unique-ID
X-AWS-Id
Section-Io-Cache
X-VWS-Id
X-LJ-Flow-ID
X-Varnish-Beresp-Status
X-V
X-Varnish-Beresp-Grace
X-OVcl
X-OVcl-Cache
X-Cluster-Node
OT-Force-Account-Verify
X-Origin-TTL
AR-SID
X-Parent-Response-Time
X-Rocket-Nginx-Bypass
IBM-Web2-Location
X-R9-Blue-Green-Version
X-Upstream-CT
X-Cache-Backend
X-ElasticPress-Search
X-Upstream-HT
X-Gen-Mode
X-Generated-In
X-IN-WAF
X-Info
X-Li-Fabric
X-EIG-Tracking-Id
X-Irp-Debug
X-Li-Pop
X-LI-Proto
X-LI-UUID
X-IN-APIGATEWAY
X-Fetched-On
X-Hnp-Log
X-Destination
MD5-Digest
Memcached
X-Application
Meta-Geo-Continent
X-ARC
X-Auto-Login
X-Block-Status
X-BB-ID
X-B-Cookie
X-Amz-Meta-Cache-Control
X-Aed
Rendered-Blocks
VivaBuild
Viewtype
Resin-Trace
Www
Powered-By
Mobile-Detection-Method
X-Accel-Expires-Debug
Node
X-Cache-Bucket
X-Cache-FS-Status
X-Developer
Country-Code
Decoy-Debug-Key
Decoy-Debug-Status
Cache-Prefix
X-Distil-CS
X-External-Request-Id
BehaviorPad-Version
X-DPWN-IS-SECURE
Decoy-Debug-TTL
Ec-Rule-Version
GMS-Ver
X-CF-Lambda-Fn
X-Cdn-Srv
X-Cache-URL
X-CF-Lambda-Version
Fly-Request-Id
X-Date
X-Connection-Hash
Fly-Cache
Arc-Country
X-Micro-Cache
X-Pc-Host
X-User
X-SRCache-Key
X-Pc-Date
X-VG-WebServer
X-UE-Client-Country
X-We-Are-Hiring
X-Pc-Subdomain
X-Wikidot-Static-Cache
X-Request-UUID
X-Wikidot-Backend
X-Region-Sid
X-Server-Group
X-Reboot
X-Vgn-Hpd-Reason
Xc-Version
X-Twitter-Response-Tags
X-Rojux
X-ScT
X-S-Cookie
X-S-Maxage
X-Rewrite-Enabled
X-PAYTM-SRV-ID
X-Transaction
X-Server-By
X-Trv-Group
X-NU-AKA-ACS-Version
X-Varnish-Beresp-Ttl
X-Dc
X-ServiceProvider
X-Sf
X-Bip
X-Cache-Id
X-C
X-Server-IP
X-Backend-Url
X-Varnish-Action
X-Cache-Debug
X-Cache-Host
X-Cache-Info
X-Sorting-Hat-PodId
X-A
X-Svr
X-A-Ccd
X-A-Dam
Who
Web-Mar-Node
Server-Host
X-TrackingId
X-Thanos
X-TT-LOGID
X-A-Dcw
X-A-Dgt
X-Shopify-Stage
X-ShopId
X-ShardId
X-Backend-Host
X-Sorting-Hat-ShopId
X-Variation
X-A-Wwc
X-Stale
X-Actual-URL
X-Alternate-Cache-Key
X-Node-Id
X-Crawler
X-Policy
X-Platform
X-Cache-Grace
SD-X-WS
X-Proxy-Cache-Status
X-Proxy-Upstream
X-Goog-Meta-Goog-Reserved-File-Mtime
X-Hash
X-RateLimit-Limit-Second
X-PHP-Host
X-Passed-To-PostProcessResponse
X-Origin-Expires
X-Origin-Date
X-Nginx-Cache-Key
X-Logtrace-Id
X-Passed-To
X-Level-Front-Cache
X-LAGOON
X-Passed-To-DLL
X-Passed-To-BeforeDispatch
X-GeoIP-Country-Code
X-Generated-On
X-D
X-Returned-From-DLL
X-Returned-From-BeforeDispatch
X-Dispatcher-Server
X-CUA
X-Location
X-Clientip
X-Returned-From-PostProcessResponse
X-Core-Mission
X-Returned-From
X-Response-By
X-G
X-Rebelmouse-Cache-Control
X-RateLimit-Remaining-Second
X-From
X-FireWall-Port
X-Epic-Correlation-Id
X-Eu-Site
X-Rebelmouse-Surrogate-Control
X-CGP
X-Backend-State
Magicmarker
Lfy
Is-Eu
Fastly-SWR
Adler-Geo
Proxy-Connection
Platform
Backend
HA-Ipaddr
Fastly-Backend-Name
Fastly-SIE
Fastly-Soc-X-Request-Id
Countrycode
Content-Disposition
CDCHOST
Ha-Gx-Prefs
Request-Time
Ajk
X-HS-Cache-Config
X-Device-Os
X-Developers
X-Thinkindot-L3
X-TIME
X-Swa-Ws
X-F5-Cache
X-Secret
X-Distributor
X-SIPLIST1
X-UnsetCookies
X-Debug-Log
X-Varnish-Authentication
X-Via-CDN
Fastly-SSL
X-Var-Ttl
X-Debug-Cache-Expiry
X-Debug-Cookies
X-Debug-Cache-Store
X-Debug-Cache-Fetch
RNT-Time
X-Fastly-Cache
X-Instart-Isnd
X-IN-SSL-APIGATEWAY
X-Generation-Time
On-Server
X-No-Session
X-Matched-Rule
X-MSEdge-Flight
X-Server-Cache
X-NX-Host
X-SERVER
X-Request-URI
Apple-News-Services-Parsed-Url
Apple-News-Services-Request-Url
X-Qloud-Router
Apple-News-Services-Host
AKAMAI
X-Gannett-Site-Version
Apple-News-Services-Handled
X-MSEdge-Features
X-Key
Origin
Pagetype
Pramga
Mn-Server-Ip
X-Cache-Expires
Heartbleed
IsBot
X-Amz-Meta-Surrogate-Control
Release
True-Client-Country-4JS
SS
Server-Surrogate-Control
Server-Cache-Control
GW-Server
X-Cache-ASPX
Thinkindot-Control
Thinkindot-CacheControl-Type
Thinkindot-CacheControl
RNT-Machine
Warning
X-Sucuri-Cache
Server-ID
Server-Int
Kp-EeAlive
X-Up
REQUESTUUID
Fastcgi-X-Cache
X-Server-Time
Cache-Cookie-Set-Idcheck
Cache-Cookie-Set-Lfrom
Cache-Cookie-Set-From
X-Croise-Owner
X-Core-Value
X-Fstrz
X-Be
SID
X-Page-Type
X-Edge-Cache
X-Died
X-Sedo-Request-Id
X-Pjax-Url
X-Cache-Miss-From
X-Edge-Cache-Key
X-Via-NSCOPI
HostName
X-Varnish-Url
NGX
X-B3-Traceid
X-SN
X-Owner
X-Servername
RequestId
X-Refresh
X-Newrelic-App-Data
Version
Odigeo-Trace-Id
PFcat
X-From-Cache
X-URL
Hostname
X-CDN-Forward
HTTPS
X-Oss-Server-Time
MIME-Version
X-Oss-Request-Id
X-Oss-Object-Type
X-Oss-Hash-Crc64ecma
X-Oss-Storage-Class
X-B3-SpanId
Time
X-NC
Cteonnt-Length
Mime-Version
X-Servedbyhost
X-FPC
X-Store
Cdn-Host
Cdn-Request-Time
Cdn
Esi-Enabled
X-Edge-Server
X-Cache-CFC
MI-API
MI-Cache-Age
MI-Cache
X-MI-In-Market
PICS-Label
X-RCS-CacheZone
X-Layer
FastCGI-Cache
X-RequestId
ProcessTime
X-Req
HA-Georegion
HA-Geolon
X-Real-Ip
HA-Urlpath
HA-Geolat
HA-Servedtime
HA-Geocountry
HA-Host
HA-Cloudapp
HA-Geocity
X-Hyper-Cache
X-IPS-LoggedIn
X-CSRF-TOKEN
X-Amzn-Remapped-Date
X-Amzn-Remapped-Connection
X-Mobile-URL
Memory
X-Webkit-CSP
Processtime
X-CLOUD-TRACE-CONTEXT
X-GZip
CF-IPCountry
X-VServer
Backend-Name
Cross-Origin-Window-Policy
X-Dynatrace-Js-Agent
X-Varnish-Beresp-TTL
X-Ratelimit-Remaining
X-CMS-Context
X-HS-Combine-CSS
X-Load-Cache
X-Wa
X-NodeID
X-Lb-Id
X-Mrs-Cache
X-Mshield-Cache-Status
X-Unique-Id-Primal
Cf-Ipcountry
X-Mrs-Cache-Hits
X-Mrs-Age
CDN
X-B3-Spanid
X-Skip-Cache
X-HTML-Minification-Powered-By
X-Pf-Uncompressing
X-Aicache-OS
X-Geo
X-Ratelimit-Limit
X-DC
X-Instart-Info
Amp-Access-Control-Allow-Source-Origin
X-WR-MODIFICATION
X-Newrelic-Synthetics
Ohc-Response-Time
X-WebServer
X-Fastly-Country-Code
X-Phone
XServer
Ohc-Cache-HIT
X-Request-Start
GeoIP-Country-Code
X-PF-Uncompressing
Uber-Trace-Id
X-Atg-Version
X-WA
X-NODE
URI
X-VC-Cache
X-Release
X-Cms-Context
GeoIP-Latitude
X-Tb-Optimization-Total-Bytes-Saved
T-Server
X-Nananana
X-Gateway-Cache-Key
X-Gateway-Skip-Cache
N-Cache
X-Gateway-Cache-Status
Accept-Ch-Lifetime
X-FORWARDED-FOR
X-Server-W
Pics-Label
X-UCC
X-APP
X-Oracle-Dms-Ecid
Rt-Proxy-Cache
X-Served-From
X-CSRF-Token
X-GoCache-CacheStatus
X-Unique-Id
X-LB-ID
X-ND-Cache
X-COUNTRY
X-MServer
X-Processor
X-BBXSRF
X-Datadome
X-Worker
X-Hp-Webp
X-ServedByHost
X-SRV
X-Shard
X-LiteSpeed-Cache-Control
A
X-SERVER-NAME
X-UPSTREAM-Address
X-Fastly-Cache-Hits
DataCenter
X-Cdn-Origin
X-Sn-Servicetimems
X-CACHE-AGE
V-Age
X-VCT
X-HS-Status
X-Check-Cacheable
X-Amzn-Remapped-Content-Length
X-Requestid
X-GZIP
X-SVT-ORM-RULES
X-SVT-ORM-VERSION
Host-ID
X-GeoIP-City
Proxy-Firewall
X-Cache-HT
X-Geo-Header
X-Optimization
X-NGINX-Cache
Geoip-Latitude
Get-Access-Time
X-P-T
WP-Super-Cache
X-Vcache
X-ServerName
Cneonction
UCS
X-Git-Hash
Dnion-Transfer-Encoding
X-BE
Is-Session-Tracking
X-ID
X-Backend-TTL
Request-Country
Request-EU
ServerName
X-Varnish-URL
X-PAGE-TYPE
X-PJAX-URL
X-Port
GeoIp-Country-Code
Requestid
X-Csrf-Token
Serverid
X-NWS-UUID-VERIFY
X-GDPR
X-Fpc
FSS-Proxy
X-HostName
FSS-Cache
X-StackifyID
Pragrma
Cache-Provider
X-Fe
X-LiteSpeed-Tag
X-Planisys-CDN-Cache
RequestUuid
X-Dw-Trace-Id
Server-Id
X-Planisys-CDN-TTL
X-RCS-Backend
X-Planisys-CDN-Rules
X-Vg-Webcache
X-Html-Edge-Cache
X-Org
X-Fastly-Backend-Reqs
Inserted-Into-Cache-At
X-Gen-Id
189phosttRef
355prline
352pxline
409pxxline
Xxline
X-CS
X-Request-Url
286prxHost
WZWS-RAY
X-RAMCache
178proxuri
188prxHost
219prxHost
225prxHost
DSUID