Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Set-Cookie
Connection
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-Pingback
X-XSS-Protection
X-Frame-Options
X-AspNet-Version
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
Via
Strict-Transport-Security
X-Adblock-Key
X-Varnish
Access-Control-Allow-Origin
X-Check
X-Language
X-Template
X-Buckets
X-Cacheable
X-Generator
Content-Location
X-Drupal-Cache
X-AspNetMvc-Version
X-Hacker
X-Ac
P3p
X-Powered-By-Plesk
MS-Author-Via
X-Type
X-Cache-Group
X-Pass-Why
X-Request-Id
X-Runtime
WP-Super-Cache
X-Powered-CMS
Status
X-Cache-Hits
Ngpass-Ngall
X-Ua-Compatible
X-Permitted-Cross-Domain-Policies
Host-Header
X-Download-Options
Keep-Alive
Access-Control-Allow-Credentials
X-Xss-Protection
X-Request-ID
X-ShardId
X-ShopId
X-Dc
X-Alternate-Cache-Key
X-UA-Device
Access-Control-Allow-Headers
X-Iinfo
X-Via
X-Mod-Pagespeed
Access-Control-Allow-Methods
Content-Security-Policy
X-Pad
X-Logged-In
X-Tumblr-Pixel
X-Tumblr-User
X-Tumblr-Pixel-0
X-Served-By
X-Backend
X-Tumblr-Pixel-1
X-ServedBy
Content-Security-Policy-Report-Only
X-ContextId
X-Tumblr-Pixel-2
X-Cache-Status
X-PC-Hit
X-PC-Key
X-Server
X-Host
X-Frame-OPTIONS
X-CDN
X-FRAME-OPTIONS
Powered-By
Upgrade
Content-Encoding
X-Cache-Hit
X-PC-Date
X-PC-AppVer
X-PC-Host
X-Port
X-Tumblr-Pixel-3
X-Robots-Tag
X-Timer
X-Accel-Version
X-Cache-Lookup
X-Rack-Cache
MicrosoftSharePointTeamServices
MicrosoftOfficeWebServer
X-Varnish-Cache
SPRequestGuid
X-SharePointHealthScore
X-Cnection
X-Request-Country
X-XRDS-Location
X-Amz-Cf-Id
X-MS-InvokeApp
X-Page-Speed
X-Server-Powered-By
X-Safe-Firewall
X-Turbo-Charged-By
X-Seen-By
X-Wix-Renderer-Server
X-AH-Environment
X-Wix-Request-Id
CF-Cache-Status
Alt-Svc
X-Content-Powered-By
Rating
X-Node
X-Content-Digest
X-Tumblr-Content-Rating
X-W-DC
X-Webserver
Public-Key-Pins
X-PhApp
X-GitHub-Request-Id
X-FullPageCaching
X-Cache-Enabled
Request-Id
X-Tumblr-Pixel-4
X-INKT-URI
X-INKT-SITE
SPIisLatency
SPRequestDuration
Composed-By
Served-By
X-Amz-Request-Id
X-Amz-Id-2
X-Firenze-Processing-Times
Permitted-Cross-Domain-Policies
X-HeyJason
Timing-Allow-Origin
Cf-Railgun
Liferay-Portal
X-SERVER
X-Proxy-Cache
X-Hyper-Cache
Xkey
Surrogate-Key
X-Spip-Cache
X-Pantheon-Endpoint
X-Pantheon-Styx-Hostname
X-Styx-Version
Surrogate-Key-Raw
X-Styx-Req-Id
Access-Control-Expose-Headers
X-Server-Name
Access-Control-Max-Age
X-Content-Security-Policy
X-Swift-SaveTime
X-Swift-CacheTime
Charset
EagleId
Content-Script-Type
X-CDN-Pop
X-CDN-Pop-IP
X-FW-Hash
Content-Style-Type
X-CF-Powered-By
Grace
X-FW-Serve
X-FW-Static
X-FW-Type
X-Tumblr-Pixel-5
Access-Control-Allow-Method
X-Hits
X-Drupal-Dynamic-Cache
X-FB-Debug
X-XN-Trace-Token
Content-MD5
X-XN-XNHTML
X-Clacks-Overhead
Public-Key-Pins-Report-Only
X-VCache
X-Dw-Request-Base-Id
X-Fastly-Request-ID
X-Cache-Server
Refresh
X-User-Agent
X-Device
X-Loop
Real-Hostname
X-TNCMS
X-Jimdo-Wid
X-Jimdo-Instance
X-Cache-Result
X-LJ-Flow-ID
X-VWS-Id
X-AWS-Id
X-Umbraco-Version
X-Backend-Server
X-Cloud-Trace-Context
X-Tumblr-Adult-Blog
X-Cache-Config
X-MiniProfiler-Ids
X-DDC-Arch-Trace
X-Px
X-Age
Edge-Control
X-Forwarded-For
X-Hostname
X-ServerName
PageSpeed
X-Generated-By
X-Cached-By
X-LiteSpeed-Cache
X-Cached
X-Url
X-DynaTrace-JS-Agent
Fastly-Debug-Digest
X-Powered-By-360WZB
Surrogate-Control
NS-RTIMER-COMPOSITE
X-DynaTrace
X-Tumblr-Pixel-6
X-Outils-CS
Cartoon
Fpc-Cache-Id
TCN
Response
X-Whom
X-CMS-Version
Display
X-Sol
X-Middleton-Response
X-Middleton-Display
WZWS-RAY
X-URL
X-Msg-2-Log
Imagetoolbar
X-WebKit-CSP
X-Recruiting
X-Cdn
X-Varnish-Cache-Hits
Product
X-TTL
X-From
Rt-Fastcgi-Cache
DynaTrace
X-AspNetWebPages-Version
X-HOST
Front-End-Https
X-Handled-By
X-VARNISH-Cache
ServedBy
Page-Completion-Status
X-Content-Options
X-NetCat-Version
X-Country-Code
X-Content-Encoded-By
Fhost
Alternate-Protocol
Generator
X-Do-Not-Hack
Access-Control-Request-Method
X-Matrix-Proxy
IBM-Web2-Location
X-Matrix-Server
X-Hosted-By
X-Micro-Cache
X-Server-ID
X-App-Hosting
X-Track
Akamai-IP
X-UD-Method
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
X-Passed-To
X-Returned-From-DLL
X-Actual-URL
X-Returned-From
X-Passed-To-DLL
X-Original-Request
X-ApacheServer
X-Newrelic-App-Data
X-Varnish-Backend
X-Returned-From-PostProcessResponse
Origin
X-Stale
X-Returned-From-BeforeDispatch
X-Origin
X-Passed-To-BeforeDispatch
X-Passed-To-PostProcessResponse
X-OneAgent-JS-Injection
Magicmarker
X-Expires-Orig
Powered-By-ChinaCache
ServerName
X-Platform
Powered
X-I
X-S
X-Abuse
X-Firenze-Processing-Time
X-Source
X-CacheServer
X-BC-Stapler
X-Varnish-Host
X-SDS
USPLoggingUUID
Content-Hash
X-ATG-Version
X-Cache-Age
X-Art-Request-Id
X-Gamma-Serve
X-LiteSpeed-Cache-Control
Content-Disposition
X-PERF
X-Varnish-TTL
X-Vtex-Processed-At
MIME-Version
X-Powered-By-VTEX-Janus-Edge
X-Version
X-Vtex-Processado-Em:
X-Vtex-Remote-Cache
X-VTEX-Janus-Router-Backend-App
No
X-Powered-By-VTEX-Janus-ApiCache
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
Host
Content-Encoding-Handler
X-Location-Id
X-Powered-By-Server
X-Magnolia-Registration
X-Upstream
X-SRCache-Store-Status
Surrogate-Keys
X-Varnish-Seen-By
X-Varnish-RemainingTTL
X-SRCache-Fetch-Status
X-URLSCHEME
Node
X-RESOURCE
X-Request-Time
X-Goog-Hash
X-Microcachable
Ag-Server-Time
Lsrequestid
Ag-Execution-Time
Ag-Send-Time
X-Varnish-Cacheable
X-Cache-TTL
X-Director
X-Duration
X-Response-Time
X-Developer
X-Daa-Tunnel
X-Cache-Rule
X-Gateway
X-Cache-Info
X-I-Sp
X-Beta
X-BS
X-Translation
X-Microcache-Status
X-Device-Type
ServerID
Proxy-Connection
X-DNS-Prefetch-Control
X-PwB-Node
X-Zen-Fury
X-Cache-Debug
X-Instart-Request-ID
X-Drectory-Script
Version
X-FW
X-Varnish-Age
X-Cache-Lifetime
X-Cache-Tags
X-Fastcgi-Cache
X-Vcap-Request-Id
X-Route-Server
Arr-Disable-Session-Affinity
Content-Security-Policy-Rerport-Only
X-DefendeR-Runtime
X-Rocket-Nginx-Bypass
X-DefendeR-Status
X-Front
MJ12bot
Proxy-Agent
X-CJ-Soft
SEOMOZ
X-B-Cache
X-Revision
SN
X-Time
Pics-Label
X-FORWARDED-FOR
X-Cache-Control-Orig
Srv
X-ServerID
X-Cache-Expires
X-Geo-IP
X-Frontend
X-Engine
Buuteeq-Source
X-NoCache
X-ACMCache
Fastcgi-Cache
X-Mobilized-By
Server-Info
Location
CC-CACHE
X-Akamai-Device-Characteristics
X-Varnish-Server
X-Akamai-Device-Model
Content-Transfer-Encoding
X-Geo-IPV
Nodo
X-Geo-IP-Region
X-Geo-IP-Metro
Edge-Control-Message
X-Processing-Time
X-Geo-IP-Country
Cache
X-Grace
Last-Published
PICS-Label
X-N
NetMindSessionID
Cache-Key
A-Powered-By
X-AbeBooks-Version
Filter-Revision
X-NginX-Cache-Status
X-NginX-Upstream-Addr
X-NginX-Node
X-NginX-Upstream-Response-Time
X-NginX-Upstream-Status
AMF-Ver
X-Cookie-Domain
X-Platform-Router
X-Real-Server
X-Platform-Processor
Qs-Cache
X-Yadis-Location
X-Amz-Version-Id
X-Varnish-HitMiss
X-Varnish-Count
X-Varnish-RemainingLife
X-Cache-Operation
Webluker-Edge
Accept-Charset
WWW-Authenticate
X-Dispatch
X-Varnish-GracePeriod
X-NB-Cached-Page
Nitro-Cache
X-Varnish-ObjectSource
Retry-After
X-StackifyID
W
X-Varnish-Grace
X-AOL-HN
X-Discourse-Route
HCVer
HAVer
X-Server-Upstream
X-Content-Age
X-Trace
X-A
X-SV-CacheTags
X-SV-FromDBCache
Author
X-Page-Cache
X-WR-Flags
X-SV-Pid
X-SV-Duration
X-SV-Nginx-Duration
X-SV-CreatedAt
X-Speed-Cache-Key
X-SV-Expires
X-SV-Edge
X-Speed-Cache
X-Adobe-Loc
X-Processed-By
X-Varnish-IP
X-Hypernode
X-Adobe-Content
X-Nurl
RTSS
X-NFE
X-Machine-Name
X-Nhost
Accept-Encoding
X-Mobile-URL
X-Xrds-Location
WSR-Cache
X-LW-Web-Server
X-GeoIP-Country-Code
X-CDN-Cache-Status
X-Varnish-RemainingGrace
X-Blog
X-Debug
X-ClientSide-Caching
X-Worker
X-Directory-Script
X-SE-Debug
X-CDN-Node
X-Cache-Key
X-Orig-Vary
CacheControlHeader
X-PF-Uncompressing
X-Application-Context
X-Empowered-By
X-Sys-Req-ID
X-Varnish-Hits
X-BackendServer
X-Client-IP
Cm-Server
X-GeoIP-Country-Name
X-Yottaa-Metrics
X-Symfony-Cache
S
X-Varnish-Ttl
Frame-Options
X-Cf-Powered-By
X-Server-Response-Time
NtCoent-Length
X-Garden-Version
X-LB
X-Yottaa-Optimizations
X-Session-Reinit
SSPAppContext
X-Edge-Location
COMMERCE-SERVER-SOFTWARE
Host-Service
X-Purge-URL
X-Framework
S-Cnection
X-Dynatrace
X-Platform-Cache
X-Cocoon-Version
Ibf5scheme
X-CDN-Forward
X-Cache-Doesi
X-Storage
Server-Name
Req-Id
VServer
SVR
X-Config-By
IISExport
X-Origin-Id
X-Nitra-Side
Id
X-Supported-By
Mobiquo-Is-Login
X-SDE-Name
Cached
X-UPSTREAM
X-Kinsta-Cache
BALANCEDTO
X-Server-Start-Time
X-Nginx-Host
X-Varnish-Hostname
Logging-CorrelationId
X-AOL-SNH
Backend
X-Ttl
Allow
From
Eomportal-Instance
X-Correlation-Id
X-XTM-Node
X-Server-IP
X-Balanceador
X-V
X-Jphone-Copyright
X-Varnish-Debug-Age
Front
SRV
Rewriter
X-Cache-Control
X-JG-Page-Cache
X-Purge-Host
NODE
X-TempDebug
X-Hit-Cache
X-Webcelerate
X-Trace-Cache
X-Accel-Expires
X-Pagename
X-App-Server
X-IIJ-Cache
X-WA-Info
NnCoection
ScoreTracker
CT
Section-Io-Id
X-Highwire-RequestId
X-SmartBan-Host
Cneonction
X-SRV
X-Highwire-SessionId
X-BKSrc
X-Server-Id
X-FIRSTBase
X-Vary-Options
X-Grid-Server
X-Varnish-Action
Pool-Info
XDomainRequestAllowed
X-SmartBan-URL
X-Nginx-Cache
X-GeoIP
X-Provisioner-Version
X-Transaction
X-EC-Security-Audit
X-Domain-Checked
X-Sucuri-ID
X-Twitter-Response-Tags
X-Connection-Hash
X-PoweredBy
X-Resolver-IP
X-App-Status
Beyond-Iis
A
X-EDGECONNECT-GUID-DEBUG
Warning
X-Webstats-RespID
X-ORACLE-DMS-ECID
X-HP-Trace-ID
X-Smartcache-Timeout
X-HP-Trace-Project
X-CacheResult
X-Cache-TTL-Remaining
Thanks
X-Cache-Keep
X-WP
X-Smartcache-Keys
X-WEBSERVER
IM-Version
X-Distributed-By
X-Response
X-B
X-Varnish-Debug-TTL
Device-Type
X-RDP
X-Amz-Storage-Class
X-Server-Instance
X-Unbounce-PageId
X-ARC
X-RiS-UFDI
X-Optimization
X-LB-Server
X-Flow-Powered
N365rili
X-Actindo-RS
Content-Server
X-Sov
X-Rot
Sophnep-Edge-FX
Cluster-ID
X-Akamai-Edgescape
X-Cache-On
X-Unbounce-Variant
X-Amz-Meta-S3cmd-Attrs
X-Unbounce-VisitorID
X-Desc
X-Atraveo-Set-Cookie
X-Atraveo-From-Varnish-Cache
X-Atraveo-Expires
X-Atraveo-ETag
X-Atraveo-Param-Rm
X-Atraveo-TTL
X-TTFB-L
X-Atraveo-Zone
X-Atraveo-Cache-Control
X-App
X-NginX-Cache
X-Source-ID
X-TempoPesquisa
X-Force
X-Cache-Action
X-PRAM
X-Unique-Id
X-TTFB
X-Atraveo-Varnish-Server-Id
X-IsCacheURL
X-SmugMug-Hiring
X-Dispatcher
X-Env
Smug-CDN
Myheader
X-Prefetched
X-Cache-PageType
X-SmugMug-Values
X-Cache-Fix
X-ID
SiteName
Keywords
Xc
X-Dw-Trace-Id
Fastly-Backend-Name
TP-L2-Cache
X-Cache-Engine
X-Airee-Node
VAR-Cache
TP-Cache
X-REDIRECTSERVER
Dynatrace
X-VC-TTL
Noq
WP-AdvCache-MemCached
Ttl
Ram
X-NewRelic-App-Data
X-ServerIndex
Real-Server
Cpu
MW-Webserver
X-W3TC-Minify
NLCacheNote
X-Esi
PowerCDN
X-Uid
RN-Server
X-Key
X-Captured
X-F-Cache
X-HTML-Minification-Powered-By
Prxy
X-Rebelmouse-Surrogate-Control
X-Rebelmouse-Cache-Control
Cdate
X-Id
X-Real-IP
X-SV
X-Magento-Tags
X-AWS
P-WS
P-LB
X-Invoke-Duration
X-Is-Mobile
X-Plat
X-Cache-Node
X-Do-Esi
X-Vhost
X-Unique-ID
MC
X-Content-Security-Policy-Report-Only
X-Info
X-Client-Image-Vid
X-Detected-Device
X-NginX-Server
Cmstype
Cmsid
X-Client-Vid
X-Edge-IP
X-EPiphany-Vid
ServerSignature
ServerTokens
Head
X-Hosts-Backend
X-Srv
X-Cache-Source
CmsCacheEngine
X-Cache-Provider
OT-RequestId
X-Forwarded-Proto
X-B2f-Not-Route
X-PG
X-GSL-Server
X-Healthy
X-T3CacheTags
X-HW
X-T3CacheInfo
APP-VERSION
X-Server-By
X-Site:
X-N-ViewType
X-T3Cache
WSCLoggingUUID
Ibm-Web2-Location
X-Plat-Be-Ip
SBGI-1
X-CB-Server
SBGI-10
X-Plat-Va-Ip
Sid
X-Middleton-PageSpeed
Ngpass-Vcall
X-DSMX-Render-MS
X-ASAP-Cache
X-Clara-ASAP
X-Enhanced-By
X-DSMX-Rewrite-MS
SBGI-5
X-Sentry-Token
SBGI-Device
X-WorkerInstancename
X-Appmachine-Environment
Hosted-By
SBGI-RealPath
Hamster
Ksid
X-MrHost
SBGI-7
Bios
SBGI-9
Cache-Rule
SBGI-RenderTime
CLMOB
Content
CommunityServer
X-Dev
X-MAT-GEO
Hash
LBC
X-Remote-Addr
Web
Paypal-Debug-Id
Worker
X-Cms-Mode
Copyright
AC-ELC
X-Avvio-Cms-Cacheload
AsisCache
X-Cache-Set
Servername
Mime-Version
X-Src-Webcache
X-Rack-Cors
X-SID
X-DealerOn
X-We-Are-Hiring
Imx-Cookies-Used
X-Varnish-Instance
Description
X-Node-Name
E-TAG
X-Varnish-Store
X-Varnish-Set-Cookie
User-Agent
XX
X-Environment
X-Hiawatha-Cache
X-GRACE
X-CACHE-TTL
X-Cache-Backend
X-Varnish-URL
X-Platform-Server
MageStack-Cache-Lifetime
LBVIS
Ec
X-Trace-Id
NS-VaryByCustom-Key
MageStack-Cache-Hits
MageStack-Cache
User-Cache-Control
X-7d-Instance-Id
X-Wm-VIP
X-Wm-1
MageStack-Area
X-Varnish-Esi-Method
X-Varnish-Esi-Access
Set-Cookie2
Fw-Via
Note
X-DTC
Content-Cache
X-EdgeRouter
Machine
X-7d-Trace-Id
X-MobileDetected
X-Hstore
X-Hrouter
X-HP-CAM-COLOR
X-Apm-Telemetry-Syncmark
PServer
X-RequestId
X-Turpentine-Esi
X-Ocache
X-Varnish-Currency
X-MSU-SOURCE
X-Turpentine-Cache
X-Amz-Id-1
X-Clx-Request
B-Powered-By
Il-Cl
X-Render-Time
X-Rack-CORS
X-Fstrz
Max-Age
X-Goog-Generation
X-Box
X-Cache-Extended
X-HAProxy
MageStack-Cache-Status
X-Ob-Mode
X-Proxy-Cache-Key
X-Goog-Stored-Content-Encoding
X-Goog-Storage-Class
X-Goog-Metageneration
X-Full-URL
X-WR-MODIFICATION
Tracker
X-ProxyInstancename
Ctx
D
X-AppServer-Cache-Rule
X-AppServer-Status
X-Company
X-CSRF-TOKEN
X-ClusterID
X-Ratelimit-Remaining
Dispatcher
MageStack-Web-Node
Svr
MageStack-Config
X-HITS
MageStack-Tag
X-Server-Generated
MageStack-PageSpeed
MageStack-Cacheable
MageStack-Loadbalancer
Nginx-Cache
X-Server-Instance-Name
X-Goog-Stored-Content-Length
MageStack-Cache-Warning
X-Time-Microsecs
X-Distributor
MageStack-Debug
X-GUploader-UploadID
X-Search-Id
X-Header
X-Hosting
X-TB-M
X-Seschat-URL
X-Magento-Action
X-SeschatDID
INCOMING-TIME
X-SeschatLayout
Mto-License-Status
X-Nginx
X-ACCELERATE
Cteonnt-Length
WFE
IsMobile
X-Stage
X-AccessDev
Server-Ip
X-SeschatTemplateID
X-Litespeed-Cache-Control
X-SeschatRedID
X-Varnish-Error-Restart
X-Pj-Cache-Status
Server-Id
X-DEBUG
Og
X-Artvisual-Server
X-Secret
X-Test
X-Frames-Options
NZSpeedy
X-Varnish-Backend-Healthy
Device
Resin-Trace
X-Restarts
X-COUNTRY-CODE
X-MCB-Server
X-JSESSIONID
X-Not-Cacheable
X-Magento-Cache-Debug
X-Hosting-Env
X-DOM
X-Amz-Meta-Cb-Modifiedtime
X-GoCache-CacheStatus
X-Dynamic-Cache
X-Status
X-Old-Content-Length
X-Nginx-Request-Time
X-WebNode
XDisk
X-DN-GyrobaseID
VC-NoCache
X-Faeria
X-LOCATION
X-Cache-Handler
Proxy-Cache
VANITY-HOST
X-Flex-Tags
X-Flex-Tag
X-Flex-Lang
X-Flex-Lastmod
VnhCdn-Status
Host-Name
Apachenode
X-Content-Type
X-Jcms-Ajax-Id
Actual-Object-TTL
X-VC-Enabled
Access-Control-Request-Headers
Referrer-Policy
X-DN-Cache-Control
X-BeResp-Ttl
X-Varnish-Cache-Control
Apache
X-Say-TTL
X-Analytics
X-CDN-COMPRESS
X-FreeTag-Count
X-Flex-Evstart
X-Egnyte-Request-Id
ServerIP
X-Time-Spent
X-Cms-Server
Backend-Timing
X-Cache-ID
X-Backend-TTL
X-SayCDN-TTL
X-SayCDN-UA
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-Say-Cacheable
X-VCS-Url
X-Route
Session-Id
X-ACLR-Version
X-Browser
Content-Instance
X-VCS-Ttl
X-Pj-Cache-Key
X-VCS-Cacheable
X-VCS-Cache-Server
X-VCS-Billing
X-VCS-Hit
X-VCS-Host
X-VCS-Status
X-VCS-Nrhit
X-NewCloud-V-Cache
X-Gyrobase-Publication
X-Instance-Name
MSThemeCompatible
X-Meta-Imagetoolbar
X-Meta-MSSmartTagsPreventParsing
X-Meta-MSThemeCompatible
MSSmartTagsPreventParsing
Httpd-Identifier
X-CPU-Time
X-Author
X-MCF-ID
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
X-Proto
X-RealServer
X-DataDome
X-Cache-Level
X-FCMS-Cache
X-ORACLE-DMS-RID
X-Pressidium-NinukisWP-Ver
X-ASAP-Age
X-AG-MIPS
X-T
X-Server-Addr
AGI-Request-ID
Provider
X-4ormat-Cacheable
X-HostName
SS
X-Client-Ip
X-DeliveryServer
X-Fpc
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Litespeed-Cache
X-Geo
X-HASH
X-Fallback
X-EntryPoint
Kanooh-Host
ORIGIN
X-LS-DEBUG
X-Flex-Evend
X-Pagely-Cache
Kp-EeAlive
GenSvr
X-AISO-Cache
X-AISO-Cacheable
X-AISO-Server
Accept-Language
X-Application
X-ATM-RTime
X-ATM-RServer
X-ASEN
X-AREQUESTID
X-RSS-CACHE-STATUS
X-AUSERNAME
X-ManagedFusion-Rewriter-Version
X-Hit
X-EZPublish-InstallationID
X-Rewritten-By
X-Built-By
Pool
X-PBY
X-Hcom-Styx-Info
Aurora-Node
SL-NOREWRITE-REDIRECTS
WP-Cache
X-Backend-Name
X-Cluster-Node
X-Cache-CFC
X-Signature
X-EZPublish-NodeID
X-Span
X-Flex-Community
BKREF
Serverid
X-Nocache
X-This-Proto
X-FFX-B
Prototype-RootPath
X-Accel-Cache-Control
Cleartype
X-VERSION
X-Pj-Cache-Time
X-IP
X-RAMCache
Exires
X-Cache-Me-Harder
X-Domino-CacheValidationWithETagResult
X-OPNET-Transaction-Trace
X-SayCDN-DevType
X-SilverStripe-Cache
X-Domino-CacheValidationWithETagReason
Aoestatic
X-Cookies-Stripped
X-ESI-Enable
X-Pj-Cache-Flags
X-APP
X-Magento-Cache-Control
X-Varnish-Max-Age
From-Origin
MtcHosted
X-VhostID
X-ATP-Server
X-Device-Group
X-Max-Age
X-Mii-Cache-Hit
X-Pb-Mii
X-DynamicCache
Www.Aujourdhui.Com
X-CCM
V-Age
X-Pixelsilk-Server
X-Vhost-ID
X-Generated
X-Hash
X-HA
X-Checkout
HA-Front
X-Cluster
X-Pixelsilk-Version
RouteID
X-Cluster-Host
X-9XB-Server
X-Depends
X-E
X-Mobile
Response-Time
Origin-Server
X-Wily-Servlet
X-Wily-Info
X-RemovedCookies
Charly
Expire
X-Timing
X-Wikidot-Backend
X-D-Time
X-ChromeLogger-Data
X-Fe
X-Generation-Time
X-S-Misc
Webserver
Progma
QC-Hit
X-Wikidot-Static-Cache
QC-Key
QC-Time
Powered-By-VeryCDN
X-OneLinkTook
X-OneLinkServiceType
X-Provided-By
X-Magento-Lifetime
X-Router
X-Router-Backend
X-Site-Name
X-DDM-SERVER-UPDATED
X-DDM-SERVER
Redirect
Public-Extension
ResourceTag
X-Theme
RSL-Trace-ID
X-SuperCache
X-Tags
X-NewsFlow-DoCache
X-Fedora-School-Id
X-NewsFlow-Sitename
X-OneLinkHost
X-OneLinkProcessing
X-Catalyst
Server-ID
X-Tradeindia-SMgmt
X-Tradeindia-Request-GUID
X-UseReverse-Proxy
X-Webapp
ReqUrl
MachineName
Thinkindot-Control
X-TargSmaku
SERVER-IP
Ews
Be
Backend-Name-Original
X-Powered-Developer
X-PF-CACHE-FAILED
X-Cache-Via
X-FarmId
X-Gannett-Site-Version
X-Pageid
X-Request-Processing-Time
Expiries
X-Request-Received
X-WHOIS-Cached
EWHSERVER
Fpc-Expire
X-UUID
X-Zendesk-User-Id
X-Zendesk-Origin-Server
Content-ID
X-Xhr-Current-Location
X-Wix-Route-ID
X-Runtime-Memory
X-Cachable
X-Beatles-Hits
X-Your-GrandPa-Would-Wait
X-Would-Your-GrandPa-Wait
X-Cache-Why
Rt-Proxy-Cache
DNNOutputCache
X-TTL-Age
X-Trace-App
X-Venda-Hitid
DeleGate-Ver
X-FastCGI-Cache
EXT-CACHEEXPIRE
X-Does-He-Have-Time
Http
X-UA
X-Block
X-SL-Notranslate
X-SL-Norewrite
CD2
DrivedBy
X-DEBUG-TTL
Web-Server
X-Channel-Maxage
MwpReleaseVersion
Pw-Value
X-ETag
X-Rq
X-Ghost-Cache-Status
X-Upstream-Backend
X-Bypass-Ssl-Transform
X-FG-RequestId
NodeId
X-Device-Class
Brandcast-Brand-Id
Brandcast-Load-Balancer
Cache-Status
X-Cache-Detail
X-Static
DB-Nickname
X-Expose-Site
X-Expose-Hostname
X-Expose-Took
X-Highwire-Sitecode
X-Matched-Rule
X-Expose-Generated
X-ESI
HOST-SERVICE
Thinkindot-CacheControl
Thinkindot-CacheControl-Type
X-ProcessESI
X-Batcache
X-Forwarded-Server
X-PageType
X-OCTOPOD
Tempo
X-WebKit-CSP-Report-Only
X-Ants-Host
RequestId
X-IP-Address
SBMCLOUD
X-PM-ID
Language
X-Obr-Rule
Apple-Itunes-App
X-Ants-Machine-Id
X-NGINX-Cache
X-OpenCart-Lightning
Debug-Status
X-Forwarded-Host
X-Cacheable-TTL
X-KoobooCMS-Version
Realaction
X-BPool
X-BServer
X-DPWN-IS-SECURE
X-RequesterIP