Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-XSS-Protection
X-Pingback
X-Frame-Options
X-AspNet-Version
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
Strict-Transport-Security
Via
X-Adblock-Key
X-Language
X-Template
X-Check
Access-Control-Allow-Origin
X-Varnish
X-Buckets
X-Generator
X-Cacheable
X-Drupal-Cache
Content-Location
X-Request-Id
X-AspNetMvc-Version
X-Hacker
X-Ac
X-Powered-By-Plesk
X-Type
MS-Author-Via
X-Cache-Group
X-Pass-Why
X-Runtime
WP-Super-Cache
X-Cache-Hits
X-Powered-CMS
Status
X-Permitted-Cross-Domain-Policies
Ngpass-Ngall
Host-Header
X-Download-Options
X-UA-Device
Access-Control-Allow-Credentials
X-ShopId
X-Dc
X-ShardId
X-Alternate-Cache-Key
Keep-Alive
Access-Control-Allow-Headers
X-Iinfo
X-Via
Content-Security-Policy
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Tumblr-User
Access-Control-Allow-Methods
X-Tumblr-Pixel-1
X-Mod-Pagespeed
X-Logged-In
X-Backend
X-Served-By
X-Tumblr-Pixel-2
X-Pad
X-Contextid
X-Cache-Status
X-ServedBy
X-PC-Key
X-PC-Hit
X-Server
X-Request-ID
Powered-By
Upgrade
X-FRAME-OPTIONS
X-CDN
X-Host
Content-Encoding
X-Tumblr-Pixel-3
X-Cache-Hit
X-PC-Date
X-PC-AppVer
X-PC-Host
X-Port
X-Timer
X-Robots-Tag
X-Accel-Version
X-Varnish-Cache
X-Cache-Lookup
X-Rack-Cache
X-Cnection
SPRequestGuid
X-SharePointHealthScore
MicrosoftSharePointTeamServices
X-Server-Powered-By
X-Amz-Cf-Id
MicrosoftOfficeWebServer
X-Request-Country
X-Page-Speed
X-Safe-Firewall
X-MS-InvokeApp
X-XRDS-Location
Alt-Svc
Rating
X-Turbo-Charged-By
X-Content-Powered-By
CF-Cache-Status
X-AH-Environment
X-Tumblr-Content-Rating
X-Tumblr-Pixel-4
X-Content-Digest
X-Node
X-W-DC
X-Cache-Enabled
X-Seen-By
X-Wix-Renderer-Server
X-Wix-Request-Id
X-FullPageCaching
X-GitHub-Request-Id
Public-Key-Pins
X-PhApp
X-Webserver
Request-Id
Content-Security-Policy-Report-Only
X-INKT-SITE
X-INKT-URI
SPIisLatency
SPRequestDuration
Timing-Allow-Origin
Composed-By
Served-By
Cf-Railgun
X-Firenze-Processing-Times
X-Amz-Id-2
X-Amz-Request-Id
X-HeyJason
Permitted-Cross-Domain-Policies
X-Proxy-Cache
Liferay-Portal
X-Hyper-Cache
X-Spip-Cache
X-Pantheon-Styx-Hostname
X-Pantheon-Endpoint
X-Styx-Req-Id
Surrogate-Key-Raw
X-Styx-Version
Access-Control-Max-Age
Access-Control-Expose-Headers
Xkey
X-Swift-SaveTime
X-Swift-CacheTime
X-Server-Name
Surrogate-Key
X-Content-Security-Policy
Charset
EagleId
X-Drupal-Dynamic-Cache
X-CF-Powered-By
X-Tumblr-Pixel-5
Grace
X-CDN-Pop-IP
X-CDN-Pop
Content-MD5
Content-Script-Type
Refresh
Content-Style-Type
Access-Control-Allow-Method
X-FW-Hash
X-Hits
X-XN-XNHTML
X-XN-Trace-Token
X-FB-Debug
X-Tumblr-Adult-Blog
X-Dw-Request-Base-Id
X-Device
X-VWS-Id
X-AWS-Id
X-LJ-Flow-ID
X-FW-Type
X-FW-Static
X-FW-Serve
X-VCache
X-Fastly-Request-ID
Public-Key-Pins-Report-Only
X-Clacks-Overhead
X-User-Agent
X-SERVER
X-Jimdo-Wid
X-Jimdo-Instance
X-TNCMS
Real-Hostname
X-Loop
X-Cache-Config
X-Backend-Server
X-DDC-Arch-Trace
X-Umbraco-Version
X-Generated-By
X-Cache-Server
X-HOST
Edge-Control
X-Url
X-Cloud-Trace-Context
X-LiteSpeed-Cache
X-MiniProfiler-Ids
Fastly-Debug-Digest
X-Tumblr-Pixel-6
X-ServerName
X-Cache-Result
X-Cdn
Cartoon
PageSpeed
X-Hostname
X-Cached-By
X-Px
X-Age
X-Cached
X-Powered-By-360WZB
WZWS-RAY
NS-RTIMER-COMPOSITE
X-Outils-CS
X-CMS-Version
X-Whom
Response
Fpc-Cache-Id
Surrogate-Control
TCN
Display
X-Middleton-Display
X-Middleton-Response
X-Sol
X-DynaTrace-JS-Agent
X-Forwarded-For
X-WebKit-CSP
X-Handled-By
X-DynaTrace
Imagetoolbar
ServedBy
Product
Rt-Fastcgi-Cache
X-URL
Front-End-Https
X-Content-Options
X-TTL
X-AspNetWebPages-Version
X-Varnish-Cache-Hits
X-Newrelic-App-Data
X-From
X-Msg-2-Log
DynaTrace
X-Do-Not-Hack
X-Recruiting
X-Micro-Cache
Fhost
Access-Control-Request-Method
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-NetCat-Version
X-BC-Stapler
X-Passed-To
X-Returned-From-DLL
X-Passed-To-DLL
X-Returned-From
X-Country-Code
X-Actual-URL
X-Original-Request
X-Servedby
Alternate-Protocol
X-Stale
X-Passed-To-BeforeDispatch
X-Passed-To-PostProcessResponse
X-Returned-From-BeforeDispatch
X-Returned-From-PostProcessResponse
X-Content-Encoded-By
X-App-Hosting
X-ApacheServer
IBM-Web2-Location
Origin
X-EC-Security-Audit
X-Hosted-By
X-LiteSpeed-Cache-Control
X-Track
Akamai-IP
X-FORWARDED-FOR
Generator
Page-Completion-Status
X-Varnish-Host
X-UD-Method
X-Platform
Powered
X-Expires-Orig
X-SRCache-Fetch-Status
X-CacheServer
X-SRCache-Store-Status
X-PERF
X-Matrix-Server
X-Matrix-Proxy
X-I
X-Origin
X-Firenze-Processing-Time
X-VTEX-Cache-Status-Janus-Edge
X-Powered-By-VTEX-Janus-Edge
X-Vtex-Remote-Cache
X-Powered-By-VTEX-Janus-ApiCache
X-VTEX-Cache-Status-Janus-ApiCache
X-Vtex-Processado-Em:
X-Vtex-Processed-At
Magicmarker
X-VTEX-Janus-Router-Backend-App
No
Host
X-Version
X-Daa-Tunnel
X-I-Sp
X-Location-Id
X-BS
X-Varnish-Backend
X-Server-ID
X-Varnish-TTL
ServerName
X-Art-Request-Id
X-Magnolia-Registration
Ag-Server-Time
Ag-Send-Time
Ag-Execution-Time
Powered-By-ChinaCache
X-S
X-Varnish-Cacheable
Content-Hash
Server-Info
Content-Encoding-Handler
X-Cache-TTL
X-ATG-Version
X-Abuse
USPLoggingUUID
X-Cache-Rule
X-Engine
X-Goog-Hash
X-OneAgent-JS-Injection
X-URLSCHEME
X-RESOURCE
X-Gamma-Serve
X-Route-Server
Surrogate-Keys
X-Microcachable
X-B-Cache
X-Cache-Age
X-Director
X-Source
X-Cache-Info
Content-Disposition
Lsrequestid
X-Developer
X-Duration
X-Cache-Debug
X-Upstream
MIME-Version
X-Varnish-Seen-By
X-Request-Time
X-Varnish-RemainingTTL
X-DNS-Prefetch-Control
X-Instart-Request-ID
X-Response-Time
Proxy-Agent
X-SDS
X-Cache-Expires
Version
X-DefendeR-Runtime
X-DefendeR-Status
X-Front
Last-Published
Content-Security-Policy-Rerport-Only
Arr-Disable-Session-Affinity
Edge-Control-Message
SN
X-Varnish-Age
X-Translation
X-Device-Type
X-Cache-Lifetime
X-Microcache-Status
X-NoCache
Location
Node
Proxy-Connection
Fastcgi-Cache
X-Cache-Control-Orig
X-Server-Id
X-CJ-Soft
X-Speed-Cache
X-Revision
Cache-Key
X-Speed-Cache-Key
X-Geo-IP
X-Varnish-GracePeriod
X-Rocket-Nginx-Bypass
Buuteeq-Source
Nitro-Cache
X-Varnish-ObjectSource
X-Varnish-RemainingLife
Req-Id
X-Cache-Operation
X-Cookie-Domain
X-Drectory-Script
X-FW
Cache
X-Processing-Time
X-Grace
X-PwB-Node
X-N
Webluker-Edge
X-Storage
X-Powered-By-Server
X-GeoIP-Country-Code
X-Zen-Fury
X-Akamai-Device-Model
X-Akamai-Device-Characteristics
S
X-Mobilized-By
X-ServerID
RTSS
X-GeoIP-Country-Name
X-Content-Age
X-Geo-IPV
X-LB
ServerID
X-Platform-Processor
X-Geo-IP-Country
X-Geo-IP-Metro
X-Geo-IP-Region
X-Platform-Router
X-Edge-Location
X-Client-IP
X-Time
X-Fastcgi-Cache
X-Dispatch
X-Varnish-Server
X-SV-Duration
Retry-After
X-Vcap-Request-Id
X-Amz-Version-Id
Pics-Label
X-SV-Nginx-Duration
W
X-SV-CreatedAt
X-UPSTREAM
X-SV-FromDBCache
X-Cache-Tags
X-SV-Pid
SVR
X-Correlation-Id
X-Server-Upstream
PICS-Label
X-Xrds-Location
X-StackifyID
SEOMOZ
MJ12bot
X-Hypernode
X-Kinsta-Cache
X-SV-Edge
X-SV-CacheTags
X-SV-Expires
X-Page-Cache
X-SE-Debug
X-AOL-HN
X-Config-Blacklist-Version
X-Purge-URL
Filter-Revision
X-Varnish-IP
X-CDN-Cache-Status
CC-CACHE
X-Orig-Vary
X-Nginx-Cache-Status
X-CDN-Node
X-Varnish-Count
X-Cache-Key
X-VARNISH-Cache
X-Varnish-HitMiss
X-ACMCache
X-App-Server
X-Dynatrace
Accept-Charset
Id
X-Real-Server
Accept-Encoding
X-Trace
Srv
X-Application-Context
X-Cache-Engine
Nodo
X-Platform-Cache
Qs-Cache
X-Processed-By
X-NFE
X-Varnish-Hits
X-Nhost
X-WEBSERVER
X-Framework
X-Nurl
Frame-Options
X-Frontend
X-Browser
HAVer
X-Yottaa-Metrics
X-Yottaa-Optimizations
NetMindSessionID
X-Cache-Doesi
HCVer
Host-Service
X-Server-Response-Time
X-Yadis-Location
Front
X-Mobile-URL
Backend
AMF-Ver
Cached
X-Purge-Host
A-Powered-By
COMMERCE-SERVER-SOFTWARE
X-ClientSide-Caching
X-Empowered-By
Section-Io-Id
X-PF-Uncompressing
X-Supported-By
SSPAppContext
X-Directory-Script
X-NB-Cached-Page
X-Blog
X-Nginx-Host
NODE
X-Sys-Req-ID
X-Discourse-Route
X-ARC
Mobiquo-Is-Login
Cm-Server
X-PG
X-CDN-Forward
Dynatrace
X-Member
X-AbeBooks-Version
X-Resolver-IP
X-NginX-Upstream-Status
X-NginX-Upstream-Response-Time
Content-Transfer-Encoding
X-NginX-Node
X-NginX-Upstream-Addr
X-Edge-IP
X-Config-By
Backend-Timing
X-Analytics
IM-Version
IISExport
X-Worker
X-Varnish-Hostname
X-F-Cache
Logging-CorrelationId
Rewriter
X-NginX-Cache
X-Cf-Powered-By
Author
X-Server-Start-Time
X-XTM-Node
Ibf5scheme
X-Nitra-Side
X-Origin-Id
X-BKSrc
X-Machine-Name
X-Ttl
X-Cocoon-Version
X-GeoIP
X-IIJ-Cache
CacheControlHeader
X-Adobe-Loc
A
X-V
X-Garden-Version
X-SmartBan-Host
X-SmartBan-URL
X-Adobe-Content
X-Highwire-SessionId
X-ID
X-Highwire-RequestId
WSR-Cache
X-Session-Reinit
X-TTFB
X-SmugMug-Values
X-TTFB-L
X-Plat
Allow
X-SmugMug-Hiring
X-Domain-Checked
X-App-Status
X-Varnish-Debug-Age
X-Provisioner-Version
X-Env
Pool-Info
Smug-CDN
X-Prefetched
X-Sucuri-ID
X-LB-Server
X-Plat-Va-Ip
X-Grid-Server
X-AOL-SNH
X-Connection-Hash
X-Plat-Be-Ip
Myheader
X-Transaction
X-Twitter-Response-Tags
Thanks
X-TempDebug
X-LW-Web-Server
Eomportal-Instance
X-NginX-Server
X-Client-Vid
X-EPiphany-Vid
X-Flow-Powered
Server-Name
X-Amz-Meta-S3cmd-Attrs
X-Client-Image-Vid
WWW-Authenticate
XDomainRequestAllowed
X-Dispatcher
X-Cache-Control
X-IsCacheURL
X-Varnish-Ttl
X-Debug
SRV
X-NginX-Cache-Status
X-Varnish-Debug-TTL
X-Dns-Prefetch-Control
X-ORACLE-DMS-ECID
Cneonction
CT
X-WR-Flags
Head
X-Jphone-Copyright
X-EDGECONNECT-GUID-DEBUG
X-Balanceador
VAR-Cache
BALANCEDTO
X-Signature
X-Amz-Storage-Class
Cpu
X-Trace-Id
Noq
X-Atraveo-Varnish-Server-Id
X-Atraveo-Cache-Control
X-Unique-Id
Ram
X-Airee-Node
X-Vhost
MW-Webserver
X-SV
X-Atraveo-Zone
X-Vary-Options
X-Atraveo-From-Varnish-Cache
X-Atraveo-Expires
X-Atraveo-ETag
Mime-Version
X-Atraveo-Set-Cookie
X-Atraveo-Param-Rm
X-Atraveo-TTL
X-HP-Trace-Project
X-Optimization
X-Webstats-RespID
X-Cache-PageType
X-Cache-Fix
X-Real-IP
S-Cnection
X-JG-Page-Cache
X-RiS-UFDI
X-Hosts-Backend
X-BackendServer
X-Unique-ID
X-HP-Trace-ID
X-Hit-Cache
X-Pagename
X-Force
Referrer-Policy
Sid
X-Hiawatha-Cache
X-WA-Info
Keywords
ORIGIN
Web
X-MrHost
X-Source-ID
Ngpass-Vcall
X-PRAM
X-Nginx-Cache
X-Upstream-Backend
X-Magento-Tags
Bios
X-Server-IP
Servername
X-SRV
X-Symfony-Cache
X-HW
SBGI-RealPath
X-ServerIndex
X-DealerOn
X-Varnish-Grace
X-Dev
X-Cms-Mode
Worker
X-Distributed-By
X-HOSTNAME
SBGI-1
SBGI-Device
SBGI-RenderTime
SBGI-9
SBGI-7
SBGI-10
SBGI-5
Beyond-Iis
X-Avvio-Cms-Cacheload
Set-Cookie2
X-Goog-Generation
X-WP
X-Webcelerate
X-Secret
NZSpeedy
X-Captured
X-Key
SS
X-EdgeConnect-Origin-MEX-Latency
X-EdgeConnect-MidMile-RTT
CLMOB
D
X-CB-Server
X-Goog-Stored-Content-Encoding
X-Goog-Stored-Content-Length
X-Smartcache-Timeout
X-GUploader-UploadID
X-Goog-Metageneration
X-Goog-Storage-Class
Ctx
X-Detected-Device
X-Ob-Mode
X-SDE-Name
X-Restarts
Real-Server
X-Smartcache-Keys
X-REDIRECTSERVER
X-Ser
X-Distributor
X-Header
From
X-Srv
X-Id
HitInfo
X-Cache-Set
P-WS
CmsCacheEngine
NLCacheNote
MC
X-Rack-Cors
X-Varnish-RemainingGrace
ServerTokens
X-Runtime-Affili
X-HTML-Minification-Powered-By
Cmsid
X-Fstrz
X-Esi
ServerSignature
Cmstype
X-RealServer
X-DOM
P-LB
INCOMING-TIME
X-DSMX-Rewrite-MS
Proxy-Cache
X-T3Cache
X-DSMX-Render-MS
X-T3CacheInfo
X-Platform-Server
X-T3CacheTags
X-B2f-Not-Route
X-Accel-Expires
X-RequestId
Cache-Rule
X-Proto
X-Server-Addr
X-Src-Webcache
X-Clara-ASAP
X-Bypass-Ssl-Transform
Expiries
X-ASAP-Cache
X-B
Access-Control-Request-Headers
VnhCdn-Status
NnCoection
OT-RequestId
X-Server-By
X-Pressidium-NinukisWP-Ver
Resin-Trace
X-Cache-Level
X-DTC
X-Environment
Fw-Via
Backend-Node
Content-Server
N365rili
Sophnep-Edge-FX
AsisCache
X-Sov
X-Invoke-Duration
X-MAT-GEO
X-Rot
X-7d-Instance-Id
X-7d-Trace-Id
Actual-Object-TTL
Ksid
Prxy
X-FIRSTBase
X-Response
X-Rebelmouse-Surrogate-Control
X-Cache-On
X-RDP
X-Rebelmouse-Cache-Control
X-Desc
X-Actindo-RS
X-Site:
Ec
X-Cache-Var
X-Cache-Var-Map
X-Lifetime
X-Nginx
X-Middleton-PageSpeed
X-Cache-Provider
X-Cache-Source
X-GSL-Server
X-We-Are-Hiring
X-Unbounce-VisitorID
Cluster-ID
ScoreTracker
X-Unbounce-Variant
X-Unbounce-PageId
Paypal-Debug-Id
Warning
X-Server-Instance
X-Apm-Telemetry-Syncmark
Device-Type
X-Phpwcms-Release
Imx-Cookies-Used
Description
X-AISO-Server
X-Cache-Node
X-Phpwcms-Page-Processed-In
X-Frames-Options
MageStack-Debug
MageStack-Loadbalancer
X-SSL-Protocol
MageStack-Cacheable
X-SSL-Cipher
M
X-Backend-Name
MageStack-Cache-Hits
Xc
MageStack-Cache
Serverid
MageStack-Area
MageStack-Cache-Lifetime
MageStack-Cache-Status
MageStack-Config
MageStack-PageSpeed
X-4ormat-Cacheable
X-VC-TTL
Server-Ip
CommunityServer
WP-AdvCache-MemCached
MageStack-Web-Node
X-Rack-CORS
X-Magento-Action
MageStack-Tag
X-Varnish-Store
X-Info
WFE
User-Agent
X-Varnish-Error-Restart
X-Varnish-Set-Cookie
X-Varnish-URL
X-Varnish-Esi-Access
X-Remote-Addr
X-Varnish-Instance
X-Is-Mobile
X-CSRF-TOKEN
Accept-Language
X-Varnish-Currency
X-Turpentine-Cache
X-SID
X-Varnish-Esi-Method
X-Varnish-Action
Copyright
X-DN-GyrobaseID
X-DN-Cache-Control
Ttl
X-Hrouter
X-Hstore
Fastly-Restarts
Il-Cl
X-OPNET-Transaction-Trace
X-Pagely-Cache
X-Amz-Id-1
Nginx-Cache
X-FastCGI-Cache
Max-Age
X-HITS
X-NewRelic-App-Data
Cteonnt-Length
X-Search-Id
Pool
X-Varnish-Backend-Healthy
GenSvr
Atp-Isdpp
X-Gannett-Site-Version
X-Ocache
X-Author
If-Modified-Since
X-Bcwwwid
X-Appmachine-Environment
B-Powered-By
X-Oracle-DMS-ECID
X-Time-Microsecs
X-Generated
T
X-Enhanced-By
X-Runtime-Memory
X-Xhr-Current-Location
DrivedBy
X-Dw-Trace-Id
X-Stage
X-Litespeed-Cache-Control
X-Turpentine-Esi
X-AccessDev
X-TB-M
X-DEBUG
X-Cluster-Node
PServer
X-ManagedFusion-Rewriter-Version
X-SeschatRedID
X-Hosting
X-SeschatLayout
X-ACCELERATE
X-Rewritten-By
Server-Id
X-Healthy
X-Seschat-URL
X-COUNTRY-CODE
User-Cache-Control
VServer
X-SeschatTemplateID
Mto-License-Status
X-APP
NS-VaryByCustom-Key
X-SeschatDID
Provider
IsMobile
Content-Generator
X-ACLR-Version
X-Security
Expire
X-Mobile
X-Custom-Header
E-TAG
X-Not-Cacheable
X-ORACLE-DMS-RID
X-Catalyst
TP-Cache
X-Contact
X-UseReverse-Proxy
X-Status
CIPHER-NAME
X-Webapp
X-EPiLogOnScreen-PostUrl
XDisk
X-Router-Backend
X-Router
X-Nginx-Request-Time
X-Jcms-Ajax-Id
X-Old-Content-Length
X-RAMCache
RN-Server
X-EPiLogOnScreen
X-Domino-CacheValidationWithETagResult
X-Firewall
X-Domino-CacheValidationWithETagReason
X-Varnish-Cache-Local
X-IP-Address
X-NewsFlow-DoCache
X-Fedora-School-Id
X-Faeria
X-Cache-Device-Type
X-Cache-2
X-Cache-Keep
X-Cache-TTL-Remaining
X-CacheResult
X-NewsFlow-Sitename
X-Cache-Action
Url-Hash
X-GRACE
X-Hosting-Env
Powerd-By
Og
X-MSU-SOURCE
X-Forwarded-Proto
X-Content-Security-Policy-Report-Only
Content-ID
Httpd-Identifier
X-Tile-Url
X-Farm-Server
X-Clx-Request
X-Render-Time
Cache-Status
X-Node-Name
X-OCTOPOD
Kanooh-Host
X-LW-T
Progma
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-OpenCart-Lightning
X-Ratelimit-Remaining
Brandcast-Brand-Id
Brandcast-Load-Balancer
At-Shoptype
At-Isb
X-WorkerInstancename
WSCLoggingUUID
QC-Time
X-Cache-Extended
X-HAProxy
X-CDN-COMPRESS
X-Cluster-Host
X-Depends
X-Company
X-Box
X-Instance-Name
VC-NoCache
X-Meta-MSSmartTagsPreventParsing
X-A
X-Meta-Imagetoolbar
X-Application
X-E
X-ProxyInstancename
X-WR-MODIFICATION
X-Wm-VIP
MSSmartTagsPreventParsing
Content
QC-Key
QC-Hit
MSThemeCompatible
X-Wm-1
X-Timing
X-Cache-Backend
X-WHOIS-Cached
X-Wikidot-Backend
X-Wikidot-Static-Cache
X-Meta-MSThemeCompatible
TP-L2-Cache
NtCoent-Length
Host-Name
PowerCDN
RequestId
Www.Aujourdhui.Com
Fastly-Backend-Name
Cdate
X-Nocache
X-FFX-B
X-Hcom-Styx-Info
X-N-ViewType
X-Vhost-ID
X-ATP-Server
X-Device-Group
X-Hash
X-Flex-Tags
X-HP-CAM-COLOR
X-Max-Age
X-Mii-Cache-Hit
X-Flex-Tag
X-Flex-Lastmod
X-Flex-Community
X-Flex-Evend
X-Flex-Evstart
X-Flex-Lang
X-ESI-Enable
X-AISO-Cache
X-T
X-ETag
Edgecast
Hamster
Vacache
X-FCMS-Cache
X-Compressed-By
X-Ghost-Cache-Status
X-ASAP-Age
X-Ar-Debug
Served-From
X-App
X-Artvisual-Server
X-RequesterIP
X-Amz-Meta-Cb-Modifiedtime
X-Span
BKREF
X-AISO-Cacheable
X-PBY
X-Litespeed-Tag
X-DataDome
X-EZPublish-InstallationID
X-EZPublish-NodeID
X-Hit
X-Obr-Rule
MageStack-Cache-Warning
X-Your-GrandPa-Would-Wait
Apache
Http
Note
X-Would-Your-GrandPa-Wait
X-HostName
X-Route
X-AWS
Session-Id
X-TTL-Age
Cache-Control:
SAVVIS
X-PoolMember
X-SilverStripe-Cache
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
APP-VERSION
X-Pb-Mii
Version-Epoch
Apachenode
X-FreeTag-Count
X-Does-He-Have-Time
RouteID
X-Beatles-Hits
Be
X-Uid
X-Gyrobase-Publication
ServerIP
X-CCM
X-PM-ID
X-RateLimit-Remaining
X-Cms-Server
X-Pj-Cache-Status
X-Mod-Oboe-PS
X-Cache-Me-Harder
TMP
LB
Web-Head
RSL-Trace-ID
Redirect
Public-Extension
X-Location
Orgin-Server
ResourceTag
WebServer
X-PF-CACHE-FAILED
X-Pageid
X-DB-Content-Length
X-Provided-By
X-Session-ID
X-Magento-Lifetime
X-Logword
X-DDM-SERVER
X-DDM-SERVER-UPDATED
X-HA
HA-Front
X-Cache-Via
X-Time-Spent
X-Pj-Cache-Key
Lookup-Cache-Hit
X-Backend-TTL
X-Pj-Cache-Gzip
X-Cache-ID
Content-Instance
Cleartype
X-Reason-Bp
X-ProcessTime
X-Transaction-Id
X-Varnish-Cache-Control
X-Pj-Cache-Time
X-DEBUG-TTL
X-Site-Name
X-Powered-By-Anquanbao
X-Pixelsilk-Version
X-VC-Enabled
Aoestatic
Beon-Cache-Status
X-Pixelsilk-Server
X-Original-Host
X-Page
X-Qnm-Cache
X-Pj-Cache-Flags
X-NewCloud-V-Cache
X-Pj-Cache-Expires
Exires
X-VCS-Status
X-ASEN
X-AREQUESTID
X-AUSERNAME
X-CDN-Any-IP
X-DeliveryServer
X-Client-Ip
X-9XB-Server
X-WebNode
X-PS-MURDOCK-ORIG-FILEEXT
X-PS-MURDOCK-CASE-NORMALIZATION
X-Content-Type
HA-Ipaddr
X-PS-MURDOCK-ORIG-PROTOCOL
HA-Host
X-Geo
HA-Geocountry
HA-Geolat
HA-Geocity
HA-Cloudapp
X-Cache-Ttl
X-Nginx-Page-Cache
X-RemovedCookies
HA-Georegion
X-HASH
X-LS-DEBUG
X-ProcessESI
HA-Geolon
X-POPSUGAR-Server-Name
HA-Servedtime
X-VCS-Host
X-VCS-Hit
X-MCF-ID
X-VCS-Nrhit
X-VCS-Url
X-VCS-Ttl
X-VCS-Cacheable
X-VCS-Cache-Server
X-Tradeindia-Request-GUID
X-Tags
X-Tradeindia-SMgmt
X-VCS-Billing
X-Powered-By-Home.Pl
X-Zendesk-Origin-Server
X-Zendesk-User-Id
LBC
LBVIS
X-LOCATION
X-Obj-Ttl
HA-Urlpath
X-CACHE-TTL
NKBVHEADER
ReqUrl
XX
X-Capoed
Server-ID
X-Beresp-Ttl
X-SuperCache
CD1
X-SATserver
X-Theme
X-Original-IP
X-Nginx-VM-RT
X-AppServer-Status
X-AppServer-Cache-Rule
Aurora-Node
X-MOBILE
P
X-IP
X-Do-Esi
SiteName
X-BC
X-Matched-Rule
X-Highwire-Sitecode
X-ESI
X-Expose-Generated
X-Cache-Handler
ClientIP
F5-IpCliente
X-Expose-Hostname
X-Expose-Site
X-Proxy-Cache-Key
X-Feed
X-Expose-Took
X-Server-Generated
X-Server-Instance-Name
X-MCB-Server
X-Protected-By
X-Accel-Cache-Control
X-Batcache
V-Cache
Dispatcher
X-Test
X-FarmId
X-Memcached
Fpc-Expire
Pw-Value
X-TargSmaku
X-Powered-Developer
X-Mobile-Device
X-NGINX-Cache
WP-Cache
AC-ELC
OutputRewritten
X-VhostID
Debug-Status
From-Origin
X-Cache-Served
X-DynamicCache
Ews
SERVER-IP
Origin-Server
X-Web-Node
"
Gzip
X-Apache2-RT-MicroSec
Language
X-VARITI-CCR
X-BPool
X-BServer
X-Cacheable-TTL
X-UUID
X-Request-Received
X-Built-By
VANITY-HOST
X-Content-Parsed-By
X-Pubstack
X-Request-Processing-Time
X-Distil-CS
X-Layout
SLB
MageStack-Response-Ttl
WWW
X-JSESSIONID
X-Cache-Ua
MageStack-Cacheable-Reason
X-W3TC-Minify
X-Rq
X-Region
X-This-Proto
X-Title
X-Varnish-Max-Age
HostName
EXT-CACHEEXPIRE
X-Goog-Meta-Replace
X-Goog-Meta-Policy
DB-Nickname
X-CO-Host
X-SL-Norewrite
Svr
HOST-SERVICE
X-Requested-Page
Thinkindot-Control
Thinkindot-CacheControl-Type
Thinkindot-CacheControl
REFRESH
X-SL-Notranslate
X-UA
X-RSS-CACHE-STATUS
X-FG-RequestId
X-Venda-Hitid
DeleGate-Ver
Disablevcache
X-Cache-Why
X-AG-MIPS
X-BeResp-Ttl
AGI-Request-ID
Hosted-By
Machine
MwpReleaseVersion
X-Checkout