Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
X-Pingback
X-AspNet-Version
Link
P3P
X-Content-Type-Options
X-XSS-Protection
Age
X-Cache
Alternate-Protocol
Content-Language
X-UA-Compatible
Via
X-Adblock-Key
Keep-Alive
X-Frame-Options
CF-RAY
Content-Location
X-Varnish
X-Language
X-Check
X-Buckets
X-Template
X-Cacheable
Access-Control-Allow-Origin
X-Generator
X-Drupal-Cache
P3p
X-Ac
X-Hacker
WP-Super-Cache
Status
MS-Author-Via
X-Powered-By-Plesk
X-AspNetMvc-Version
Strict-Transport-Security
X-Runtime
X-Pad
X-Geo-Port
X-Geo
X-Request-Id
X-Powered-CMS
X-Type
X-Cache-Group
X-Mod-Pagespeed
MicrosoftOfficeWebServer
X-Host
Access-Control-Allow-Credentials
X-Logged-In
Ngpass-Ngall
X-Cache-Hits
X-Cache-Lookup
X-Server
Host-Header
X-UA-Device
X-Rack-Cache
MicrosoftSharePointTeamServices
X-Via
X-Iinfo
Access-Control-Allow-Headers
Access-Control-Allow-Methods
X-Backend
X-CF-Powered-By
X-Tumblr-Pixel
X-Tumblr-User
X-Tumblr-Pixel-0
X-Pass-Why
X-XRDS-Location
X-Varnish-Cache
X-Tumblr-Pixel-1
X-Served-By
SPRequestGuid
X-SharePointHealthScore
Content-Encoding
X-Accel-Version
X-Robots-Tag
X-ContextId
X-Sorting-Hat-ShopId
X-ShardId
X-Alternate-Cache-Key
X-Dc
X-ShopId
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-PodId
X-Tumblr-Pixel-2
X-Page-Speed
X-Seen-By
X-ServedBy
X-Webserver
X-INKT-SITE
X-INKT-URI
X-Cnection
X-PhApp
X-BC-Is-HA
X-Request-ID
X-MS-InvokeApp
Composed-By
X-Url
X-Safe-Firewall
X-CDN
X-Cache-Hit
Served-By
X-PC-Key
X-PC-Hit
X-Hostname
X-FullPageCaching
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Forwarded-For
X-Port
X-FRAME-OPTIONS
X-AH-Environment
X-Firenze-Processing-Times
X-FRAME-Options
X-Cache-Status
X-Proxy-Cache
X-Tumblr-Pixel-3
X-XN-Trace-Token
X-XN-XNHTML
Cartoon
X-W-DC
Public-Key-Pins
Cf-Railgun
X-Age
X-Spip-Cache
X-Wix-Renderer-Server
X-Wix-Dispatcher-Cache-Hit
X-Wix-Request-Id
X-Amz-Cf-Id
X-HeyJason
Content-Script-Type
Content-Style-Type
Liferay-Portal
X-Amz-Id-2
Content-Security-Policy
X-Powered-By-360WZB
X-Amz-Request-Id
X-Server-Name
X-Umbraco-Version
X-Cache-Info
X-Served-From-Cache
X-Content-Digest
Request-Id
SPIisLatency
SPRequestDuration
X-Styx-Req-Id
X-Styx-Build-Date
X-Pantheon-Endpoint
X-Styx-Build-Num
X-Pantheon-Styx-Hostname
X-Styx-Version
X-Styx-Build-Sha
X-Timer
CF-Cache-Status
X-Hyper-Cache
X-SERVER
X-FB-Debug
X-Device
X-Clacks-Overhead
X-Cache-Server
Rating
X-Outils-CS
X-Cache-Result
X-DynaTrace
X-TN-ServedBy
Real-Hostname
Refresh
X-Loop
X-PHP-Engine
TCN
X-VCache
X-Px
X-From
X-Tumblr-Pixel-4
X-Cached-By
X-PersistenceNode
X-TNCMS
NS-RTIMER-COMPOSITE
Powered-By
X-Cache-Enabled
Wp-Super-Cache
X-FORWARDED-FOR
X-Generated-By
DynaTrace
X-Content-Encoded-By
X-Cached
X-CDN-Geo-IP
Imagetoolbar
X-CDN-Geo
X-CDN-Any-IP
Powered-By-ChinaCache
X-Microcachable
Page-Completion-Status
Access-Control-Max-Age
X-Tumblr-Content-Rating
X-Mobilized-By
X-Loc
Thanks
Magicmarker
Product
X-Cdn
X-Original-Content-Length
X-CMS-Version
X-Powered-By-Anquanbao
X-Zephyr
X-Backend-Server
X-Processed-By
IBM-Web2-Location
X-Matrix-Server
Charset
Pics-Label
X-Matrix-Proxy
X-DynaTrace-JS-Agent
X-Tumblr-Pixel-5
X-Permitted-Cross-Domain-Policies
X-Content-Security-Policy
X-Version
X-Jimdo-Pid
X-Jimdo-Wid
Node
CC-CACHE
X-Node
X-DDC-Arch-Trace
X-Content-Options
X-FW-Hash
X-W3TC-Minify
Retry-After
Response
X-DNS-Prefetch-Control
Generator
X-FW-Serve
X-FW-Type
X-FW-Static
ServedBy
Content-Encoding-Handler
X-I
X-Firenze-Processing-Time
X-Varnish-Backend
X-Varnish-Cacheable
X-User-Agent
X-Varnish-Host
Proxy-Agent
X-Drectory-Script
X-WebKit-CSP
MIME-Version
X-Hits
Access-Control-Request-Method
X-Sol
X-Middleton-Display
X-UD-Host
X-UD-Method
Display
X-Hosted-By
Set-Cookie2
X-Xrds-Location
X-Middleton-Response
X-PF-Uncompressing
X-Purge-Host
X-Whom
RTSS
Lsrequestid
Edge-Control
X-App-Hosting
X-Cache-Debug
X-AspNetWebPages-Version
X-ApacheServer
X-Varnish-TTL
X-NoCache
X-Cache-Config
SID
X-Duration
X-Original-Request
ServerName
X-SDS
Sprequestguid
X-Passed-To
X-Actual-URL
X-Passed-To-BeforeDispatch
X-Passed-To-DLL
X-Returned-From-DLL
X-Returned-From-PostProcessResponse
X-Returned-From
X-Passed-To-PostProcessResponse
X-Returned-From-BeforeDispatch
X-Handled-By
X-Sharepointhealthscore
Host
X-Director
X-Expires-Orig
X-Cache-Expires
X-URL
X-PERF
X-Varnish-Hits
X-Micro-Cache
X-ATG-Version
X-TTL
Content-Disposition
X-Cookie-Domain
X-Cache-Control-Orig
X-MiniProfiler-Ids
X-Purge-URL
VAR-Cache
X-Speed-Cache
X-Speed-Cache-Key
IISExport
X-Ms-Invokeapp
X-Art-Request-Id
X-Response-Time
X-LiteSpeed-Cache
X-Nitra-Side
Fhost
X-SN
PICS-Label
Surrogate-Control
Accept-Encoding
Cm-Server
X-FIRSTBase
X-Vary-Options
WWW-Authenticate
X-SRV
MJ12bot
COMMERCE-SERVER-SOFTWARE
SEOMOZ
AMF-Ver
Location
X-ServerName
X-PwB-Node
X-GeoIP-Country-Code
Grace
X-GeoIP-Country-Name
X-ServerID
X-Session-Reinit
X-Blog
S
X-Cache-TTL
X-S
X-Swift-CacheTime
X-Front
X-Swift-SaveTime
Server-Info
X-ACMCache
Website-Info
X-CJ-Soft
Proxy-Connection
Id
X-Varnish-IP
Microsoftsharepointteamservices
X-App-Status
Filter-Revision
X-Varnish-Age
X-FW
A-Powered-By
Cache
X-Trace-Cache
X-Distil-CS
X-Amz-Meta-S3cmd-Attrs
X-Time
X-Adobe-Content
X-HOST
X-Cache-Rule
Accept-Charset
SN
NtCoent-Length
Srv
X-Tumblr-Pixel-6
Nodo
X-Device-Type
X-Microcache-Status
ServerID
X-Country-Code
Qs-Cache
Rt-Fastcgi-Cache
X-Bettercache-Proxy
X-BackendServer
X-Gamma-Serve
X-Orig-Vary
Cache-By-Node
NetMindSessionID
X-CHSN
Req-Id
NODE
X-Yadis-Location
X-Object-Type
X-Object-Id
X-Do-Not-Hack
X-Server-ID
X-Cluster-Node
Fpc-Cache-Id
X-Srv
X-Engine
X-Cache-Operation
X-Trace
X-Recruiting
X-Varnish-Server
X-App
Buuteeq-Source
X-Highwire-SessionId
Upgrade
X-Highwire-RequestId
X-Sys-Req-ID
X-Provisioner-Version
X-Track
X-Domain-Checked
X-Translation
X-Stale
X-Cache-Age
X-Cocoon-Version
X-ID
Backend
X-Varnish-Object-Age
X-LIGHTHTTP-PCDID
Powered
Ngpass-Vcall
MW-Webserver
CT
X-AOL-SNH
X-Varnish-Cache-Hits
Dispatcher
PageSpeed
X-Twitter-Response-Tags
X-Instart-Request-ID
X-Transaction
Ms
LBVIS
X-Dynatrace
X-Connection-Hash
Server-Name
X-TempDebug
X-Req-Host
X-Cache-Action
X-Ttl
MIH-PLATFORM
X-Location-Id
MIH-CLIENT-FARM
MIH-PUBLIC-IDENTIFIER
X-Request-Locale
X-Secret
X-Varnish-Beresp-Grace
X-Src-Webcache
BM-Cache-Node
X-Varnish-Beresp-Ttl
BM-Cache-Key
X-Varnish-Beresp-Status
X-Cache-On
X-Directory-Script
X-Frontend
NLCacheNote
X-Resolver-IP
X-Header
X-FreeTag-Count
Machine
SS
X-B2f-Cache-Load
X-Venda-Hitid
-GCR
XDomainRequestAllowed
X-Expires
XX
Content-MD5
UniqueName
X-Amz-Id-1
Origin
X-Distributed-By
X-Old-Content-Length
X-Wily-Info
X-Wily-Servlet
Ibm-Web2-Location
X-SDE-Name
X-VTEX-Cache-Status-Janus-Edge
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processed-At
Content-Security-Policy-Report-Only
X-Turbo-Control
X-VTEX-Cache-Status-Janus-ApiCache
X-REDIRECTSERVER
X-Vtex-Remote-Cache
X-Vtex-Processado-Em
Webluker-Edge
X-Powered-By-VTEX-Janus-ApiCache
No
X-Powered-By-VTEX-Janus-Edge
X-Powered-By-Server
X-Powered-By-VTEX-Janus-Router
X-Content-Age
X-Atraveo-NC
X-Atraveo-Cache-Control
X-Varnish-Count
X-Varnish-HitMiss
LBC
X-Atraveo-From-Varnish-Cache
X-ACCELERATE
X-Atraveo-TTL
X-Atraveo-Varnish-Server-Id
X-WR-MODIFICATION
TP-Cache
TP-L2-Cache
X-Cached-Status
X-Geo-IP
X-GeoIP
ORIGIN
Version
X-Grid-Server
Beyond-Iis
From
BM-Cache-Status
Front
X-Machine-Name
X-ServerCache-Info
Apache
X-Source-ID
X-Cache-Lifetime
X-Country
X-ORACLE-DMS-ECID
CommunityServer
X-Ar-Debug
Provided-Host
X-Stage
X-Cms-Mode
X-Jphone-Copyright
Worker
X-Dev
X-Trace-App
X-ManagedFusion-Rewriter-Version
X-Channel-Maxage
X-Uid
Backend-Name-Original
Content-Transfer-Encoding
X-Block
Progma
X-UD-Target
X-Developer
X-Pre-Strip-Debug
X-Vhost-ID
Access-Control-Expose-Headers
X-SilverStripe-Cache
X-Rewritten-By
X-Force
X-PRAM
X-UD-Loopcounter
X-UD-REMOTE-ADDR
X-Monstercache-Host
X-Monstercache-Hash
X-Monstercache
X-UPSTREAM
Content-Instance
X-Server-Id
SiteName
Be-Ip
X-Gannett-Site-Version
Be-Va
Front-End-Https
X-Info
X-WP
X-Beatles
Jobb.Gil.Se
X-Monstercache-Timeout
Test.Executivepeople.Se
Jobb.Passal.Se
Www.Mirrorgate.Se
X-Actindo-RS
BM-CountryCode
Open.Jobgate.Se
X-Symfony-Cache
X-Garden-Version
X-Empowered-By
X-Real-Server
NnCoection
X-Frames-Options
Jobb.Assistentpoolen.Se
Www.Myjob.Se
X-CacheServer
Www.Mabracertifiering.Se
X-DTC
P3P:CP
X-SSL
X-DeliveryServer
X-Varnish-ID
X-Enhanced-By
X-Id
X-Built-By
Cluster-ID
SS-Request-ID2
Server2
Svr
X-T3CacheTags
X-T3CacheInfo
X-WA-Info
Last-Published
X-Accel-Expires
7e-Page-Cache
X-Amz-Version-Id
Cteonnt-Length
Accept-Language
WP-AdvCache-MemCached
X-Origin-Id
X-MJ-Upstream-Addr
SVR
X-Geo-IP-Country
X-B2f-Not-Route
X-EPiLogOnScreen-PostUrl
Compression-Control
X-Geo-IP-Metro
Ram
X-EPiLogOnScreen
MirrorName
Noq
SIP
X-Varnish-Cache-Server
X-Drupal-Cache-Tags
X-EdgeRouter
X-Via-Kemp
X-Webstats-RespID
SRV
X-Vhost
X-Geo-IP-Region
HCVer
HAVer
X-Phpwcms-Release
X-Phpwcms-Page-Processed-In
X-Node-Name
X-Varnish-Device
If-Modified-Since
X-Cache-Set
X-MobileDetected
X-Powered
X-Hstore
X-Hrouter
X-MCB-Server
X-Nginx-Backend
X-Geo-IPV
X-Goog-Hash
X-HostName
Cpu
ScoreTracker
X-Router
X-Router-Backend
X-SV
X-Webapp
X-UseReverse-Proxy
X-DefendeR-Runtime
X-Varnish-Restarts
X-Uplex
X-Web-Node
X-Distributor
X-Varnish-Debug-Pool-Fetch
X-Varnish-Debug-Pool-Recv
Fw-Via
X-ChromeLogger-Data
X-Varnish-URL
X-BS
Ttl
Provider
X-Origin
X-T3Cache
X-Varnish-Debug-Age
X-Catalyst
No-Cookie
Rt-Server
X-GC-App
Il-Cl
CDN
Web-Server
X-GC-Read
X-ATM-RServer
X-Remote-Addr
CacheControlHeader
X-Oracle-DMS-ECID
X-Cache-Ttl
X-Farm-Server
Content
Cache-Ctrol
X-Varnish-Debug-Hits
X-Kirra-SiteId
X-PM-ID
X-ATM-RTime
X-Server-By
X-GC-Write
Ksid
IsFullSiteRequest
ExecuteNonQuerySQLParam
Author
X-Storage
Render
CP
X-Varnish-Action
X-Response
After
X-Varnish-Cookie-Debug
Before
X-N-ViewType
AppDynamics-BT
X-Domino-CacheValidationWithETagReason
X-Varnish-Cache-Local
X-Hit-Cache
X-Domino-CacheValidationWithETagResult
X-DB-Content-Length
Tpt.Renderer1
ServerConfigManager.WebBugTracker
Sophnep-Edge-FX
X-Pagename
Tpt.Renderer
X-Varnish-Currency
X-App-Container
X-TTFB
X-BKSrc
X-Flow-Powered
X-SmugMug-Values
B-Powered-By
BE
X-TTFB-L
X-Edge-Location
ServerId
Pool-Info
X-Nginx-Host
X-OPNET-Transaction-Trace
X-PBY
Smug-Env
X-SmugMug-Hiring
Cmstype
X-Max-Age
Cmsid
X-Route
Host-Service
X-N
X-WLD-LB
X-Locale
X-DSMX-Rewrite-MS
Warning
X-Hit
X-LAvg
BALANCEDTO
X-Allow-Redis
X-PvInfo
X-Author
Web-Head
X-CacheHits
WEBO
WP-Cache
Bs-Header
X-Purge-Level
X-DSMX-Render-MS
X-CMS
X-XHR-Current-Location
Pool
RATING
X-UserAgent
Server-N
X-Hash
X-Debug
X-MJ-Serve-Req-Time
XDisk
X-MidCOM-Meta-Cache
X-Benchmark-Total
X-Benchmark-Db
Nitro-Cache
X-Benchmark-Sphinx
X-Benchmark-Sphinx-Count
PServer
X-FS-UUID
X-App-Server
X-Powered-By-Yqk
X-Yqk-Set
X-FCMS-Cache
LFY
X-Server-Instance
Xc
X-Benchmark-Cache
SFY
X-Full-URL
X-LI-UUID
X-Li-Fabric
X-Li-Pop
MageStack-Cache-Lifetime
MageStack-Cacheable
X-RNDPAGE
X-Upstream
MageStack-Config
MageStack-Cache-Status
X-Time-Spent
MageStack-Cache
MageStack-Area
MageStack-Cache-Hits
Backend-Host
X-View
X-TAG
X-Abuse
Cneonction
X-ESI
X-Mobile
X-Cookie
X-Cache-Extended
X-Edge-IP
Content-ID
X-MSEdge-Ref
X-CacheTTL
CPOINT
No-Cache
X-WorkerInstancename
X-ESI-Enable
X-FFX-B
X-Vivastreet-KiwiiPage
X-Vivastreet
X-Dynamic
X-Brought-To-You-By
MageStack-PageSpeed
MageStack-Response-Ttl
Aoestatic
BM-Cache-Bypass
MageStack-Loadbalancer
X-Client-IP
Edgecast
MageStack-Tag
Test
Acdc-Web
Sid
D
X-7dig
X-7d-Version
Access-Ip
X-7d-Traceid
MageStack-Debug
X-NginX-Server
X-IDS-WS
X-ProcessESI
X-RemovedCookies
X-Powered-Developer
X-Server-IP
X-Flex-Community
X-LB
Allow
Ibf5scheme
X-Flex-Tags
X-TLServer
INCOMING-TIME
X-NginX-Cache
X-Revision
X-Cache-Backend
X-Dokk-PortalId
X-DC-Origin-IP
Portlet.Expiration-Cache
Apple-Itunes-App
X-Ratelimit
X-Flex-Evstart
Publisher
X-Flex-Lastmod
X-Cache-Control
X-Flex-Lang
Time
X-CDN-Node
X-CDN-Cache-Status
OGHopCount
MachineName
X-Flex-Evend
X-BIN
X-Flex-Tag
ServerIP
X-Generation-Time
X-DELIVERYSERVER
X-D-Time
X-Dynatrace-Js-Agent
User-Cache-Control
X-Artvisual-Server
Xonnection
Ozcache
X-S-Misc
X-Mod-Oboe-PS
X-Varnish-Set-Cookie
X-Instance
X-SeschatDID
X-Seschat-URL
X-SeschatLayout
SLB
PROPSON-FARM
X-USERNAME
X-SeschatRedID
X-SATserver
X-RSS-CACHE-STATUS
X-Binarysec-Via
X-HOSTTYPE
Copyright
X-ARR
X-Client-Vid
X-Environment
Redirect
OutputRewritten
Foglight-Request-UUID
X-EPiphany-Vid
Public-Extension
Noahs-Classifieds
X-Created
X-Req-Url
X-Time-Microsecs
X-Serendipity-InterfaceLangSource
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Req-Counter
X-Serendipity-InterfaceLang
X-V-I-TTL
X-V-Outer
Servername
X-Varnish-Hit
Disaptch-Cache-Rule
Ec
MwpReleaseVersion
X-V-TTL
X-Purge-Url
MGIT
F-In-Cache
ProxiaInstanceId
ResourceTag
Server-Optimized-By
EXT-CACHEEXPIRE
DBG-Timestamp
DBG-HTTPHOST
DBG-TargetHost
SL-NOREWRITE-REDIRECTS
X-CCM
X-SERVER-ID
Hotelbookingid
X-Optimization
X-Snapsis-PageBlaster
X-Magento-Lifetime
X-Client-Addr
X-Magento-Action
X-SeschatTemplateID
X-IP
X-Hosting
Tracker
X-Bcwwwid
IsMobile
X-FarmId
X-Server-Generated
Http
Content-Cache
CacheControlMode
Head
97YES.COM
Description
X-AccessDev
X-IP-Address
X-Unbounce-VisitorID
X-HW
X-Unbounce-Variant
X-Fett
Keywords
X-Yottaa-Metrics
X-Yottaa-Optimizations
X-Unbounce-PageId
X-Litespeed-Cache
X-Life
Dynatrace
X-Middleton-PageSpeed
X-Varnish-Ttl
POOL
X-DefendeR-Status
X-NFE
X-CACHE-ON
REFRESH
X-Page-Generation-Time
Mime-Version
X-TTL-Age
WebDevSrc
X-Rq
X-Your-GrandPa-Would-Wait
X-Request-Time
X-Nucleus-Cache
X-Cachable
X-Would-Your-GrandPa-Wait
X-Var-Hash
X-PS-MURDOCK-ORIG-FILEEXT
X-ErrorPage
X-PS-MURDOCK-CASE-NORMALIZATION
X-Page-Generated-At
X-Url-Store
X-PS-MURDOCK-ORIG-PROTOCOL
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-Backend-Status
X-Src-Loadbalancer
X-Static-Version
X-Request-Count
X-Render-Time
CountryCode
AcceptLangage
X-AppServer-Status
X-Content-Security-Policy-Report-Only
X-ACLR-Version
Tempo
X-PoweredBy
X-Checkout
X-GitHub-Request-Id
X-JSON-API-LATENCY
X-Turpentine-Esi
Hamster
Requested-Host
X-Cache-Via
X-Confluence-Request-Time
X-WAP
X-Cookie-Store
X-ELC-Checkpoint4
X-Turpentine-Cache
X-Backend-Name
X-Invoke-Duration
Arr-Disable-Session-Affinity
Nginx-Cache
Language
X-Wikidot-Static-Cache
X-Hostingcenter
User-Updated-At
X-VG-WebCache
X-APP
X-Amz-Meta-S3fox-Modifiedtime
X-Amz-Meta-S3fox-Filesize
X-Wikidot-Backend
X-Svr-Id
X-AISO-Server
X-AISO-Cache
X-Provided-By
Server-IP
X-Cached-From
X-Debug-Token
X-LTM-ID
X-Prerender-Token
X-Gondor-Server
X-SBGI-Cache-Codes
X-Planisys-CDN-Cache
User-Id
SBGI-CACHE-CODES
X-Ec-Custom-Error
X-Server-Node
X-Crafted
Protected-By
X-Framework
X-Http-Host
X-ESI-Processing
X-Planisys-CDN-Rules
Gzip
X-HP-CAM-COLOR
X-Varnish-Hashed-On
Muha
X-Accel-Cache-Control
X-Source
X-Backend-Ip
X-Nginx-Cache
X-Nginx-Server
X-Content-Parsed-By
X-Nhost
S-Cnection
OriginServer
Ap-Exec-Time-Mks
X-GeoIP-Country
X-GL-SRV
X-Client-Id
X-Aws-Ec2
W
WFE
Web
Esi-Enabled
Atp-Isdpp
At-Shoptype
Robots
Srv-N
X-Process-Time
X-Is-Mobile
At-Isb
UNIQUE-ID
X-CachedURL
X-Forwarded-Proto
X-InDy-Memory
X-InDy-Query
X-InDy-Time
X-CMS-Server
X-Cluster
X-B2f-Cache-NotFromUrl
Be
X-CacheStore
X-OrgURL
X-Pixelsilk-Server
Orgin-Server
X-RE-Ref
ContentType
X-WebKit-CSP-Report-Only
X-WentThroughDrupal-Recv
X-WentThroughDrupal-Deliver
X-Pixelsilk-Version
X-ServicedByDrupal
X-Stackable-Node
SBMCLOUD
Rt-Proxy-Cache
X-Request-Processing-Time
X-Request-Received
Mobiquo-Is-Login
SSPAppContext
X-Proxy
X-App-Reload-Settings
Access-Control-Allow-Method
Fpc-Expire
SV-Duration
V-Cache
Www.Aujourdhui.Com
X-Mii-Cache-Hit
X-Pb-Mii
X-This-Proto
CACHED-RESPONSE
X-Fastcgi-Cache
X-Device-Group
X-ATP-Server
X-Cache-Key
X-Debug-Serve
X-RequesterIP
X-V
X-Papaya-Cache
X-Papaya-Gzip
X-PHP-Cache
X-PageCache-Ttl
X-TISSERVER
X-PageCache-ParseTime
X-Bip
Powered-By-Scs
X-Powered-Load
X-Varnish-Esi-Method
X-Varnish-Store
B2C-F-008
X-Varnish-Esi-Access
X-Apublish-Id
X-RAMCache
Server-Ip
X-PageCache-PagePath
X-PageCache-Level
X-Panel-Name
Disablevcache
X-ProxyInstancename
X-Panel-Id
X-FRONT-TTL
Application-Version
X-Test
X-Nc
X-Czt
X-PageCache-Key
X-Rack-Cors
X-PageCache-Expire
X-Backend-IP
X-Frontal
X-PageCache-Defaultable
X-Hosting-Env
X-Jcms-Ajax-Id
X-Sov
X-Upstream-Server
X-Cache-Host
X-Rot
X-Nginx-UpstreamHost
X-Libra-UpstreamHost
X-Nginx-Pool
X-Cached-On
X-Cached-Until
X-Accelerated-By
X-Path
X-Varnish-Max-Age
X-VhostID
X-Nocache
X-Compressed-By
X-Docuri
X-Gyrobase-Publication
X-D2id
BM-Cache-BackendNode
BM-Cache-BackendTime
X-SUPERCACHE
X-Loopia-Cache
GenSvr
X-SEA-Instance-Name
X-DEBUG
BrandBucket-Domain
X-BCube-Filmed-By
X-Header-Set-Id
X-Pagecache
X-Cdn-View
X-Caching-Rule-Id
HGR-NOCACHE
TIMESTAMP
X-Who