Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Set-Cookie
Connection
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-Pingback
X-XSS-Protection
X-Frame-Options
X-AspNet-Version
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
Via
Strict-Transport-Security
X-Adblock-Key
X-Varnish
Access-Control-Allow-Origin
X-Language
X-Check
X-Template
X-Buckets
X-Cacheable
X-Generator
Content-Location
X-Drupal-Cache
X-AspNetMvc-Version
X-Hacker
X-Ac
P3p
X-Powered-By-Plesk
MS-Author-Via
X-Type
X-Cache-Group
X-Pass-Why
X-Runtime
X-Request-Id
WP-Super-Cache
X-Powered-CMS
Status
X-Cache-Hits
Ngpass-Ngall
X-Request-ID
X-Permitted-Cross-Domain-Policies
X-Download-Options
Host-Header
Access-Control-Allow-Credentials
X-UA-Device
X-Dc
X-ShopId
X-ShardId
Keep-Alive
X-Alternate-Cache-Key
X-Xss-Protection
X-Iinfo
Access-Control-Allow-Headers
X-Via
X-Mod-Pagespeed
X-Ua-Compatible
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Tumblr-User
Access-Control-Allow-Methods
Content-Security-Policy
X-Logged-In
X-Tumblr-Pixel-1
X-Pad
Content-Security-Policy-Report-Only
X-Backend
X-Served-By
X-ServedBy
X-Tumblr-Pixel-2
X-ContextId
X-Cache-Status
X-PC-Key
X-PC-Hit
X-CDN
X-Server
X-Host
X-Frame-OPTIONS
X-FRAME-OPTIONS
Powered-By
X-Cache-Hit
Upgrade
Content-Encoding
X-Port
X-PC-Date
X-PC-AppVer
X-PC-Host
X-Tumblr-Pixel-3
X-Robots-Tag
X-Timer
X-Accel-Version
X-Cache-Lookup
X-Rack-Cache
MicrosoftSharePointTeamServices
SPRequestGuid
MicrosoftOfficeWebServer
X-SharePointHealthScore
X-Cnection
X-Request-Country
X-MS-InvokeApp
X-Varnish-Cache
X-Amz-Cf-Id
X-XRDS-Location
X-Page-Speed
X-Wix-Renderer-Server
X-Seen-By
X-Wix-Request-Id
X-Server-Powered-By
X-Safe-Firewall
X-AH-Environment
X-Turbo-Charged-By
CF-Cache-Status
Rating
Alt-Svc
X-Content-Powered-By
X-Tumblr-Content-Rating
X-Node
X-W-DC
X-Content-Digest
X-Tumblr-Pixel-4
X-GitHub-Request-Id
Public-Key-Pins
X-Webserver
X-Cache-Enabled
X-PhApp
X-FullPageCaching
Request-Id
X-INKT-SITE
X-INKT-URI
SPIisLatency
SPRequestDuration
Composed-By
X-Amz-Request-Id
X-Amz-Id-2
Served-By
Permitted-Cross-Domain-Policies
Cf-Railgun
X-HeyJason
X-Firenze-Processing-Times
Timing-Allow-Origin
Liferay-Portal
X-SERVER
X-Proxy-Cache
X-Hyper-Cache
Xkey
Surrogate-Key
X-Spip-Cache
X-Pantheon-Styx-Hostname
Surrogate-Key-Raw
X-Pantheon-Endpoint
X-Styx-Req-Id
X-Styx-Version
Access-Control-Max-Age
X-Content-Security-Policy
Access-Control-Expose-Headers
X-Server-Name
Charset
X-Swift-SaveTime
X-Swift-CacheTime
EagleId
Content-Script-Type
Content-Style-Type
X-CF-Powered-By
X-Tumblr-Pixel-5
X-CDN-Pop-IP
X-CDN-Pop
Content-MD5
Grace
X-FW-Hash
X-Drupal-Dynamic-Cache
X-FW-Serve
X-FW-Static
X-FW-Type
Access-Control-Allow-Method
X-Hits
X-XN-XNHTML
X-XN-Trace-Token
X-FB-Debug
X-Clacks-Overhead
Public-Key-Pins-Report-Only
X-Dw-Request-Base-Id
X-AWS-Id
X-VWS-Id
X-LJ-Flow-ID
X-Fastly-Request-ID
X-VCache
X-User-Agent
Refresh
X-Device
X-Jimdo-Wid
X-Jimdo-Instance
X-Tumblr-Adult-Blog
X-Cache-Server
Real-Hostname
X-Umbraco-Version
X-Loop
X-TNCMS
X-Backend-Server
X-Cloud-Trace-Context
X-Cache-Config
X-Cache-Result
X-DDC-Arch-Trace
X-MiniProfiler-Ids
Edge-Control
X-Age
X-ServerName
X-Px
X-Hostname
PageSpeed
X-Cached-By
X-Generated-By
X-LiteSpeed-Cache
X-Tumblr-Pixel-6
X-Forwarded-For
X-VARNISH-Cache
X-Cached
X-DynaTrace-JS-Agent
X-Url
X-Powered-By-360WZB
X-Outils-CS
Fastly-Debug-Digest
NS-RTIMER-COMPOSITE
Surrogate-Control
X-DynaTrace
Response
Cartoon
Fpc-Cache-Id
X-Msg-2-Log
TCN
X-Whom
X-CMS-Version
Display
X-Sol
X-Middleton-Display
X-Middleton-Response
X-WebKit-CSP
X-From
Imagetoolbar
WZWS-RAY
X-URL
X-Recruiting
X-Cdn
X-Varnish-Cache-Hits
Product
Rt-Fastcgi-Cache
X-Handled-By
X-TTL
DynaTrace
X-AspNetWebPages-Version
Front-End-Https
ServedBy
X-HOST
X-Content-Options
X-Do-Not-Hack
X-NetCat-Version
X-Content-Encoded-By
Page-Completion-Status
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
X-Track
X-Varnish-Beresp-Grace
X-Country-Code
X-App-Hosting
X-Matrix-Proxy
X-Varnish-Backend
Generator
X-Matrix-Server
Access-Control-Request-Method
IBM-Web2-Location
X-Micro-Cache
X-Actual-URL
X-Returned-From
X-Passed-To
Alternate-Protocol
X-Passed-To-DLL
X-Returned-From-DLL
X-Original-Request
X-Passed-To-PostProcessResponse
X-Stale
X-Returned-From-BeforeDispatch
X-Passed-To-BeforeDispatch
X-Returned-From-PostProcessResponse
X-Server-ID
Powered
Fhost
X-Hosted-By
X-I
Origin
X-OneAgent-JS-Injection
X-Origin
X-Platform
X-CacheServer
Powered-By-ChinaCache
X-ApacheServer
X-Newrelic-App-Data
X-Expires-Orig
Content-Hash
X-UD-Method
X-Varnish-TTL
Akamai-IP
ServerName
Magicmarker
X-Varnish-Host
X-Vtex-Processed-At
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-Edge
X-Powered-By-VTEX-Janus-ApiCache
No
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processado-Em:
X-ATG-Version
X-S
X-Abuse
X-Vtex-Remote-Cache
X-Firenze-Processing-Time
Content-Disposition
X-Source
MIME-Version
Surrogate-Keys
X-Art-Request-Id
USPLoggingUUID
X-BC-Stapler
X-Gamma-Serve
X-Location-Id
X-LiteSpeed-Cache-Control
X-Cache-Age
X-Microcachable
Host
X-SDS
X-PERF
X-Varnish-RemainingTTL
X-Magnolia-Registration
X-FORWARDED-FOR
X-Varnish-Seen-By
X-Version
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Cache-TTL
X-Request-Time
X-Cache-Rule
X-Powered-By-Server
X-Varnish-Cacheable
X-Goog-Hash
Ag-Server-Time
Content-Encoding-Handler
X-Upstream
Ag-Send-Time
Ag-Execution-Time
X-URLSCHEME
X-Duration
X-RESOURCE
X-Microcache-Status
X-Director
X-Translation
X-I-Sp
X-BS
X-Beta
X-Gateway
X-Varnish-Age
X-Drectory-Script
X-Device-Type
Node
X-Response-Time
X-Developer
X-DNS-Prefetch-Control
Version
ServerID
Lsrequestid
X-Cache-Info
X-Zen-Fury
X-Daa-Tunnel
X-Instart-Request-ID
X-Vcap-Request-Id
X-Cache-Debug
X-PwB-Node
X-Cache-Lifetime
X-Fastcgi-Cache
X-Cache-Tags
X-Revision
Proxy-Connection
X-Front
X-Rocket-Nginx-Bypass
X-FW
Buuteeq-Source
Content-Security-Policy-Rerport-Only
Proxy-Agent
Arr-Disable-Session-Affinity
X-Route-Server
X-Geo-IP
SN
X-B-Cache
X-CJ-Soft
X-Cache-Control-Orig
X-Cache-Expires
Server-Info
Fastcgi-Cache
CC-CACHE
SEOMOZ
Last-Published
X-DefendeR-Runtime
X-DefendeR-Status
MJ12bot
X-Akamai-Device-Characteristics
X-Akamai-Device-Model
X-Geo-IP-Region
X-Geo-IP-Metro
X-Geo-IP-Country
X-Time
X-ACMCache
X-Dispatch
Srv
X-Engine
X-Geo-IPV
X-ServerID
X-Mobilized-By
Location
X-Varnish-Server
Cache-Key
Nodo
A-Powered-By
Edge-Control-Message
HCVer
HAVer
Pics-Label
X-Real-Server
X-NoCache
X-Platform-Processor
X-Cache-Operation
PICS-Label
X-Platform-Router
X-Processing-Time
Cache
Nitro-Cache
X-Page-Cache
X-NginX-Upstream-Addr
X-NginX-Cache-Status
X-AbeBooks-Version
X-NginX-Node
X-N
X-NginX-Upstream-Response-Time
NetMindSessionID
X-Amz-Version-Id
X-NginX-Upstream-Status
AMF-Ver
X-A
X-Cookie-Domain
Qs-Cache
X-Server-Upstream
Content-Transfer-Encoding
X-Frontend
X-StackifyID
X-Varnish-Count
X-Varnish-HitMiss
X-Grace
X-NFE
X-Nurl
X-Directory-Script
WWW-Authenticate
Filter-Revision
X-Nhost
X-Varnish-IP
X-AOL-HN
X-Content-Age
X-Varnish-ObjectSource
X-Varnish-GracePeriod
X-Trace
X-Varnish-RemainingLife
X-Discourse-Route
X-NB-Cached-Page
Retry-After
X-SV-CreatedAt
X-SV-Duration
X-SV-Edge
X-WR-Flags
X-SV-CacheTags
WSR-Cache
X-EC-Security-Audit
X-Varnish-Grace
X-SV-Expires
X-SV-Pid
Webluker-Edge
X-SV-Nginx-Duration
X-SV-FromDBCache
X-Processed-By
Author
X-Empowered-By
X-Adobe-Content
X-Varnish-Hits
X-Yadis-Location
X-Mobile-URL
X-Machine-Name
X-Adobe-Loc
X-Xrds-Location
X-Hypernode
X-Framework
X-Cache-Key
X-Varnish-RemainingGrace
X-GeoIP-Country-Code
X-Speed-Cache
X-Orig-Vary
X-CDN-Node
X-Dynatrace
X-Cache-Doesi
X-Ttl
X-CDN-Cache-Status
X-Speed-Cache-Key
X-BackendServer
X-Sys-Req-ID
X-Client-IP
X-Platform-Cache
Cm-Server
CacheControlHeader
COMMERCE-SERVER-SOFTWARE
X-PF-Uncompressing
W
IISExport
X-Storage
X-Debug
Host-Service
Mobiquo-Is-Login
X-Purge-URL
X-Cf-Powered-By
Backend
Accept-Charset
X-GeoIP-Country-Name
Cached
X-Application-Context
X-Cocoon-Version
S
X-SE-Debug
X-Garden-Version
X-Blog
X-LW-Web-Server
X-Yottaa-Metrics
X-ClientSide-Caching
SVR
Ibf5scheme
X-Yottaa-Optimizations
X-Supported-By
X-Symfony-Cache
Req-Id
Allow
X-V
X-Worker
X-Balanceador
X-Jphone-Copyright
Server-Name
X-Server-Response-Time
RTSS
X-Server-Id
X-SDE-Name
Accept-Encoding
Frame-Options
X-PoweredBy
NODE
X-Webcelerate
BALANCEDTO
SSPAppContext
X-UPSTREAM
X-LB
X-Config-By
Rewriter
X-Kinsta-Cache
X-Session-Reinit
S-Cnection
X-AOL-SNH
Id
X-Edge-Location
X-Varnish-Hostname
X-Nginx-Host
X-App-Server
X-Cache-Control
NtCoent-Length
Warning
X-Varnish-Ttl
X-TempoPesquisa
X-Dispatcher
X-Nginx-Cache
X-Purge-Host
VServer
X-CDN-Forward
Eomportal-Instance
X-JG-Page-Cache
X-Webstats-RespID
Front
X-Hit-Cache
X-ORACLE-DMS-ECID
X-Nitra-Side
X-App-Status
Logging-CorrelationId
X-Origin-Id
X-Server-Start-Time
X-Correlation-Id
X-Pagename
X-Domain-Checked
X-Provisioner-Version
X-WA-Info
X-TempDebug
A
CT
SRV
NnCoection
X-Varnish-Debug-Age
X-Trace-Cache
From
X-Highwire-SessionId
Dynatrace
X-BKSrc
X-Highwire-RequestId
X-Server-IP
IM-Version
X-Distributed-By
X-SmartBan-Host
X-SmartBan-URL
Pool-Info
XDomainRequestAllowed
X-SRV
X-Grid-Server
X-GeoIP
X-Twitter-Response-Tags
X-Varnish-Action
X-Transaction
Beyond-Iis
Device-Type
X-Optimization
X-RiS-UFDI
Section-Io-Id
X-Accel-Expires
X-Amz-Meta-S3cmd-Attrs
X-XTM-Node
X-EDGECONNECT-GUID-DEBUG
X-Sucuri-ID
X-IIJ-Cache
X-Connection-Hash
X-Resolver-IP
ScoreTracker
X-HP-Trace-Project
X-HP-Trace-ID
X-Vary-Options
X-Dw-Trace-Id
X-REDIRECTSERVER
X-Cache-Engine
Ibm-Web2-Location
X-FIRSTBase
X-WEBSERVER
Cneonction
Myheader
X-SmugMug-Hiring
X-Cache-PageType
X-SmugMug-Values
X-TTFB
X-Atraveo-Varnish-Server-Id
X-Atraveo-Zone
X-TTFB-L
X-Prefetched
X-Varnish-Debug-TTL
X-Rot
X-Sov
Smug-CDN
RN-Server
Head
X-Env
X-ARC
X-Atraveo-TTL
X-Flow-Powered
X-Desc
X-F-Cache
X-Atraveo-Param-Rm
Ttl
X-Amz-Storage-Class
X-IsCacheURL
X-B
X-Actindo-RS
X-Source-ID
X-Cache-Action
X-NginX-Cache
Thanks
X-Atraveo-Set-Cookie
X-App
X-Force
X-Atraveo-ETag
X-Atraveo-Expires
X-Atraveo-From-Varnish-Cache
X-Cache-Fix
X-Atraveo-Cache-Control
X-PRAM
Cluster-ID
SiteName
X-VC-TTL
X-Edge-IP
ServerSignature
ServerTokens
X-ID
Keywords
Cmsid
VAR-Cache
Cmstype
TP-Cache
X-Server-Instance
X-Unique-Id
X-Unbounce-VisitorID
X-Airee-Node
X-Avvio-Cms-Cacheload
TP-L2-Cache
X-Unbounce-PageId
X-Unbounce-Variant
X-Enhanced-By
X-Magento-Tags
X-Smartcache-Keys
X-Invoke-Duration
Noq
X-Id
X-ServerIndex
X-Akamai-Edgescape
P-LB
APP-VERSION
Content
Paypal-Debug-Id
P-WS
X-HTML-Minification-Powered-By
WP-AdvCache-MemCached
X-Key
Cdate
X-NewRelic-App-Data
Cpu
X-Cache-On
PowerCDN
X-GSL-Server
X-SV
Content-Server
X-MAT-GEO
X-Healthy
X-Uid
X-RDP
Real-Server
X-Response
Sophnep-Edge-FX
X-Smartcache-Timeout
X-LB-Server
N365rili
MW-Webserver
X-W3TC-Minify
Ram
NLCacheNote
X-WP
X-ProxyInstancename
MC
X-Vhost
X-EPiphany-Vid
Fastly-Backend-Name
X-Unique-ID
X-Info
X-Plat
X-Detected-Device
Nginx-Cache
X-Client-Image-Vid
X-Client-Vid
X-Esi
X-NginX-Server
CommunityServer
CmsCacheEngine
Hash
X-HW
X-Rebelmouse-Surrogate-Control
X-CacheResult
X-Cache-TTL-Remaining
X-Rebelmouse-Cache-Control
X-Cache-Extended
X-Plat-Be-Ip
X-Varnish-Error-Restart
X-Plat-Va-Ip
X-Remote-Addr
X-Trace-Id
X-Varnish-Backend-Healthy
X-Clara-ASAP
Hosted-By
Copyright
AsisCache
X-ASAP-Cache
Bios
Cache-Rule
X-Cache-Keep
X-Middleton-PageSpeed
X-CB-Server
CLMOB
Web
X-Server-By
Hamster
X-Appmachine-Environment
X-Box
X-Render-Time
LBC
OT-RequestId
X-Captured
X-AWS
X-MrHost
X-Srv
Ksid
X-PG
X-DSMX-Rewrite-MS
X-T3CacheTags
SBGI-Device
X-B2f-Not-Route
X-Sentry-Token
X-HP-CAM-COLOR
SBGI-9
SBGI-10
X-WorkerInstancename
SBGI-1
Ngpass-Vcall
SBGI-5
X-Dev
SBGI-7
Worker
X-Cms-Mode
X-Hosts-Backend
X-T3CacheInfo
X-DSMX-Render-MS
NS-VaryByCustom-Key
X-T3Cache
X-Full-URL
X-Restarts
Xc
Prxy
X-Site:
X-Cache-Provider
SBGI-RealPath
X-N-ViewType
Resin-Trace
SBGI-RenderTime
Sid
Set-Cookie2
X-Cache-Source
X-Src-Webcache
Imx-Cookies-Used
X-Content-Security-Policy-Report-Only
Description
Mime-Version
X-Cache-Set
Servername
X-We-Are-Hiring
X-Node-Name
X-WR-MODIFICATION
B-Powered-By
X-Cache-Backend
X-Time-Microsecs
X-Ocache
X-CACHE-TTL
X-Hiawatha-Cache
X-Environment
X-Wm-1
X-Phpwcms-Page-Processed-In
X-Wm-VIP
X-Phpwcms-Release
MageStack-Cache-Hits
X-Goog-Metageneration
X-Goog-Storage-Class
X-Goog-Stored-Content-Encoding
X-Goog-Stored-Content-Length
X-Goog-Generation
X-DOM
MageStack-Tag
MageStack-Web-Node
X-Amz-Id-1
X-GUploader-UploadID
X-Platform-Server
X-Hrouter
X-Hstore
X-MobileDetected
Note
X-EdgeRouter
X-Real-IP
X-RequestId
Il-Cl
X-Apm-Telemetry-Syncmark
MageStack-PageSpeed
MageStack-Loadbalancer
X-Varnish-Esi-Method
X-Varnish-Set-Cookie
X-Varnish-Store
X-Varnish-URL
X-Varnish-Esi-Access
Dispatcher
X-Turpentine-Cache
X-Turpentine-Esi
X-Varnish-Currency
X-Distributor
MageStack-Area
MageStack-Cache-Warning
MageStack-Cacheable
MageStack-Config
MageStack-Debug
MageStack-Cache-Status
Ec
MageStack-Cache
Fw-Via
MageStack-Cache-Lifetime
X-DTC
User-Agent
X-Search-Id
AC-ELC
X-LS-DEBUG
X-HASH
X-DeliveryServer
X-Geo
User-Cache-Control
X-7d-Instance-Id
Ctx
D
X-Ob-Mode
PServer
X-7d-Trace-Id
X-Rack-CORS
X-Company
X-Client-Ip
X-Magento-Cache-Debug
X-MCB-Server
X-JSESSIONID
X-Faeria
VC-NoCache
X-HITS
X-Not-Cacheable
X-Server-Generated
Max-Age
Svr
LBVIS
E-TAG
X-Server-Instance-Name
X-Is-Mobile
XX
X-Do-Esi
X-Forwarded-Proto
X-Frames-Options
X-Rack-Cors
X-Test
X-Header
X-Pj-Cache-Status
IsMobile
X-Artvisual-Server
Mto-License-Status
X-Secret
X-DEBUG
Server-Id
X-Hosting
Server-Ip
X-Seschat-URL
INCOMING-TIME
X-AccessDev
NZSpeedy
X-SeschatRedID
X-TB-M
Cteonnt-Length
X-COUNTRY-CODE
X-ACCELERATE
X-DealerOn
X-SeschatLayout
X-Litespeed-Cache-Control
X-Magento-Action
X-Stage
Og
X-SeschatTemplateID
X-SeschatDID
Device
X-Varnish-Instance
X-Nginx
WFE
X-DN-Cache-Control
Referrer-Policy
X-DN-GyrobaseID
X-Content-Type
X-Forwarded-Server
X-LOCATION
X-Flex-Community
VnhCdn-Status
X-Flex-Evend
Access-Control-Request-Headers
X-Flex-Evstart
VANITY-HOST
X-Signature
Realaction
X-Hcom-Styx-Info
X-ManagedFusion-Rewriter-Version
X-Rewritten-By
X-Flex-Lang
X-VC-Enabled
X-Flex-Tags
Host-Name
X-Cache-Handler
X-Amz-Meta-Cb-Modifiedtime
Proxy-Cache
X-Cache-Detail
X-Flex-Lastmod
X-Litespeed-Cache
Apachenode
X-Flex-Tag
X-Hosting-Env
ServerIP
X-HostName
X-Analytics
X-BeResp-Ttl
X-FreeTag-Count
X-Browser
X-Jcms-Ajax-Id
X-Status
Content-Instance
X-Old-Content-Length
X-Nginx-Request-Time
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-VCS-Nrhit
X-VCS-Status
X-VCS-Ttl
X-VCS-Url
X-VCS-Host
X-ACLR-Version
X-VCS-Billing
X-VCS-Cache-Server
X-VCS-Cacheable
X-VCS-Hit
Backend-Timing
X-SilverStripe-Cache
X-GoCache-CacheStatus
X-Dynamic-Cache
X-Backend-TTL
X-Cache-ID
Session-Id
Apache
X-Pj-Cache-Key
X-Forwarded-Host
Debug-Status
X-Varnish-Cache-Control
X-Cms-Server
X-Proxy-Cache-Key
X-WebNode
X-SayCDN-TTL
X-SayCDN-UA
X-Time-Spent
X-Say-TTL
X-Say-Cacheable
XDisk
X-NewCloud-V-Cache
X-Route
X-Cluster-Node
X-Gyrobase-Publication
Pool
X-Proto
X-Clx-Request
X-RealServer
X-Cache-Node
X-T
X-Server-Addr
X-EntryPoint
X-Meta-MSThemeCompatible
X-Fallback
X-Fstrz
X-Instance-Name
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-Mobile
Provider
X-Pressidium-NinukisWP-Ver
X-Cluster-Host
X-RSS-CACHE-STATUS
X-Span
X-CDN-COMPRESS
X-ORACLE-DMS-RID
X-FCMS-Cache
X-AG-MIPS
X-4ormat-Cacheable
X-ASAP-Age
X-Cache-Level
X-DataDome
X-GRACE
X-MSU-SOURCE
X-AISO-Cacheable
X-AISO-Cache
X-AISO-Server
X-Fpc
X-CPU-Time
X-Author
X-HAProxy
Kp-EeAlive
X-Pagely-Cache
X-Ratelimit-Remaining
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
Accept-Language
GenSvr
X-CSRF-TOKEN
X-MCF-ID
MSThemeCompatible
MSSmartTagsPreventParsing
Kanooh-Host
Content-Cache
X-SID
Httpd-Identifier
ORIGIN
X-AppServer-Status
X-ClusterID
X-AppServer-Cache-Rule
WSCLoggingUUID
Tracker
BKREF
AGI-Request-ID
X-EZPublish-NodeID
X-ASEN
X-Backend-Name
X-AREQUESTID
X-Application
X-Built-By
WP-Cache
X-Hit
X-ATM-RServer
X-ATM-RTime
SL-NOREWRITE-REDIRECTS
X-AUSERNAME
X-PBY
X-Fedora-School-Id
X-EZPublish-InstallationID
X-Wikidot-Static-Cache
Aurora-Node
X-Wikidot-Backend
Machine
X-KoobooCMS-Version
X-Cache-CFC
SS
X-NGINX-Cache
Serverid
X-Nocache
X-Sid
X-PHP-Response-Code
X-HA
X-Bip
X-Delivered-By
X-Drupal-Cache-Tags
X-Theme
X-Checkout
X-SuperCache
X-Egnyte-Request-Id
X-Cluster
X-NewsFlow-Sitename
X-CCM
X-Site-Name
X-OneLinkHost
X-NewsFlow-DoCache
X-Frontal
X-Tags
Www.Aujourdhui.Com
V-Age
X-ATP-Server
X-Device-Group
X-DynamicCache
X-UseReverse-Proxy
X-Vhost-ID
X-ESI-Enable
X-APP
X-FFX-B
X-IP
X-Magento-Cache-Control
X-VG-WebCache
X-Generated
From-Origin
ReqUrl
X-Tradeindia-Request-GUID
Server-ID
X-Hash
X-TAProxy
X-Varnish-Max-Age
X-Max-Age
X-Mii-Cache-Hit
X-Webapp
X-Pb-Mii
X-Catalyst
X-OneLinkServiceType
Aoestatic
X-Magento-Lifetime
X-DDM-SERVER-UPDATED
Charly
X-E
X-SayCDN-DevType
X-OPNET-Transaction-Trace
DPOOL-HEADER
X-Domino-CacheValidationWithETagResult
X-Timing
X-Provided-By
Expire
X-Depends
Redirect
HA-Front
MachineName
Public-Extension
X-9XB-Server
Origin-Server
Exires
X-DDM-SERVER
RSL-Trace-ID
RouteID
ResourceTag
X-Domino-CacheValidationWithETagReason
X-Tradeindia-SMgmt
X-OneLinkTook
X-Router-Backend
X-Pj-Cache-Time
X-Wily-Info
X-RAMCache
Response-Time
X-OneLinkProcessing
SINA-TS
X-Pixelsilk-Version
X-Pj-Cache-Flags
SINA-LB
X-VERSION
Cleartype
Actual-Object-TTL
Requested-Host
FindLaw
E-Tag
X-Wily-Servlet
X-Cookies-Stripped
Prototype-RootPath
X-Router
X-Accel-Cache-Control
X-Cache-Me-Harder
X-Pixelsilk-Server
X-Does-He-Have-Time
X-EdgeConnect-Origin-MEX-Latency
X-FireWall-Protection
X-EdgeConnect-MidMile-RTT
RequestId
X-Ants-Host
Language
SBMCLOUD
X-Request-Processing-Time
X-Request-Received
X-UUID
Tempo
X-Ants-Machine-Id
X-BPool
X-DPWN-IS-SECURE
X-Batcache
X-IP-Address
X-Obr-Rule
X-PM-ID
X-VhostID
X-This-Proto
X-BServer
X-Cacheable-TTL
X-Rq
X-Static
Web-Server
Rt-Proxy-Cache
X-Xhr-Current-Location
MtcHosted
Content-ID
Expiries
X-SL-Norewrite
X-Wix-Route-ID
X-Runtime-Memory
X-OpenCart-Lightning
Apple-Itunes-App
X-Device-Class
X-ETag
X-SL-Notranslate
X-UA
X-ProcessESI
X-Venda-Hitid
DeleGate-Ver
EXT-CACHEEXPIRE
X-RemovedCookies
X-FastCGI-Cache
CD2
DrivedBy
MwpReleaseVersion
X-Cache-Why
X-WHOIS-Cached
Backend-Name-Original
NodeId
Cache-Status
X-Ghost-Cache-Status
X-Upstream-Backend
X-Bypass-Ssl-Transform
Brandcast-Load-Balancer
Brandcast-Brand-Id
Pw-Value
X-OCTOPOD
X-PageType
X-WebKit-CSP-Report-Only
X-FG-RequestId
DB-Nickname
X-Expose-Site
X-Expose-Hostname
X-Expose-Took
X-Highwire-Sitecode
X-Matched-Rule
X-Expose-Generated
X-ESI
HOST-SERVICE
Thinkindot-CacheControl
Thinkindot-CacheControl-Type
Thinkindot-Control
Fpc-Expire
EWHSERVER
X-Trace-App
X-DEBUG-TTL
X-TTL-Age
X-Would-Your-GrandPa-Wait
X-Your-GrandPa-Would-Wait
X-Channel-Maxage
X-Block
Be
Ews
SERVER-IP
X-Beatles-Hits
DNNOutputCache
Http
X-Powered-Developer
X-TargSmaku
X-Zendesk-Origin-Server
X-Zendesk-User-Id
X-PF-CACHE-FAILED
X-Pageid
X-Cachable
X-Cache-Via
X-FarmId
X-Gannett-Site-Version
X-RequesterIP