Threat Level: green Handler on Duty: Richard Porter

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
Link
P3P
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
X-Frame-Options
Keep-Alive
CF-RAY
Content-Location
X-Varnish
X-Language
X-Check
X-Template
X-Buckets
X-Cacheable
Access-Control-Allow-Origin
X-Generator
P3p
X-Drupal-Cache
X-Ac
X-Hacker
WP-Super-Cache
Status
MS-Author-Via
X-Powered-By-Plesk
X-AspNetMvc-Version
Strict-Transport-Security
X-Pad
X-Runtime
X-Geo-Port
X-Geo
X-Request-Id
X-Powered-CMS
X-Host
X-Type
X-Cache-Group
MicrosoftOfficeWebServer
Access-Control-Allow-Credentials
Ngpass-Ngall
X-Server
X-Logged-In
X-Cache-Lookup
X-Mod-Pagespeed
X-UA-Device
X-Cache-Hits
Host-Header
MicrosoftSharePointTeamServices
X-Rack-Cache
X-Via
X-Tumblr-User
X-Iinfo
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Url
X-Backend
X-CF-Powered-By
X-XRDS-Location
X-Tumblr-Pixel-1
Access-Control-Allow-Headers
SPRequestGuid
X-SharePointHealthScore
Access-Control-Allow-Methods
X-Varnish-Cache
Content-Encoding
X-Forwarded-For
X-Served-By
X-Robots-Tag
X-Tumblr-Pixel-2
X-Accel-Version
X-Seen-By
X-INKT-SITE
X-INKT-URI
X-ContextId
X-ServedBy
X-ShopId
X-Alternate-Cache-Key
X-ShardId
X-MS-InvokeApp
X-Page-Speed
X-Cnection
X-BC-Is-HA
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-PodId
X-Sorting-Hat-ShopId
X-Sorting-Hat-ShopId-Cached
X-Dc
X-PhApp
X-Ua-Compatible
X-Webserver
X-Pass-Why
X-CDN
Composed-By
X-Safe-Firewall
X-Cache-Hit
X-Request-ID
Served-By
X-Hostname
X-PC-Key
X-PC-Hit
X-PC-Host
X-PC-AppVer
X-PC-Date
X-Firenze-Processing-Times
X-Port
X-Tumblr-Pixel-3
X-AH-Environment
X-XN-Trace-Token
X-XN-XNHTML
X-Cache-Status
X-FullPageCaching
Cartoon
X-W-DC
X-Wix-Renderer-Server
X-Wix-Dispatcher-Cache-Hit
X-Powered-By-360WZB
X-Wix-Request-Id
Cf-Railgun
X-Spip-Cache
Liferay-Portal
Content-Security-Policy
X-Amz-Cf-Id
X-Age
X-HeyJason
X-Amz-Id-2
X-Server-Name
Content-Script-Type
Content-Style-Type
X-Amz-Request-Id
X-Cache-Info
X-Umbraco-Version
Request-Id
X-Content-Digest
SPIisLatency
SPRequestDuration
Public-Key-Pins
X-Served-From-Cache
X-DynaTrace
X-SERVER
Rating
X-FB-Debug
X-Pantheon-Endpoint
X-Styx-Req-Id
X-Styx-Version
X-Styx-Build-Num
X-Styx-Build-Sha
X-Styx-Build-Date
X-Pantheon-Styx-Hostname
X-Hyper-Cache
X-Timer
DynaTrace
X-Cache-Server
X-Device
X-Outils-CS
X-Cache-Result
X-Clacks-Overhead
CF-Cache-Status
X-TN-ServedBy
Real-Hostname
Refresh
X-PHP-Engine
X-Loop
X-VCache
X-Tumblr-Pixel-4
X-PersistenceNode
TCN
X-HOST
X-Cached-By
X-Px
Wp-Super-Cache
Powered-By
X-Source
X-Mobilized-By
X-Cache-Enabled
X-Tumblr-Content-Rating
NS-RTIMER-COMPOSITE
X-Rot
X-Generated-By
Powered-By-ChinaCache
Imagetoolbar
X-Cached
X-CDN-Geo
X-CDN-Any-IP
X-CDN-Geo-IP
X-Content-Encoded-By
Page-Completion-Status
X-Original-Content-Length
Magicmarker
X-From
X-Microcachable
X-DynaTrace-JS-Agent
X-Loc
X-Tumblr-Pixel-5
Thanks
IBM-Web2-Location
X-FORWARDED-FOR
Product
X-CMS-Version
X-Sov
X-Backend-Server
Access-Control-Max-Age
X-Matrix-Server
X-Matrix-Proxy
X-Content-Security-Policy
X-Zephyr
X-Jimdo-Pid
X-Jimdo-Wid
X-W3TC-Minify
X-DDC-Arch-Trace
Charset
X-Permitted-Cross-Domain-Policies
X-Powered-By-Anquanbao
Pics-Label
X-Node
X-Cdn
X-Firenze-Processing-Time
X-TNCMS-Served-By
X-TNCMS-Render-Time
X-TNCMS-Memory-Usage
X-TNCMS-Version
Response
X-FW-Hash
Proxy-Agent
X-WebKit-CSP
CC-CACHE
X-FW-Static
X-FW-Serve
X-FW-Type
X-Version
X-I
Retry-After
Content-Encoding-Handler
Generator
X-TNCMS
X-SDS
ServedBy
X-Content-Options
X-Proxy-Cache
X-App-Hosting
MIME-Version
X-Varnish-Cacheable
X-Sol
Display
X-Middleton-Display
X-Varnish-Backend
X-Middleton-Response
X-Processed-By
X-UD-Method
X-UD-Host
X-Varnish-Host
X-User-Agent
Lsrequestid
X-Drectory-Script
Set-Cookie2
X-AspNetWebPages-Version
X-Hits
X-DNS-Prefetch-Control
Access-Control-Request-Method
X-Original-Request
X-Purge-Host
X-NoCache
ServerName
X-Varnish-TTL
X-Returned-From-PostProcessResponse
X-Returned-From
X-Returned-From-DLL
X-Passed-To-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Passed-To-DLL
X-Passed-To
X-Handled-By
X-Cache-Debug
X-Actual-URL
X-Returned-From-BeforeDispatch
Host
X-PF-Uncompressing
SID
X-Whom
X-Duration
X-Cache-Expires
RTSS
Node
X-Hosted-By
NODE
X-Expires-Orig
X-Xrds-Location
PICS-Label
X-Cache-Config
X-ApacheServer
X-LiteSpeed-Cache
X-Swift-CacheTime
Id
X-Swift-SaveTime
X-Nitra-Side
IISExport
Edge-Control
X-Purge-URL
VAR-Cache
X-SN
X-Micro-Cache
X-Cookie-Domain
AMF-Ver
X-Cache-Control-Orig
X-Director
X-PERF
X-ATG-Version
X-TTL
Machine
Content-Disposition
Fhost
Accept-Encoding
COMMERCE-SERVER-SOFTWARE
X-MiniProfiler-Ids
X-PwB-Node
X-Speed-Cache
Cache-By-Node
X-Speed-Cache-Key
X-Varnish-Hits
MJ12bot
SEOMOZ
Filter-Revision
X-Blog
X-Front
X-Session-Reinit
Surrogate-Control
SN
S
X-Varnish-IP
Cm-Server
X-Cache-Rule
X-ServerID
X-App-Status
X-Response-Time
X-CJ-Soft
X-Art-Request-Id
X-Vary-Options
X-ServerName
WWW-Authenticate
X-FIRSTBase
Website-Info
Server-Info
X-Cocoon-Version
Accept-Charset
X-GeoIP-Country-Name
X-S
X-GeoIP-Country-Code
Cache
X-Stale
Upgrade
Grace
X-Varnish-Server
X-Engine
X-Trace-Cache
Srv
X-App
X-Varnish-Age
X-BackendServer
Ngpass-Vcall
X-Cache-Operation
X-Highwire-SessionId
X-Highwire-RequestId
X-Amz-Meta-S3cmd-Attrs
A-Powered-By
X-Yadis-Location
Req-Id
X-Srv
X-Distil-CS
X-Tumblr-Pixel-6
X-Country-Code
X-Do-Not-Hack
Fpc-Cache-Id
X-ID
X-Track
Location
X-Time
X-Domain-Checked
X-Provisioner-Version
X-Cluster-Node
X-LIGHTHTTP-PCDID
Nodo
X-Server-Id
X-FW
X-ACMCache
X-Varnish-Cache-Hits
X-Microcache-Status
X-Device-Type
ServerID
Proxy-Connection
Origin
X-Cache-TTL
X-URL
X-SRV
NtCoent-Length
X-Gamma-Serve
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
Buuteeq-Source
X-Varnish-Beresp-Status
X-Cache-Age
Qs-Cache
MIH-PUBLIC-IDENTIFIER
NetMindSessionID
MIH-PLATFORM
MIH-CLIENT-FARM
CT
Powered
X-WEBSERVER
Backend
X-Orig-Vary
X-Frontend
X-Secret
Content-MD5
X-Transaction
X-Location-Id
X-Connection-Hash
X-Twitter-Response-Tags
Ms
X-Bettercache-Proxy
X-Sys-Req-ID
X-Varnish-Object-Age
X-Recruiting
X-FreeTag-Count
CommunityServer
X-Geo-IP
X-Translation
X-Adobe-Content
Dispatcher
Server-Name
X-Instart-Request-ID
X-Object-Id
X-Resolver-IP
PageSpeed
X-CHSN
X-Object-Type
Rt-Fastcgi-Cache
X-Ttl
Apache
X-Request-Locale
Server2
X-AOL-SNH
-GCR
Beyond-Iis
X-TempDebug
X-ServerCache-Info
X-Venda-Hitid
SS
MW-Webserver
LBVIS
X-Cache-Lifetime
X-Varnish-HitMiss
X-HostName
X-Varnish-Count
X-Server-ID
X-Src-Webcache
XDomainRequestAllowed
X-Trace
X-Header
X-Grid-Server
SVR
Version
X-Ar-Debug
X-Wily-Servlet
X-Wily-Info
Content-Transfer-Encoding
X-Machine-Name
Warning
BM-Cache-Key
BM-Cache-Node
X-Distributed-By
X-Enhanced-By
X-Directory-Script
From
UniqueName
X-Source-ID
X-GeoIP
X-Developer
X-Expires
X-Info
NLCacheNote
X-Atraveo-Varnish-Server-Id
X-Atraveo-NC
X-Atraveo-Cache-Control
X-PRAM
X-Atraveo-TTL
X-Atraveo-From-Varnish-Cache
X-Amz-Id-1
X-Force
X-Dev
X-Jphone-Copyright
X-Cached-Status
X-Cms-Mode
Webluker-Edge
Front-End-Https
X-Cache-Action
Worker
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processado-Em
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-Router
X-Powered-By-VTEX-Janus-ApiCache
X-WebServer
X-Powered-By-VTEX-Janus-Edge
X-VTEX-Cache-Status-Janus-ApiCache
No
Be-Va
Cteonnt-Length
SiteName
X-Vtex-Processed-At
Be-Ip
X-Vtex-Remote-Cache
ScoreTracker
X-Hash
X-Req-Host
X-Rewritten-By
X-Varnish-Debug-Age
X-GC-App
X-GC-Read
Last-Published
X-Cache-On
X-BS
X-Empowered-By
X-Powered-By-Server
X-GC-Write
X-Turbo-Control
X-ManagedFusion-Rewriter-Version
Allow
X-Varnish-ID
X-T3CacheInfo
X-Varnish-Debug-Hits
NnCoection
Front
X-UD-Loopcounter
LBC
X-UD-Target
X-Varnish-Action
X-UD-REMOTE-ADDR
X-WR-MODIFICATION
Author
X-Content-Age
X-B2f-Cache-Load
Access-Control-Expose-Headers
X-Uid
X-Router
X-SmugMug-Values
X-Router-Backend
MirrorName
X-Hit-Cache
X-TTFB-L
X-TTFB
Backend-Name-Original
X-SmugMug-Hiring
X-Cache-Ttl
X-MJ-Upstream-Addr
Smug-Env
LFY
X-Block
X-Flow-Powered
X-Gannett-Site-Version
X-SDE-Name
X-Vhost
X-Webapp
X-Pagename
X-Origin-Id
BM-Cache-Status
SFY
ORIGIN
X-Frames-Options
X-UseReverse-Proxy
X-Id
Tracker
No-Cookie
X-Vhost-ID
X-Stage
Cache-Ctrol
X-Trace-App
X-Channel-Maxage
Content-Security-Policy-Report-Only
X-ACCELERATE
Accept-Language
X-Monstercache-Timeout
X-WorkerInstancename
X-Remote-Addr
X-Max-Age
X-WP
X-Cache-Set
X-Garden-Version
SIP
Www.Mirrorgate.Se
X-OPNET-Transaction-Trace
X-Origin
X-T3CacheTags
Www.Mabracertifiering.Se
X-EPiLogOnScreen
X-B2f-Not-Route
X-N
XX
Jobb.Gil.Se
X-EPiLogOnScreen-PostUrl
Test.Executivepeople.Se
X-Geo-IPV
X-Geo-IP-Region
X-Geo-IP-Metro
X-Debug
X-ATM-RTime
X-Catalyst
X-ATM-RServer
X-Beatles
Edgecast
X-WA-Info
X-Kirra-SiteId
X-Response
X-Geo-IP-Country
Jobb.Assistentpoolen.Se
Ksid
X-UPSTREAM
Compression-Control
Jobb.Passal.Se
X-Via-Kemp
Il-Cl
Cpu
X-CacheTTL
X-Varnish-Device
Open.Jobgate.Se
WP-AdvCache-MemCached
Rt-Server
Cluster-ID
BM-CountryCode
X-Server-By
SS-Request-ID2
Ram
X-Edge-Location
Noq
No-Cache
X-Phpwcms-Page-Processed-In
X-Varnish-Cache-Server
X-MCB-Server
X-LAvg
Www.Myjob.Se
7e-Page-Cache
P3P:CP
X-UserAgent
X-Goog-Hash
X-Locale
X-S-Misc
X-ORACLE-DMS-ECID
X-Client-IP
X-Phpwcms-Release
X-Generation-Time
X-D-Time
X-MJ-Serve-Req-Time
Provided-Host
X-FS-UUID
SRV
X-Old-Content-Length
X-Life
Provider
Redirect
X-Web-Node
X-Route
X-Revision
X-Li-Fabric
X-Li-Pop
X-TLServer
X-LI-UUID
Head
X-Nginx-Backend
X-MobileDetected
X-Host-Url
Content
X-Monstercache
Tpt.Renderer
X-Monstercache-Host
X-Monstercache-Hash
Cmstype
X-Powered
Pool
X-CacheServer
X-Varnish-Cache-Local
CP
X-SSL
AppDynamics-BT
X-Actindo-RS
X-T3Cache
Sid
X-EdgeRouter
CDN
X-ChromeLogger-Data
BALANCEDTO
X-Farm-Server
X-DTC
X-Hrouter
X-Hstore
Web-Server
Tpt.Renderer1
X-Vivastreet
X-DefendeR-Runtime
After
Backend-Host
Copyright
Before
X-REDIRECTSERVER
X-Varnish-Restarts
X-Uplex
X-Client-Vid
X-EPiphany-Vid
X-FCMS-Cache
X-Varnish-Debug-Pool-Recv
X-Varnish-Debug-Pool-Fetch
ExecuteNonQuerySQLParam
X-Vivastreet-KiwiiPage
RATING
IsFullSiteRequest
Cmsid
ServerConfigManager.WebBugTracker
Server-N
Render
Fw-Via
X-Varnish-URL
B-Powered-By
X-SilverStripe-Cache
X-Accel-Expires
X-Distributor
Pool-Info
Bs-Header
Cneonction
X-Nginx-Host
X-PM-ID
X-7d-Version
ServerId
X-FFX-B
X-Ms-Invokeapp
X-7dig
If-Modified-Since
X-7d-Traceid
X-Time-Spent
X-CacheHits
X-Varnish-Cookie-Debug
X-ESI-Enable
X-RemovedCookies
Ec
X-ProcessESI
X-Amz-Version-Id
X-Yqk-Set
X-Internal-IP
User-Cache-Control
PServer
X-Varnish-Currency
X-DB-Content-Length
X-Nginx-Server
X-Server-Instance
X-Node-Name
X-Powered-By-Yqk
X-N-ViewType
X-Drupal-Cache-Tags
User-Updated-At
X-Domino-CacheValidationWithETagReason
X-Dynamic
X-Yottaa-Metrics
X-Yottaa-Optimizations
OriginServer
HAVer
X-ARR
97YES.COM
X-Built-By
X-Wikidot-Backend
X-SV
Sophnep-Edge-FX
X-Wikidot-Static-Cache
X-Edge-IP
X-Server-IP
User-Id
INCOMING-TIME
Xonnection
HCVer
TP-L2-Cache
X-Bcwwwid
Svr
TP-Cache
CacheControlHeader
Esi-Enabled
X-CCM
X-Full-URL
X-Real-Server
Mark
X-Brought-To-You-By
Progma
X-Domino-CacheValidationWithETagResult
WFE
X-Oracle-DMS-ECID
X-SeschatRedID
X-SeschatLayout
X-Seschat-URL
X-SeschatDID
X-SeschatTemplateID
X-Cache-Control
Sprequestguid
Xc
X-Allow-Redis
X-NginX-Server
X-IDS-WS
X-Purge-Level
X-Middleton-PageSpeed
X-PvInfo
X-NginX-Cache
X-Benchmark-Cache
X-Benchmark-Total
X-PBY
X-Benchmark-Sphinx-Count
X-Benchmark-Sphinx
X-Hit
X-Benchmark-Db
X-Varnish-Ttl
Ibf5scheme
Publisher
X-Author
MachineName
X-Accelerated-By
Http
X-DC-Origin-IP
Portlet.Expiration-Cache
X-Unbounce-PageId
X-WLD-LB
Acdc-Web
X-VG-WebCache
X-Unbounce-VisitorID
X-MSEdge-Ref
X-Unbounce-Variant
X-ProxyInstancename
X-Server-Generated
X-FarmId
X-Country
Content-Cache
X-DeliveryServer
X-App-Container
WP-Cache
X-Mobile
X-ESI-Processing
X-CMS
X-Sharepointhealthscore
X-BIN
Web-Head
Tempo
Time
X-RNDPAGE
X-TAG
Requested-Host
X-Abuse
F-In-Cache
Content-Instance
X-View
XDisk
X-Powered-Developer
X-Webstats-RespID
WebDevSrc
X-Flex-Community
X-Flex-Evend
Cached
X-Hostingcenter
X-AISO-Cache
X-Fett
X-Flex-Evstart
X-Flex-Lang
X-Stackable-Node
X-Upstream
X-Forwarded-Proto
X-Flex-Tags
X-Flex-Lastmod
X-Flex-Tag
X-AISO-Server
X-HOSTTYPE
X-USERNAME
X-Test
X-RequesterIP
Hamster
X-ESI
X-CACHE-TTL
UNIQUE-ID
X-RSS-CACHE-STATUS
X-SATserver
X-Client-Addr
X-Server-Node
X-LB
SV-Duration
D
Foglight-Request-UUID
Arr-Disable-Session-Affinity
SBMCLOUD
X-PS-MURDOCK-ORIG-FILEEXT
X-Would-Your-GrandPa-Wait
X-Hosting
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-JSON-API-LATENCY
X-Work-With-Me
X-PS-MURDOCK-CASE-NORMALIZATION
X-Page-Generation-Time
X-Page-Generated-At
Tracecode
X-Cache-Backend
X-From-TL-Proxy
X-Your-GrandPa-Would-Wait
X-PS-MURDOCK-ORIG-PROTOCOL
Ozcache
X-TTL-Age
ServerIP
X-CACHE-ON
X-SERVERID
X-Purge-Url
X-DELIVERYSERVER
X-Varnish-Set-Cookie
Nitro-Cache
Public-Extension
ResourceTag
X-IP
Nginx-Cache
SharePointError
X-Loopia-Cache
Atp-Isdpp
X-FRONT-TTL
X-NID
X-Compressed-By
X-Src-Loadbalancer
X-Turpentine-Cache
X-Binarysec-Via
PROPSON-FARM
Host-Service
X-Svr-Id
X-Amz-Meta-S3fox-Filesize
X-Process-Time
Robots
DB-Nickname
X-Amz-Meta-S3fox-Modifiedtime
X-Nucleus-Cache
Commerce-Server-Software
BM-Cache-Bypass
X-Czt
X-Backend-Ip
X-Accel-Cache-Control
X-Client-Id
X-Framework
X-Ec-Custom-Error
X-App-Server
Apple-Itunes-App
X-Mod-Oboe-PS
X-Http-Host
X-Ratelimit
X-HW
CacheControlMode
SLB
Server-Optimized-By
WEBO
DBG-Timestamp
DBG-TargetHost
X-Snapsis-PageBlaster
DBG-HTTPHOST
ASD-WEB-40
X-Cluster
X-Pixelsilk-Server
X-Pixelsilk-Version
X-IP-Address
X-Gondor-Server
X-Confluence-Request-Time
GenSvr
X-GeoIP-Country
MageStack-Cacheable
MageStack-Config
MageStack-Debug
MageStack-Cache-Status
MageStack-Cache-Lifetime
MageStack-Cache
MageStack-Cache-Hits
MageStack-Loadbalancer
MageStack-PageSpeed
Ttl
SL-NOREWRITE-REDIRECTS
Server-Ip
X-Artvisual-Server
X-Cluster-ID
MageStack-Tag
MageStack-Area
Hotelbookingid
X-WAP
Test
X-GitHub-Request-Id
OGHopCount
MGIT
At-Shoptype
At-Isb
X-Dokk-PortalId
X-MidCOM-Meta-Cache
X-ErrorPage
X-Cluster-Host
X-Optimization
Description
X-Time-Microsecs
Keywords
CPOINT
MageStack-Response-Ttl
X-Planisys-CDN-Cache
X-V-Outer
X-Frontal
X-Planisys-CDN-Rules
X-V-I-TTL
X-Environment
X-Req-Url
X-GSL-Server
X-Nc
X-V-TTL
X-Hosting-Env
X-Created
X-Debug-Token
S-Cnection
X-SERVER-ID
POOL
X-Bip
X-Crafted
ProxiaInstanceId
X-Varnish-Store
X-Varnish-Esi-Method
X-Varnish-Esi-Access
X-Backend-Name
X-Backend-IP
Protected-By
X-Storage
X-Turpentine-Esi
X-Varnish-Hashed-On
X-Symfony-Cache
X-Magento-Action
Language
Disablevcache
X-Varnish-Hostname
Aoestatic
X-Panel-Name
X-CDN-Node
X-ACLR-Version
X-From-TL-Server
X-TISSERVER
X-Rq
X-PageCache-Level
X-CDN-Cache-Status
IsMobile
X-PageCache-Key
X-PageCache-Expire
X-PageCache-Defaultable
X-AccessDev
X-PageCache-PagePath
X-PageCache-ParseTime
X-BCube-Filmed-By
X-Provided-By
X-Rack-Cors
X-Magento-Lifetime
X-Papaya-Gzip
X-Request-Time
X-PageCache-Ttl
BM-Cache-BackendTime
BM-Cache-BackendNode
X-Papaya-Cache
B2C-F-008
Encoding
X-Trans-Id
Disaptch-Cache-Rule
X-Timestamp
X-GL-SRV
X-Obvious-Info
X-Aws-Ec2
X-AspNet-Browser-ID
X-Aberdeen-Site
X-Aberdeen-Cache
Server-IP
BrandBucket-Domain
X-Obvious-Tid
X-Varnish-Mode
X-Req-Counter
X-Cache-Host
X-Cachable
Secured
X-V
X-Xhr-Current-Location
Vacache
Prama
X-Gyrobase-Publication
X-PHP-Cache
Access-Control-Allow-Method
MwpReleaseVersion
X-MSU-SOURCE
X-PoweredBy
X-DEBUG
X-Cookie
X-BKSrc
X-SiteConInfo
Mobiquo-Is-Login
X-Cached-From
X-AVG-REWRITE
X-AVG
OutputRewritten
BE
X-Serendipity-InterfaceLangSource
X-Device-Group
X-ATP-Server
Www.Aujourdhui.Com
Serv
X-Mii-Cache-Hit
X-Pb-Mii
X-Serendipity-InterfaceLang
X-Apublish-Id
X-Cache-Key
CACHED-RESPONSE
X-Panel-Id