10

I've seen an HTTP header called X-iinfo. Her are some examples:

X-Iinfo: 5-17009424-17011001 PNNN RT(1388193526625 4677) q(0 0 0 -1) r(1 1) U10000

X-Iinfo:4-13055499-13055501 NNNN CT(182 -1 0) RT(1388193578304 0) q(0 0 1 4) r(6 6) U1

Parts of them (but not all) seem to change on refresh.

What is this header?

Evan Hahn
  • 12,147
  • 9
  • 41
  • 59
  • 1
    A little context would be helpful. What is giving this? HTTP headers are not limited to standard ones, so a website can generate any header it wants with any data in it. – lincb Dec 28 '13 at 01:40
  • yes. probably the website you are visiting, could have stuffed them to better communicate with its own server subsequently. – Siva Tumma Dec 28 '13 at 01:54
  • I've seen it on a number of websites. I'll do some research on my own. – Evan Hahn Dec 28 '13 at 15:44

3 Answers3

11

I can confirm that it is a incapsula CDN header and i talked with then about a cache and got this info about it:

X-Iinfo:9-49176764-0 0CNN RT(1426425483129 667) q(0 -1 -1 -1) r(0 -1)

The C letter in the 0CNN above indicates the the resource is served from cache. 

X-Iinfo:4-152072-152074 PVNN RT(1415979066955 4498) q(0 0 0 -1) r(2 2)

The V letter in the PVNN indicates the same, plus, that the resource passed validation (in the backend servers) and it is fresh.

X-Iinfo:4-152072-152074 PNNN RT(1415979066955 4498) q(0 0 0 -1) r(2 2)

Any other letter on that field will indicate that the resource is not served from cache and was fetch directly from the backend

higuita
  • 2,127
  • 20
  • 25
  • In the latest releases I think this has changed a bit, **0CNN** is still cached, but now I see **SNNN** and **NNNN**. – Baris Dec 13 '16 at 08:09
  • @Baris right, so you got a *N* in the 2 position on both those examples, that means that the resource was fetch from the backend. Notice the last sentence of my post. :) – higuita Dec 16 '16 at 12:36
  • no docs nor links, as a client i created a ticket to incapsula asking for more information about the headers and got the above info. the other fields are for their internal use and they didn't gave more info. – higuita Jun 08 '18 at 19:02
10

After I pointed out to Imperva that their WAF Cloud Security customers are relying on Stack Overflow to interpret their header they have now kindly now included it in their documentation:

https://docs.imperva.com/bundle/cloud-application-security/page/settings/caching.htm

ZZ9
  • 2,177
  • 2
  • 27
  • 38
2

It appears to be related to the Incapsula search engine. Every site I found that supplied the X-Iinfo header also supplied X-CDN: Incapsula.

I couldn't find documentation on what the numbers mean, but the first number after RT appears to be a date. The rest would require more investigation.

Evan Hahn
  • 12,147
  • 9
  • 41
  • 59