Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-XSS-Protection
X-Pingback
X-Frame-Options
X-AspNet-Version
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
Strict-Transport-Security
Via
X-Adblock-Key
X-Language
X-Template
X-Check
Access-Control-Allow-Origin
X-Varnish
X-Buckets
X-Generator
X-Cacheable
X-Drupal-Cache
Content-Location
X-AspNetMvc-Version
X-Hacker
X-Ac
X-Request-Id
X-Powered-By-Plesk
X-Type
MS-Author-Via
X-Cache-Group
X-Pass-Why
X-Runtime
WP-Super-Cache
Status
X-Cache-Hits
X-Powered-CMS
X-Permitted-Cross-Domain-Policies
Ngpass-Ngall
Host-Header
X-Download-Options
X-UA-Device
Access-Control-Allow-Credentials
X-Dc
X-ShardId
X-Alternate-Cache-Key
X-ShopId
Keep-Alive
Access-Control-Allow-Headers
X-Iinfo
X-Via
Content-Security-Policy
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Tumblr-User
Access-Control-Allow-Methods
X-Tumblr-Pixel-1
X-Mod-Pagespeed
X-Logged-In
X-Backend
X-Served-By
X-Pad
X-Tumblr-Pixel-2
X-Contextid
X-Cache-Status
X-Request-ID
X-ServedBy
X-PC-Key
X-PC-Hit
X-Server
Powered-By
Upgrade
X-FRAME-OPTIONS
X-CDN
X-Host
Content-Encoding
X-Tumblr-Pixel-3
X-Cache-Hit
X-PC-Host
X-PC-Date
X-PC-AppVer
X-Port
X-Timer
X-Robots-Tag
X-Accel-Version
X-Varnish-Cache
X-Rack-Cache
X-Cache-Lookup
X-Cnection
SPRequestGuid
X-SharePointHealthScore
MicrosoftSharePointTeamServices
X-Server-Powered-By
X-Amz-Cf-Id
X-Request-Country
MicrosoftOfficeWebServer
X-Page-Speed
X-Safe-Firewall
X-MS-InvokeApp
X-XRDS-Location
Alt-Svc
Rating
X-Turbo-Charged-By
X-Content-Powered-By
CF-Cache-Status
X-Tumblr-Content-Rating
X-AH-Environment
X-Node
X-Tumblr-Pixel-4
X-Content-Digest
X-Seen-By
X-Wix-Renderer-Server
X-Cache-Enabled
X-W-DC
X-Wix-Request-Id
X-FullPageCaching
X-GitHub-Request-Id
Public-Key-Pins
X-PhApp
Request-Id
X-Webserver
Content-Security-Policy-Report-Only
X-INKT-URI
X-INKT-SITE
SPIisLatency
SPRequestDuration
Composed-By
Timing-Allow-Origin
Served-By
Cf-Railgun
X-Firenze-Processing-Times
X-Amz-Request-Id
X-Amz-Id-2
Permitted-Cross-Domain-Policies
X-HeyJason
X-Proxy-Cache
Liferay-Portal
X-Hyper-Cache
X-Spip-Cache
X-Styx-Req-Id
X-Pantheon-Styx-Hostname
X-Styx-Version
Surrogate-Key-Raw
X-Pantheon-Endpoint
Access-Control-Max-Age
Xkey
Access-Control-Expose-Headers
X-Server-Name
Surrogate-Key
X-Swift-CacheTime
X-Swift-SaveTime
Charset
X-Content-Security-Policy
X-Drupal-Dynamic-Cache
EagleId
X-CF-Powered-By
X-Tumblr-Pixel-5
Grace
X-CDN-Pop-IP
X-CDN-Pop
Content-Script-Type
Content-MD5
Content-Style-Type
Refresh
X-SERVER
X-FW-Hash
Access-Control-Allow-Method
X-Hits
X-XN-XNHTML
X-XN-Trace-Token
X-FB-Debug
X-Dw-Request-Base-Id
X-Tumblr-Adult-Blog
X-FW-Static
X-FW-Serve
X-FW-Type
X-Device
X-LJ-Flow-ID
X-VWS-Id
X-AWS-Id
X-VCache
Public-Key-Pins-Report-Only
X-Clacks-Overhead
X-Fastly-Request-ID
X-User-Agent
Real-Hostname
X-Loop
X-TNCMS
X-Jimdo-Wid
X-Jimdo-Instance
X-Backend-Server
X-Cache-Config
X-Cache-Server
X-Umbraco-Version
X-Generated-By
X-DDC-Arch-Trace
X-Url
X-HOST
X-LiteSpeed-Cache
X-Cloud-Trace-Context
X-Cache-Result
Edge-Control
X-MiniProfiler-Ids
X-Tumblr-Pixel-6
Fastly-Debug-Digest
X-Cached-By
X-Cdn
X-ServerName
Cartoon
X-Cached
X-Hostname
X-Px
WZWS-RAY
X-Age
X-Powered-By-360WZB
PageSpeed
X-Outils-CS
X-CMS-Version
NS-RTIMER-COMPOSITE
X-Whom
Surrogate-Control
Fpc-Cache-Id
Response
TCN
X-DynaTrace-JS-Agent
X-Middleton-Response
X-Middleton-Display
Display
X-Sol
X-Forwarded-For
X-WebKit-CSP
X-DynaTrace
X-Handled-By
Imagetoolbar
ServedBy
Rt-Fastcgi-Cache
Product
X-TTL
X-Varnish-Cache-Hits
X-AspNetWebPages-Version
X-Content-Options
Front-End-Https
X-Newrelic-App-Data
X-From
DynaTrace
X-URL
X-Msg-2-Log
X-Recruiting
X-Do-Not-Hack
X-Micro-Cache
X-NetCat-Version
X-BC-Stapler
Access-Control-Request-Method
X-Country-Code
Fhost
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Status
X-Servedby
IBM-Web2-Location
X-Returned-From-DLL
X-Original-Request
X-Actual-URL
Alternate-Protocol
X-Passed-To
X-Passed-To-DLL
X-Returned-From
X-LiteSpeed-Cache-Control
X-App-Hosting
X-Content-Encoded-By
X-ApacheServer
X-Stale
X-EC-Security-Audit
X-Returned-From-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Returned-From-BeforeDispatch
X-Passed-To-PostProcessResponse
X-Hosted-By
Origin
Generator
X-FORWARDED-FOR
Akamai-IP
X-Track
Page-Completion-Status
X-SRCache-Fetch-Status
X-SRCache-Store-Status
X-Matrix-Proxy
X-Matrix-Server
X-Varnish-Host
X-Expires-Orig
X-Platform
X-PERF
X-UD-Method
Powered
X-Server-ID
X-I
X-Firenze-Processing-Time
X-Origin
X-CacheServer
Host
X-Daa-Tunnel
X-S
Magicmarker
X-I-Sp
X-BS
X-Location-Id
X-Varnish-TTL
X-Art-Request-Id
X-Version
X-Vtex-Processado-Em:
X-Vtex-Processed-At
X-Magnolia-Registration
X-VTEX-Janus-Router-Backend-App
Ag-Server-Time
X-Vtex-Remote-Cache
X-Powered-By-VTEX-Janus-ApiCache
No
X-Abuse
X-Varnish-Cacheable
X-Powered-By-VTEX-Janus-Edge
Ag-Send-Time
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
Ag-Execution-Time
X-Varnish-Backend
Powered-By-ChinaCache
Content-Hash
Content-Encoding-Handler
Server-Info
ServerName
Surrogate-Keys
X-Cache-TTL
X-Engine
USPLoggingUUID
X-Cache-Rule
X-OneAgent-JS-Injection
X-Goog-Hash
X-Upstream
X-Gamma-Serve
X-Cache-Age
X-Source
X-Microcachable
X-Cache-Info
X-Director
X-Varnish-Seen-By
X-Varnish-RemainingTTL
X-ATG-Version
X-RESOURCE
X-URLSCHEME
Content-Disposition
X-Response-Time
X-B-Cache
X-Developer
Lsrequestid
X-Route-Server
MIME-Version
X-DNS-Prefetch-Control
X-Request-Time
X-Instart-Request-ID
X-Cache-Debug
X-Duration
X-SDS
Proxy-Agent
X-Cache-Lifetime
X-CJ-Soft
X-Cache-Expires
Edge-Control-Message
X-Front
Content-Security-Policy-Rerport-Only
X-DefendeR-Status
X-DefendeR-Runtime
X-Varnish-Age
X-Translation
X-Microcache-Status
X-Device-Type
Last-Published
Version
Node
SN
Arr-Disable-Session-Affinity
X-NoCache
X-Varnish-GracePeriod
X-Varnish-RemainingLife
Location
X-Cache-Control-Orig
X-Varnish-ObjectSource
Proxy-Connection
Fastcgi-Cache
X-Rocket-Nginx-Bypass
X-Speed-Cache
X-Speed-Cache-Key
X-Geo-IP
X-Drectory-Script
X-Revision
Webluker-Edge
Cache-Key
Buuteeq-Source
X-Cache-Operation
X-Server-Id
X-FW
X-Cookie-Domain
X-Powered-By-Server
X-PwB-Node
X-Storage
Nitro-Cache
X-N
X-GeoIP-Country-Code
RTSS
ServerID
X-Zen-Fury
X-Processing-Time
X-LB
Req-Id
Cache
X-Akamai-Device-Model
S
X-Client-IP
X-Akamai-Device-Characteristics
X-Grace
X-ServerID
X-Platform-Processor
PICS-Label
X-Platform-Router
X-Cache-Tags
X-Varnish-Server
X-Geo-IP-Region
X-Geo-IPV
X-Content-Age
X-Geo-IP-Metro
X-GeoIP-Country-Name
X-Geo-IP-Country
X-Mobilized-By
X-Correlation-Id
W
X-Time
X-Fastcgi-Cache
X-Dispatch
X-Kinsta-Cache
Pics-Label
X-Edge-Location
X-Vcap-Request-Id
X-Amz-Version-Id
Retry-After
CC-CACHE
Accept-Charset
X-Xrds-Location
X-Server-Upstream
X-Hypernode
Srv
MJ12bot
X-SV-CreatedAt
X-Page-Cache
X-SV-Duration
SEOMOZ
X-SV-FromDBCache
X-SV-Pid
X-SV-Nginx-Duration
X-CDN-Cache-Status
X-CDN-Node
X-SE-Debug
Filter-Revision
X-AOL-HN
X-Orig-Vary
X-Purge-URL
X-Varnish-IP
X-Config-Blacklist-Version
SVR
X-ACMCache
X-App-Server
X-UPSTREAM
X-Cache-Key
X-StackifyID
X-Varnish-Count
X-SV-Edge
X-SV-CacheTags
X-Dynatrace
X-Varnish-HitMiss
X-Trace
X-VARNISH-Cache
X-Processed-By
X-SV-Expires
X-Real-Server
Accept-Encoding
Id
Qs-Cache
X-Application-Context
X-Nginx-Cache-Status
X-Cache-Engine
X-Platform-Cache
Nodo
X-Frontend
Backend
X-Nhost
X-Nurl
X-WEBSERVER
X-Varnish-Hits
A-Powered-By
X-Framework
X-NFE
X-Cache-Doesi
NetMindSessionID
Host-Service
X-Server-Response-Time
HAVer
HCVer
X-Yadis-Location
SSPAppContext
X-Yottaa-Optimizations
X-Yottaa-Metrics
X-Browser
Cached
X-Member
X-PG
Frame-Options
X-Mobile-URL
Cm-Server
X-ClientSide-Caching
AMF-Ver
X-Purge-Host
COMMERCE-SERVER-SOFTWARE
X-Empowered-By
Front
X-NB-Cached-Page
X-BKSrc
X-Directory-Script
X-PF-Uncompressing
X-Blog
NODE
X-Nginx-Host
X-Sys-Req-ID
X-NginX-Upstream-Addr
X-NginX-Upstream-Response-Time
X-NginX-Node
X-AbeBooks-Version
X-ARC
X-CDN-Forward
Dynatrace
X-NginX-Upstream-Status
X-Discourse-Route
X-Resolver-IP
X-Config-By
Content-Transfer-Encoding
Mobiquo-Is-Login
X-Edge-IP
X-Connection-Hash
X-Transaction
X-Twitter-Response-Tags
X-Cocoon-Version
Section-Io-Id
X-Machine-Name
IISExport
Backend-Timing
X-Supported-By
X-Analytics
X-Cf-Powered-By
Rewriter
Smug-CDN
X-Worker
X-Server-Start-Time
X-Origin-Id
X-NginX-Cache
Author
X-V
X-Nitra-Side
Logging-CorrelationId
X-SmugMug-Hiring
X-SmugMug-Values
X-TTFB
X-TTFB-L
X-Env
X-Prefetched
X-Varnish-Hostname
X-IIJ-Cache
X-Cache-Control
X-Ttl
IM-Version
Server-Name
CacheControlHeader
X-GeoIP
Myheader
X-Garden-Version
X-Adobe-Content
X-Varnish-Debug-Age
WSR-Cache
X-ID
X-Grid-Server
X-Adobe-Loc
Pool-Info
X-Session-Reinit
Ibf5scheme
X-LW-Web-Server
X-XTM-Node
X-Highwire-RequestId
X-F-Cache
Allow
X-AOL-SNH
X-Plat-Va-Ip
X-Highwire-SessionId
X-SmartBan-URL
X-Plat
X-TempDebug
X-Plat-Be-Ip
Thanks
X-SmartBan-Host
X-Debug
X-Dispatcher
X-WA-Info
SRV
X-Client-Image-Vid
X-Amz-Meta-S3cmd-Attrs
XDomainRequestAllowed
X-EPiphany-Vid
X-NginX-Server
X-Amz-Storage-Class
WWW-Authenticate
X-Varnish-Ttl
X-Client-Vid
X-Flow-Powered
X-NginX-Cache-Status
X-IsCacheURL
Eomportal-Instance
X-Jphone-Copyright
CT
X-Domain-Checked
X-ORACLE-DMS-ECID
BALANCEDTO
Head
X-WR-Flags
X-LB-Server
VAR-Cache
X-EDGECONNECT-GUID-DEBUG
Cneonction
X-App-Status
X-Sucuri-ID
X-Balanceador
A
X-Provisioner-Version
X-Varnish-Debug-TTL
X-Atraveo-ETag
Mime-Version
X-Unique-Id
X-Atraveo-Cache-Control
X-Atraveo-Param-Rm
X-Vary-Options
X-Atraveo-From-Varnish-Cache
X-Atraveo-Expires
X-Atraveo-TTL
X-Atraveo-Zone
X-Atraveo-Varnish-Server-Id
Cpu
X-Vhost
Noq
Ram
X-SV
X-Airee-Node
MW-Webserver
X-Trace-Id
X-Atraveo-Set-Cookie
X-Nginx-Cache
X-Cache-Fix
X-HP-Trace-ID
X-Optimization
X-Cache-PageType
X-HP-Trace-Project
X-BackendServer
X-Pagename
X-Hosts-Backend
X-Hit-Cache
Sid
X-Webcelerate
X-Unique-ID
X-PRAM
X-Source-ID
X-Real-IP
X-MrHost
X-RiS-UFDI
Keywords
ORIGIN
X-JG-Page-Cache
X-Force
S-Cnection
Referrer-Policy
X-Webstats-RespID
Ngpass-Vcall
X-DealerOn
X-Varnish-Grace
X-Signature
X-Server-IP
Bios
X-SRV
X-Dns-Prefetch-Control
X-Symfony-Cache
X-Magento-Tags
X-HOSTNAME
SBGI-Device
X-Srv
ServerSignature
X-Dev
X-ServerIndex
X-Distributed-By
ServerTokens
Worker
X-Cms-Mode
Servername
Beyond-Iis
SBGI-9
X-HW
SBGI-RealPath
SBGI-7
SBGI-5
SBGI-1
SBGI-10
SBGI-RenderTime
X-WP
NZSpeedy
X-Avvio-Cms-Cacheload
X-EdgeConnect-Origin-MEX-Latency
X-Goog-Generation
X-Captured
X-Goog-Metageneration
X-Goog-Stored-Content-Encoding
X-GUploader-UploadID
X-Goog-Stored-Content-Length
Set-Cookie2
Web
X-CB-Server
D
X-Key
X-Smartcache-Timeout
CLMOB
X-EdgeConnect-MidMile-RTT
X-Goog-Storage-Class
Ctx
X-Ob-Mode
X-SDE-Name
X-Smartcache-Keys
X-Hiawatha-Cache
X-Detected-Device
Real-Server
X-Restarts
X-DOM
X-Header
X-Runtime-Affili
INCOMING-TIME
P-WS
P-LB
X-Id
X-Distributor
X-Rack-Cors
HitInfo
X-Ser
X-Varnish-RemainingGrace
CmsCacheEngine
X-Upstream-Backend
From
X-Cache-Set
Cmstype
X-RealServer
X-Esi
X-REDIRECTSERVER
MC
Cmsid
X-Fstrz
NLCacheNote
X-HTML-Minification-Powered-By
X-B
X-Actindo-RS
X-Cache-Level
X-Cache-On
X-DSMX-Rewrite-MS
Description
X-DSMX-Render-MS
SS
X-ASAP-Cache
X-B2f-Not-Route
X-Desc
Content-Server
X-Phpwcms-Page-Processed-In
Backend-Node
AsisCache
X-Pressidium-NinukisWP-Ver
X-Phpwcms-Release
N365rili
X-7d-Trace-Id
X-7d-Instance-Id
Sophnep-Edge-FX
X-Server-By
X-Environment
X-Sov
X-RequestId
X-AISO-Server
X-T3Cache
X-T3CacheInfo
X-Platform-Server
X-Invoke-Duration
Resin-Trace
X-Rot
X-MAT-GEO
X-Rebelmouse-Surrogate-Control
X-T3CacheTags
ScoreTracker
X-Cache-Source
X-Src-Webcache
Prxy
X-Lifetime
X-Cache-Provider
Ksid
Imx-Cookies-Used
Access-Control-Request-Headers
Actual-Object-TTL
VnhCdn-Status
Paypal-Debug-Id
X-FIRSTBase
X-We-Are-Hiring
X-Cache-Var
X-Cache-Var-Map
X-GSL-Server
Fw-Via
Ec
X-Site:
X-DTC
Device-Type
X-Cache-Node
X-Clara-ASAP
Warning
X-Accel-Expires
X-Apm-Telemetry-Syncmark
Cluster-ID
X-Unbounce-VisitorID
Proxy-Cache
OT-RequestId
X-Response
X-Enhanced-By
X-Rebelmouse-Cache-Control
Cache-Rule
NnCoection
X-Frames-Options
X-Server-Instance
X-Nginx
X-Unbounce-PageId
X-Unbounce-Variant
X-RDP
X-Secret
X-Middleton-PageSpeed
M
Serverid
Server-Ip
X-4ormat-Cacheable
Xc
WP-AdvCache-MemCached
MageStack-Tag
MageStack-PageSpeed
Content-Generator
MageStack-Web-Node
X-Rack-CORS
X-Backend-Name
X-VC-TTL
CommunityServer
X-Magento-Action
X-SSL-Cipher
MageStack-Loadbalancer
X-SSL-Protocol
MageStack-Cache
MageStack-Area
MageStack-Cache-Lifetime
MageStack-Cache-Hits
MageStack-Debug
MageStack-Cache-Status
MageStack-Config
MageStack-Cacheable
X-Remote-Addr
Accept-Language
X-Turpentine-Cache
X-Varnish-Currency
X-DN-Cache-Control
X-Hstore
Copyright
Il-Cl
Ttl
X-Hrouter
X-Amz-Id-1
X-Varnish-Action
Nginx-Cache
X-HostName
X-OPNET-Transaction-Trace
X-DN-GyrobaseID
X-Varnish-URL
X-Varnish-Store
X-Varnish-Set-Cookie
X-Varnish-Esi-Method
WFE
X-FastCGI-Cache
X-Search-Id
Pool
X-NewRelic-App-Data
X-Varnish-Esi-Access
X-Time-Microsecs
X-Runtime-Memory
X-Xhr-Current-Location
X-Generated
X-Dw-Trace-Id
X-Author
Expiries
X-Bypass-Ssl-Transform
X-Proto
X-Server-Addr
X-Oracle-DMS-ECID
X-Ocache
X-FCMS-Cache
User-Agent
Max-Age
X-CSRF-TOKEN
X-SID
X-Is-Mobile
X-Pagely-Cache
X-Varnish-Instance
X-Varnish-Error-Restart
X-Varnish-Backend-Healthy
Cteonnt-Length
GenSvr
X-Info
Fastly-Restarts
X-HITS
B-Powered-By
X-Bcwwwid
If-Modified-Since
X-Appmachine-Environment
T
DrivedBy
Atp-Isdpp
X-Rewritten-By
X-Stage
X-ManagedFusion-Rewriter-Version
X-Turpentine-Esi
X-SeschatTemplateID
X-ACCELERATE
X-SeschatDID
X-SeschatLayout
X-Cluster-Node
X-Hosting
IsMobile
X-APP
X-Healthy
User-Cache-Control
Hosted-By
X-COUNTRY-CODE
NS-VaryByCustom-Key
Server-Id
X-AccessDev
PServer
X-TB-M
Mto-License-Status
X-SeschatRedID
X-DEBUG
VServer
Provider
X-Litespeed-Cache-Control
X-Seschat-URL
X-Router
X-OCTOPOD
E-TAG
X-UseReverse-Proxy
X-Router-Backend
Expire
X-EPiLogOnScreen-PostUrl
X-Status
X-OpenCart-Lightning
X-Ratelimit-Remaining
VC-NoCache
X-Old-Content-Length
X-EPiLogOnScreen
At-Isb
TP-L2-Cache
At-Shoptype
X-Security
TP-Cache
X-RAMCache
X-Not-Cacheable
X-A
X-HAProxy
XDisk
RN-Server
X-Contact
X-CacheResult
X-Cache-TTL-Remaining
X-Cache-Device-Type
X-Cache-2
X-Faeria
X-Webapp
X-NewsFlow-Sitename
X-Node-Name
X-Cache-Keep
X-NewsFlow-DoCache
X-LW-T
X-Fedora-School-Id
X-Firewall
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
CIPHER-NAME
X-Varnish-Cache-Local
MwpReleaseVersion
WSCLoggingUUID
Powerd-By
AGI-Request-ID
X-Meta-MSSmartTagsPreventParsing
X-Meta-MSThemeCompatible
QC-Time
Og
X-ORACLE-DMS-RID
X-WR-MODIFICATION
Content
X-AG-MIPS
QC-Key
QC-Hit
X-Meta-Imagetoolbar
X-Instance-Name
X-Hosting-Env
X-Render-Time
X-MSU-SOURCE
X-Farm-Server
Httpd-Identifier
X-Tile-Url
X-GRACE
MSSmartTagsPreventParsing
X-Content-Security-Policy-Report-Only
X-Clx-Request
X-Cache-Backend
X-Forwarded-Proto
MSThemeCompatible
Url-Hash
X-Wm-VIP
X-Wm-1
X-Box
X-Mobile
X-Cache-Action
Brandcast-Load-Balancer
X-CDN-COMPRESS
X-Cache-Extended
X-ACLR-Version
X-IP-Address
Kanooh-Host
X-Domino-CacheValidationWithETagResult
X-Domino-CacheValidationWithETagReason
Content-ID
Brandcast-Brand-Id
X-Application
X-Cluster-Host
X-Company
X-RSS-CACHE-STATUS
X-Venda-Hitid
X-Timing
X-WHOIS-Cached
X-Wikidot-Static-Cache
X-Wikidot-Backend
Cache-Status
X-Catalyst
X-Nginx-Request-Time
X-Depends
X-E
X-Custom-Header
X-ProxyInstancename
X-WorkerInstancename
Progma
Cache-Control:
Fastly-Backend-Name
Cdate
Host-Name
NtCoent-Length
PowerCDN
X-Vhost-ID
X-N-ViewType
X-ESI-Enable
X-FFX-B
X-Nocache
X-Hcom-Styx-Info
RequestId
Www.Aujourdhui.Com
X-Flex-Tag
X-Flex-Lastmod
X-Flex-Tags
X-Hash
X-HP-CAM-COLOR
X-Flex-Lang
X-Flex-Evstart
X-ATP-Server
X-Device-Group
X-Flex-Community
X-Flex-Evend
MageStack-Cache-Warning
BKREF
X-ASAP-Age
X-Ar-Debug
X-Gannett-Site-Version
X-T
Edgecast
X-Jcms-Ajax-Id
X-Ghost-Cache-Status
X-AISO-Cache
X-AISO-Cacheable
X-Amz-Meta-Cb-Modifiedtime
X-ETag
Hamster
Vacache
X-Litespeed-Tag
X-PBY
X-RequesterIP
X-Span
X-Hit
X-EZPublish-NodeID
X-App
X-Artvisual-Server
X-DataDome
X-EZPublish-InstallationID
X-Max-Age
Apachenode
Apache
Http
Note
SAVVIS
X-Your-GrandPa-Would-Wait
X-Would-Your-GrandPa-Wait
X-Does-He-Have-Time
X-Route
X-TTL-Age
Version-Epoch
X-FreeTag-Count
RouteID
X-Mii-Cache-Hit
X-AWS
APP-VERSION
X-SilverStripe-Cache
X-PoolMember
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-Cms-Server
Session-Id
X-Uid
Be
ServerIP
X-RateLimit-Remaining
X-PM-ID
X-Obr-Rule
X-CCM
X-Pb-Mii
X-Beatles-Hits
X-Gyrobase-Publication
X-Mod-Oboe-PS
X-Pj-Cache-Status
X-Cache-Me-Harder
Redirect
Orgin-Server
Public-Extension
LB
Exires
X-Powered-By-Home.Pl
X-VC-Enabled
Aoestatic
Beon-Cache-Status
ResourceTag
HA-Front
TMP
X-PF-CACHE-FAILED
X-Pageid
X-Provided-By
X-MCF-ID
X-Session-ID
X-Magento-Lifetime
X-Logword
Web-Head
X-Time-Spent
X-Cache-Via
X-DDM-SERVER
X-DDM-SERVER-UPDATED
RSL-Trace-ID
X-Pixelsilk-Server
X-Pj-Cache-Time
X-Pj-Cache-Key
X-Powered-By-Anquanbao
X-ProcessTime
X-Reason-Bp
X-Pj-Cache-Gzip
X-Page
X-Original-Host
X-BeResp-Ttl
X-Pj-Cache-Expires
X-Pj-Cache-Flags
X-Qnm-Cache
X-Transaction-Id
X-Varnish-Cache-Control
P
X-DEBUG-TTL
From-Origin
X-NewCloud-V-Cache
X-Site-Name
X-Cache-ID
X-Backend-TTL
WebServer
SiteName
Cleartype
Content-Instance
Lookup-Cache-Hit
X-Pixelsilk-Version
X-Tradeindia-Request-GUID
X-DeliveryServer
X-Client-Ip
X-Geo
X-HASH
X-LS-DEBUG
X-CDN-Any-IP
X-AUSERNAME
X-WebNode
X-PS-MURDOCK-ORIG-PROTOCOL
X-9XB-Server
X-AREQUESTID
X-ASEN
X-ProcessESI
X-RemovedCookies
HA-Georegion
HA-Geolon
HA-Host
HA-Ipaddr
HA-Servedtime
NKBVHEADER
HA-Geolat
X-Cache-Ttl
HA-Cloudapp
HA-Geocity
HA-Geocountry
X-PS-MURDOCK-ORIG-FILEEXT
X-PS-MURDOCK-CASE-NORMALIZATION
X-VCS-Hit
X-VCS-Cacheable
X-VCS-Host
X-VCS-Nrhit
X-VCS-Status
X-HA
X-VCS-Cache-Server
HA-Urlpath
X-Tags
X-Tradeindia-SMgmt
X-Capoed
X-VCS-Billing
X-VCS-Ttl
X-VCS-Url
"
X-CACHE-TTL
X-LOCATION
X-Obj-Ttl
X-POPSUGAR-Server-Name
X-Beresp-Ttl
Server-ID
X-Zendesk-Origin-Server
X-Zendesk-User-Id
XX
ReqUrl
X-SuperCache
WWW
X-Expose-Generated
X-Expose-Hostname
X-ESI
X-Proxy-Cache-Key
Ews
X-Expose-Site
X-Expose-Took
X-AppServer-Cache-Rule
X-Feed
X-AppServer-Status
X-Batcache
X-FarmId
X-Server-Generated
X-Server-Instance-Name
Gzip
F5-IpCliente
Thinkindot-CacheControl
REFRESH
HOST-SERVICE
ClientIP
Thinkindot-CacheControl-Type
X-Memcached
X-Cache-Handler
X-Mobile-Device
X-Apache2-RT-MicroSec
Thinkindot-Control
X-Highwire-Sitecode
X-Accel-Cache-Control
WP-Cache
X-IP
Origin-Server
X-NGINX-Cache
X-Do-Esi
X-MCB-Server
AC-ELC
OutputRewritten
Debug-Status
X-VhostID
X-Test
X-Protected-By
X-BC
Dispatcher
X-Original-IP
V-Cache
X-Nginx-VM-RT
X-Matched-Rule
X-DynamicCache
SERVER-IP
X-SATserver
X-MOBILE
Aurora-Node
X-Theme
X-Cache-Served
X-Powered-Developer
X-Requested-Page
Language
X-VARITI-CCR
X-BPool
X-BServer
X-Cacheable-TTL
X-UUID
X-Request-Received
X-Content-Parsed-By
X-Built-By
X-CO-Host
X-Pubstack
X-Request-Processing-Time
X-Distil-CS
X-Layout
SLB
MageStack-Response-Ttl
X-Cache-Ua
X-Checkout
X-Content-Type
MageStack-Cacheable-Reason
X-W3TC-Minify
X-Rq
X-Region
X-This-Proto
X-Title
X-Varnish-Max-Age
VANITY-HOST
HostName
Served-From
X-TargSmaku
LBVIS
X-SL-Norewrite
X-SL-Notranslate
X-Goog-Meta-Replace
X-Goog-Meta-Policy
X-Web-Node
DB-Nickname
X-FG-RequestId
Svr
X-Compressed-By
X-UA
LBC
Pw-Value
X-JSESSIONID
DeleGate-Ver
Disablevcache
EXT-CACHEEXPIRE
X-Location
X-Cache-Why
CD1
Machine
Fpc-Expire
X-Nginx-Page-Cache
X-DB-Content-Length