Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Set-Cookie
Connection
Cache-Control
Vary
X-Powered-By
Expires
Content-Length
Last-Modified
Pragma
Link
Accept-Ranges
ETag
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
X-Cache
Strict-Transport-Security
CF-RAY
X-AspNet-Version
P3P
Age
X-Pingback
Content-Language
X-UA-Compatible
Via
Expect-CT
Access-Control-Allow-Origin
X-Adblock-Key
Upgrade
X-Varnish
X-Cacheable
Content-Security-Policy
X-Check
X-Template
X-Language
P3p
X-Generator
X-Buckets
X-Request-Id
X-Drupal-Cache
X-AspNetMvc-Version
X-Type
X-Cache-Group
X-Pass-Why
X-Hacker
X-Ac
Alt-Svc
X-Powered-By-Plesk
X-Cache-Hits
Content-Location
X-Permitted-Cross-Domain-Policies
X-Download-Options
X-Runtime
X-Xss-Protection
X-FRAME-OPTIONS
Host-Header
X-ShopId
MS-Author-Via
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId
X-Dc
X-Sorting-Hat-Section
X-ShardId
X-Sorting-Hat-PodId-Cached
X-Alternate-Cache-Key
X-IPLB-Instance
Cartoon
X-Powered-CMS
X-UA-Device
X-Served-By
Status
X-Amz-Cf-Id
Access-Control-Allow-Headers
Access-Control-Allow-Credentials
Access-Control-Allow-Methods
X-Via
X-Iinfo
X-Cache-Status
X-Backend
X-Timer
X-ServedBy
X-CST
CF-Cache-Status
X-Contextid
X-TEC-API-VERSION
X-TEC-API-ROOT
X-TEC-API-ORIGIN
Powered-By
X-PC-Key
X-PC-Hit
Content-Encoding
X-Mod-Pagespeed
X-DIS-Request-ID
X-PC-Host
X-PC-Date
X-PC-AppVer
X-Logged-In
Keep-Alive
X-Rid
X-Cache-Hit
X-Tumblr-User
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-CDN
X-Port
X-Request-ID
WPE-Backend
X-Host
X-Tumblr-Pixel-1
Referrer-Policy
X-Server
X-Cache-Enabled
X-Tumblr-Pixel-2
X-Server-Powered-By
X-Robots-Tag
X-Endurance-Cache-Level
X-Nginx-Cache-Status
X-Seen-By
X-Wix-Server-Artifact-Id
X-Wix-Request-Id
X-Wix-Renderer-Server
X-Turbo-Charged-By
X-Page-Speed
X-Accel-Version
X-Wix-PunisherID
WP-Super-Cache
X-Pad
Content-Security-Policy-Report-Only
X-Drupal-Dynamic-Cache
X-Content-Powered-By
X-Tumblr-Pixel-3
X-Forwarded-For
X-Forwarded-Proto
X-Content-Digest
X-Varnish-Cache
X-Rack-Cache
X-Styx-Req-Id
Surrogate-Key-Raw
X-Pantheon-Styx-Hostname
X-AH-Environment
X-Proxy-Cache
X-GitHub-Request-Id
X-Died
X-Original-Date
SPRequestGuid
X-Cnection
X-SharePointHealthScore
MicrosoftSharePointTeamServices
X-MS-InvokeApp
Edge-Control
X-Request-Country
X-XRDS-Location
X-LiteSpeed-Cache
X-Cache-Lookup
Cf-Railgun
Timing-Allow-Origin
X-Amz-Request-Id
X-Amz-Id-2
MicrosoftOfficeWebServer
X-WPE-Loopback-Upstream-Addr
X-Safe-Firewall
Charset
Request-Id
X-Webserver
X-FullPageCaching
X-FW-Hash
Edge-Cache-Tag
X-FW-Serve
X-FW-Type
X-FW-Static
X-PhApp
X-HS-Cache-Config
X-SERVER
X-HS-Content-Id
X-Content-Security-Policy
SPIisLatency
SPRequestDuration
X-INKT-URI
X-INKT-SITE
X-Node
X-CF-Powered-By
X-Tumblr-Pixel-4
X-Hits
Access-Control-Max-Age
Content-MD5
Composed-By
Liferay-Portal
Grace
X-Swift-SaveTime
X-Swift-CacheTime
X-AWS-Id
X-LJ-Flow-ID
X-VWS-Id
Request-Context
Rating
X-Newrelic-App-Data
EagleId
X-CDN-Pop
X-CDN-Pop-IP
Served-By
X-Hyper-Cache
X-BC-Stapler
Access-Control-Expose-Headers
X-Spip-Cache
X-Server-Name
X-Firenze-Processing-Times
Fastly-Debug-Digest
X-PHP-Backend
X-Backend-Server
X-Device
X-Fastly-Request-ID
X-Tumblr-Content-Rating
X-Microcache
X-Dw-Request-Base-Id
X-ServerName
X-VCache
X-RateLimit-Remaining
X-RateLimit-Limit
X-Cloud-Trace-Context
Content-Style-Type
X-RateLimit-Reset
Content-Script-Type
Public-Key-Pins
X-User-Agent
X-Jimdo-Instance
X-Jimdo-Wid
X-FB-Debug
X-Loop
X-TNCMS
Real-Hostname
X-Clacks-Overhead
Refresh
Front-End-Https
X-DDC-Arch-Trace
X-Cache-Config
X-Acc-Exp
Surrogate-Control
X-XN-XNHTML
X-Age
X-XN-Trace-Token
Xkey
Fpc-Cache-Id
X-Trace
X-Tumblr-Pixel-5
X-Px
PageSpeed
X-DNS-Prefetch-Control
X-N-OperationId
Display
X-Middleton-Display
X-Middleton-Response
Response
X-Sol
X-Cached
X-Hostname
X-Generated-By
X-StackifyID
X-LiteSpeed-Cache-Control
X-Topify-Platform
X-SS-Conf
X-SS-Location
X-MiniProfiler-Ids
X-HOST
X-WebKit-CSP
X-Request-Time
Surrogate-Key
X-Cached-By
X-FORWARDED-FOR
X-Zen-Fury
X-DynaTrace-JS-Agent
X-Content-Options
X-URL
TCN
X-Content-Security-Policy-Report-Only
X-Amz-Version-Id
X-DynaTrace
X-Whom
X-HS-Combine-CSS
X-ApacheServer
X-PERF
X-CMS-Version
Rt-Fastcgi-Cache
X-Pantheon-Environment
X-Pantheon-Site
X-Pantheon-Phpreq
X-Url
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Kinsta-Cache
Access-Control-Request-Method
X-Handled-By
X-Outils-CS
Edge-Control-Message
Product
X-AspNetWebPages-Version
P-WS
P-LB
X-Magento-Tags
Alternate-Protocol
Host
DynaTrace
X-Umbraco-Version
Imagetoolbar
X-LBLID
X-OneAgent-JS-Injection
X-Tumblr-Pixel-6
X-Engine
ServedBy
X-Microcachable
X-Varnish-Cache-Hits
X-Fastcgi-Cache
X-Varnish-TTL
X-Recruiting
X-Correlation-Id
X-Cache-Rule
Fhost
X-Goog-Hash
Powered
X-Ruxit-JS-Agent
X-From
X-NWS-LOG-UUID
Generator
X-CacheServer
X-Edge-Location
X-RESOURCE
X-Track
X-Actual-URL
X-Location-Id
X-B-Cache
X-Micro-Cache
X-Passed-To-DLL
X-Powered-By-VTEX-Janus-ApiCache
X-Original-Request
X-Returned-From
No
X-Passed-To
X-Vtex-Processado-Em
X-VTEX-Janus-Router-Backend-App
X-URLSCHEME
X-Vtex-Processed-At
X-VTEX-Cache-Status-Janus-ApiCache
X-Returned-From-DLL
X-Vtex-Remote-Cache
WZWS-RAY
X-Powered-By-360WZB
X-Varnish-Beresp-Ttl
X-Passed-To-BeforeDispatch
X-Returned-From-BeforeDispatch
X-Returned-From-PostProcessResponse
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-Passed-To-PostProcessResponse
X-Hosted-By
X-Application-Context
Public-Key-Pins-Report-Only
X-Stale
X-Cache-Age
X-Tec-Api-Root
X-Msg-2-Log
X-Tec-Api-Version
X-Tec-Api-Origin
X-Powered-By-VTEX-Janus-Edge
Fastcgi-Cache
Arr-Disable-Session-Affinity
X-Upstream
X-Varnish-Host
X-UD-Method
X-Developer
Dmn
Akamai-IP
X-Matrix-Server
X-Matrix-Proxy
Origin
X-Cache-TTL
X-I-Sp
X-BS
X-Instart-Request-ID
X-Accel-Expires
Content-Hash
X-NetCat-Version
X-Source
X-Platform
X-Duration
X-LB
X-Response-Time
X-Device-Type
X-App-Hosting
X-Rocket-Nginx-Bypass
X-Internal-ReqID
X-S
HTTPS
X-Platform-Processor
X-Platform-Router
X-Debug-Info
X-Defender
X-VARNISH-Cache
X-Shop-Id
X-Version
X-Page-Cache
X-Platform-Cluster
X-Storage
X-TransIP-Balancer
X-Daa-Tunnel
X-Revision
X-Signature
X-HS-Content-Campaign-Id
X-LW-Cache
Cache-Key
Powered-By-ChinaCache
Ohc-File-Size
Last-Published
X-Front
X-Supported-By
X-Cache-Debug
X-Translation
X-Microcache-Status
X-Varnish-HitMiss
X-Varnish-Count
MIME-Version
Pool
X-TransIP-Backend
X-Powered-By-VelaWeb
X-Expires-Orig
X-Cache-Operation
X-Gamma-Serve
X-Varnish-Cacheable
X-Cache-Info
X-Art-Request-Id
X-EdgeConnect-Origin-MEX-Latency
X-NoCache
X-Server-ID
X-ATG-Version
Version
X-Dispatch
X-Content-Encoded-By
X-Director
X-I
USPLoggingUUID
X-Origin
X-Cache-Only-Varnish
IBM-Web2-Location
Content-Disposition
Cache-Provider
X-EdgeConnect-MidMile-RTT
X-Cache-Key
Node
X-Firenze-Processing-Time
X-Varnish-Age
X-Platform-Server
X-Lambda-Id
X-VTEX-Cache-Status-Janus-Edge
X-F-Cache
X-TTL
X-Dispatcher
X-Hypernode
X-SV-CreatedAt
X-SV-Pid
X-SV-Duration
X-SV-Nginx-Duration
X-SV-Edge
X-Cache-Tags
IM-Version
X-SV-FromDBCache
X-SV-Cacheable
X-SV-Expires
X-SV-CacheTags
X-Vcap-Request-Id
X-Server-Upstream
X-Flow-Powered
X-Abgroup
X-Magento-Cache-Debug
Allow
X-Client-IP
X-ARC
X-UPSTREAM
ServerName
X-AOL-HN
X-SSL-Cipher
X-GeoIP-Country-Code
X-Cache-Control-Orig
X-Debug
X-Varnish-ObjectSource
X-Varnish-GracePeriod
X-Varnish-RemainingLife
X-Varnish-RemainingTTL
X-Varnish-Seen-By
X-SSL-Protocol
X-Varnish-Backend
X-Route-Server
SSPAppContext
Accept-Encoding
X-Platform-Cache
Srv
X-Cache-Expires
X-Cache-Lifetime
Lsrequestid
X-Geo-Country
Content-Encoding-Handler
X-Sucuri-ID
Fw-Via
X-CJ-Soft
X-Grace
X-Sucuri-Cache
Cneonction
X-Cookie-Domain
X-Edge-IP
X-Goog-Generation
X-Goog-Storage-Class
X-Proxy
X-Goog-Stored-Content-Length
X-Loopia-Node
X-GUploader-UploadID
X-Goog-Stored-Content-Encoding
X-Goog-Metageneration
Proxy-Connection
X-LB-Node
Pv
X-RequestId
ServerID
FAI-W-FLOW
X-Litespeed-Cache
Backend
X-Correlation-ID
Wsr-Cache
X-PwB-Node
X-Last-Modified
SN
X-Amz-Meta-S3cmd-Attrs
X-Browser
X-Akamai-Device-Characteristics
Section-Io-Id
X-ORACLE-DMS-ECID
X-IsCacheURL
X-Speed-Cache
X-Speed-Cache-Key
X-Cache-Server
X-Dns-Prefetch-Control
Location
X-Nbs
X-SDS
X-Via-JSL
X-GeoIP-Country-Name
X-Id
X-Abuse
NnCoection
X-Content-Age
X-SRCache-Key
PICS-Label
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Server-Id
X-SE-Debug
X-Url-Base
Tracecode
X-Hiawatha-Cache
X-ServerID
X-Sapient
Page-Completion-Status
Req-Id
S
X-Discourse-Route
X-Rnd
X-Generated
X-Yadis-Location
X-Cache-Engine
X-Country-Code
X-Xrds-Location
RTSS
Edge-Content-Tag
Accept-Charset
X-Middleware-Start
X-Cf-Powered-By
X-NB-Cached-Page
X-Shield-Request-Id
X-Varnish-Ttl
Author
A-Powered-By
X-CDN-Forward
X-N
X-Nginx-Cache
X-Akamai-Device-Model
X-Drupal-Cache-Tags
X-BKSrc
X-Time
X-CDN-Cache-Status
X-CDN-Node
X-Orig-Vary
X-Worker
X-Varnish-Url
Xc-Version
X-Frontend
X-FW
X-Cache-Type
X-Traffic
X-Route-To
X-Processing-Time
X-Akamai-Transformed
X-Cache-CFC
X-BackendServer
X-Purge-URL
If-Modified-Since
Content-Transfer-Encoding
X-Cache-Control
Nodo
X-Processed-By
Use-Proxy
X-Srv
WWW-Authenticate
Cache
Qs-Cache
X-LB-Server
X-Varnish-ID
Cm-Server
HAVer
HCVer
X-ID
X-SO
Local-Info
Server-Info
X-Amz-Storage-Class
X-PF-Uncompressing
X-Magnolia-Registration
X-Vhost
X-DealerOn
X-HP-Trace-Project
X-HP-Trace-ID
AMF-Ver
X-Purge-Host
X-JG-Page-Cache
Eomportal-Instance
X-Always-Cache
S-Cnection
X-Cache-Fix
X-Cache-PageType
Frame-Options
X-Cache-Level
X-VARITI-CCR
X-Config-Blacklist-Version
X-ClientSide-Caching
X-Empowered-By
X-Varnish-IP
X-Runtime-Memory
X-Magento-Cache-Control
SRV
X-Varnish-Hits
X-DataDome
X-Yottaa-Metrics
X-Pressidium-NinukisWP-Ver
X-Yottaa-Optimizations
MJ12bot
X-Env
X-Webkit-CSP
NetMindSessionID
X-Ttl
Web-App-Origin-Name
X-Environment
SEOMOZ
SVR
X-Cache-Device-Type
X-Real-Server
NODE
AddOutputFilterByType
X-Hit-Cache
X-FireWall-Port
X-Pagename
X-Cache-Handler
X-App-Server
X-ServerIndex
X-Litespeed-Cache-Control
Access-Control-Allow-Header
X-Framework
Cached
X-Amz-Meta-Cb-Modifiedtime
X-Mobilized-By
X-WN-ClientGroup
WN
Magicmarker
X-Healthy
Server-Name
Cache-Tag
X-Powered-By-Server
Thanks
Retry-After
X-ACMCache
X-PRAM
X-Atraveo-Varnish-Server-Id
X-Force
X-Atraveo-Zone
X-Atraveo-Cache-Control
X-HW
X-CB-Server
X-Cache-Doesi
X-Atraveo-ETag
X-Atraveo-Expires
X-Atraveo-Set-Cookie
X-Atraveo-Param-Rm
X-Atraveo-From-Varnish-Cache
X-Atraveo-TTL
X-High-Performance
X-Varnish-Retries
MC
X-CF-Passed-Proto
X-Cache-Provider
Nitro-Cache
X-Dw-Trace-Id
X-VC-TTL
X-Directory-Script
X-Cache-Source
X-CDN-COMPRESS
X-CDN-RULE
Front
X-SmugMug-Hiring
X-TTFB-L
X-TTFB
X-Cluster-Node
X-SmugMug-Values
X-Debug-Token
CLMOB
Warning
W
X-GeoIP
X-WR-Flags
CacheControlHeader
Smug-CDN
X-Drupal-Cache-Contexts
NtCoent-Length
X-Varnish-Server
X-Twitter-Response-Tags
Disablevcache
X-Clara-ASAP
X-Transaction
X-Connection-Hash
X-AF-Userserver
BALANCEDTO
X-Session-ID
Content_type
X-ASAP-Cache
X-NODE
X-Remote-Addr
X-Drectory-Script
X-ORACLE-DMS-RID
X-Culture
X-Balanceador
X-Sys-Req-ID
X-VC-Enabled
X-Mobile-URL
X-Resty-Request-Id
X-Ezoic-Cdn
X-HOSTNAME
X-Fedora-School-Id
X-WHOIS-Cached
X-Adobe-Loc
X-LP
X-Adobe-Content
EagleEye-TraceId
X-Domain-Checked
X-App-Status
X-Client-Vid
Proxy-Agent
X-Client-Image-Vid
X-Provisioner-Version
X-EPiphany-Vid
X-Unbounce-Variant
Dispatcher
X-Nginx-Host
X-Unbounce-PageId
X-Unbounce-VisitorID
X-Server-Instance
X-Session-Reinit
X-Key
Home
X-Cache-Node
Cmstype
X-Symfony-Cache
OriginServer
Cmsid
X-App
Max-Age
X-This-Proto
X-IIJ-Cache
X-Varnish-Hostname
X-UA
X-WR-MODIFICATION
X-Runtime-Rack
IISExport
X-Redman-Final-Url
X-AVG-Country-Code
Identity
X-Akamai-Edgescape
X-Avg-Cookie-Expires
DNNOutputCache
X-Redman-Backend
Strikingly-Cached-Version
Strikingly-Cached
Beyond-Iis
X-ACCELERATE
X-Map-Context
X-ARRServer
Keywords
X-Server-IP
Strikingly-Cache-Region
X-Cocoon-Version
X-Backend-Status
Backend-Timing
X-Analytics
X-Req-Head-Response
X-OpenCart-Lightning
X-HTML-Minification-Powered-By
Machine
X-Info
Nginx-Cache
Ctx
Pagespeed
HitType
X-Location
X-Stage
SBGI-7
X-Cache-Dispatcherpragma
X-Origin-404URL
X-Origin-404Back
SBGI-9
MW-Webserver
SBGI-10
X-Cache-Dispatchercachecontrol
SBGI-5
SBGI-1
X-HP-Redirect
X-Batcache-Reason
X-A
SBGI-RenderTime
X-CAPServer
X-TB-M
X-RiS-UFDI
Pics-Label
X-CSRF-Token
Yoncu-Errno
Swift-Performance
X-Wikidot-Static-Cache
X-Batcache
SBGI-Device
X-EC2-Instance-Id
SBGI-RealPath
Ram
Noq
X-Source-ID
X-B2f-Not-Route
X-Varnish-Cache-Local
X-HA-Backend
Ufe-Result
X-Apm-Telemetry-Syncmark
X-Content-Type-Option
X-Rack-Cors
X-Rocket-Nginx-Serving-Static
X-Wikidot-Backend
X-Aramark-SID
X-HA-Frontend
X-WP
X-Disney-Akamai-Rule
X-Machine
COMMERCE-SERVER-SOFTWARE
X-LW-Web-Server
X-NginX-Cache
Access-Control-Allow-Method
X-Esi
Bios
X-Cache-Detail
X-Autoru-LB
X-Autoru-Host
X-AutoRu-App-Id
NLCacheNote
From
WP-AdvCache-MemCached
X-Webcelerate
X-HydroSheep
X-Goog-Meta-Policy
Fastly-Backend-Name
SHInfo
SiteSpeed
X-DB-Content-Length
X-Goog-Meta-Replace
Description
From-Origin
X-Page
ScoreTracker
X-E
ServerSignature
X-Pj-Cache-Status
X-SERVER-NAME
X-Jphone-Copyright
Dis-Env
Traffic-Origin
ServerTokens
ViewMode
X-MSEdge-Ref
X-Plat
XDomainRequestAllowed
X-Resolver-IP
Set-Cookie2
Cteonnt-Length
Cache-Tags
Accept-Language
X-Cache-TTL-Remaining
Il-Cl
X-SDE-Name
Proxy-Cache
X-Garden-Version
X-Generated-Time
X-Smartcache-Timeout
X-NginX-Server
Ews
X-Smartcache-Keys
X-DSMX-Render-MS
X-DSMX-Rewrite-MS
X-Goog-Meta-Goog-Reserved-File-Mtime
X-Hosting-Env
X-Frames-Options
X-HashTwo
Id
Ttl
X-Data-Request
SBMCLOUD
X-Blog
RN-Server
X-Adnet
X-Frame-Option
Myheader
X-Middleton-PageSpeed
X-AEM
X-Rq
X-Grid-Server
X-RealServer
X-Wix-Punisher
X-Gyrobase-Publication
X-Hrouter
X-HITS
X-Unique-ID
X-NewRelic-App-Data
X-Ser
PagesDisplayed
X-LBPoolMember
X-Served-Server
AsisCache
X-Hstore
X-Trace-Id
X-KoobooCMS-Version
X-Machine-Name
PServer
X-PM-ID
X-CacheResult
X-Replay-Request-ID
X-Cache-Keep
X-CRA-DC
X-MAT-GEO
Hosted-By
Tempo
X-Proto
X-SmartBan-Host
X-SmartBan-URL
X-Actindo-Thread-Id
X-Response
X-DN-Cache-Control
X-VarnState-NoCache
X-Rack-CORS
X-VarnMisc-Url
X-EMAC-Request-ID
X-VarnMisc-UrlChanged
X-Tag-Playlist
X-MidCOM-Meta-Cache
Sophnep-Edge-FX
X-Cache-On
X-Airee-Node
Content-Server
X-RDP
X-Varnish-Ip
F5-IpCliente
X-Cname-TryFiles
Gzip
X-Highwire-RequestId
X-Deity
X-Amz-Meta-Content-Md5
X-Rebelmouse-Surrogate-Control
X-Served
X-Rebelmouse-Cache-Control
X-Cache-Time
X-M
X-Author
X-CACHE-TTL
X-Highwire-SessionId
ClientIP
X-We-Are-Hiring
TC-Cache
SB-Cache-Remaining
TC-Cache-IC
TC-Cache-U
SB-Site-Device
Cluster-ID
X-Ss-Location
FastCGI-Cache-Status
SB-Cache-Life
RSB-LINK
X-Ss-Conf
SB-Site-IE-VERSION
TC-S-Cache
X-Depends
X-Rewrite
X-GSL-Server
X-DTC
X-Sc-Cache
Access-Control-Request-Headers
TC-S-Cache-M
X-Cached-Status
Paypal-Debug-Id
NS-VaryByCustom-Key
AccessControlAllowOrigin
Hname
X-Flex-Tag
X-Flex-Lastmod
X-Flex-Lang
X-Flex-Evstart
X-Flex-Tags
X-Nginx
WebServer
X-Distil-CS
X-Ghost-Cache-Status
X-Amz-Id-1
X-ACLR-Version
X-Flex-Evend
X-Render-Time
X-WPL-DATA
AC-ELC
X-Actindo-Error-1
X-Flex-Community
X-Actindo-Request-Id
Xc
X-Actindo-Rs
X-MCB-Server
SG
X-HostName
X-Distributor
X-Cms-Mode
Web
X-Oracle-DMS-ECID
X-OPNET-Transaction-Trace
Og
X-Artvisual-Server
X-ReqId
X-SCM-Server-Number
X-Optimization
X-Cache-HT
X-Turpentine-Esi
Worker
X-Search-Id
X-Detected-Device
X-Unique-Id
X-Header
X-Dev
VServer
Response-Time
X-Upstream-Status
X-Upstream-Backend
X-HAProxy
X-CacheID
X-Avvio-Cms-Cacheload
X-Origin-Server
CommunityServer
X-Pagely-Cache
Edgecast
X-Title
Hamster
X-RemovedCookies
X-SilverStripe-Cache
X-Hosting
X-JSESSIONID
X-Webkit-CSP-Report-Only
X-ProcessESI
X-Layout
X-Forwarded-Host
X-Desc
MS-CV
X-AMAZEEIO
ProxiaInstanceId
X-Real-IP
DrivedBy
Url
AR-CACHE
X-Origin-Cache
X-Src-Webcache
Actual-Object-TTL
X-4ormat-Cacheable
X-Secret
X-ASAP-Age
Serverid
ServerIP
Session-From
X-WA-Info
X-Cache-Via
X-Proxy-Cache-Key
X-Webstats-RespID
X-Obj.Ttl
X-HA
X-Does-He-Have-Time
X-ETag
X-Debug-Message
X-Viator-Tapersistentcookie
X-Header-Treatment
X-XHR-Current-Location
X-Lima-Id
X-Beatles-Hits
INFO
X-SCProxy
X-Cache-Set
X-Processed
X-Router
X-Cache-LB
X-Server-Generated
X-OCTOPOD
Buuteeq-Source
AR-SID
AR-PoweredBy
AR-ATIME
Quri
X-TTL-Age
X-Beatles
Uuri
X-Would-Your-GrandPa-Wait
X-Your-GrandPa-Would-Wait
X-VNode
X-CCM
X-GoCache-CacheStatus
Ibf5scheme
N365rili
AMP-Access-Control-Allow-Source-Origin
Brightspot-Id
Server-ID
X-Svr
X-Cache-Id
X-Session-Id
X-Captured
X-PBY
X-W3TC-Minify
X-SH-Cache-Status
X-Bcwwwid
X-Nginx-Request-Processing-Time
X-Container
TP-L2-Cache
Device
X-Varnish-Action
X-Cdn-Forward
X-REDIRECTSERVER
X-Cache-BE
X-Varnish-URL
X-Reflector-Cache
X-Runtime-Affili
X-Site
X-Serv
X-Cache-Warmer
Provider
RATING
X-IP
X-ChromeLogger-Data
X-Resource
X-App-Runtime
Server-Ip
NZSpeedy
X-RAMCache
SERVER-ID
TP-Cache
X-Reflector
BackendServer
X-Lb
X-CACHE-KEY
Hostname
Httpd-Identifier
X-Varnish-Instance
MSSmartTagsPreventParsing
X-ELB
X-VLoc
Debug-Status
MSThemeCompatible
X-Time-Zone
X-CPU-Time
D
X-Sites
Cache-Status
X-ServerAddr
X-Node-ID
X-Server-FQDN
X-Streams-Distribution
X-MCF-ID
X-Varnish-Cached
X-Uncacheable
X-Country
X-UPServer
X-Cache-Varnish
X-Built-With
X-Script
X-Varnish-Cached-TTL
X-Restarts
X-Pixelsilk-Server
X-NID
X-Checkout
X-Pixelsilk-Version
X-Route
EQ-Cache
Be
X-Test
X-Backend-Host
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
Ozcache
X-Time-Microsecs
Server-Tuning
User-Agent
X-Backend-Name
V-Age
HostName
X-Cache-ID
X-Mobile-Rewrite
X-DynamicCache
X-Amz-Meta-Version-Id
X-UT-Cache
X-WebKit-CSP-Report-Only
X-Dynamic-Cache
X-Server-Instance-Name
X-FIRSTBase
Phoenix-Proxy-Cache
Phoenix-Mark
PB-PID
X-UPSTREAM-Address
X-HEAD
PB-RID
Phoenix-A
Phoenix-Cache-V
Phoenix-Cache
X-Rewritten-By
CD4
X-Varnish-Debug-Age
X-Server-Addr
X-ImpID
X-Varnish-Debug-TTL
AGI-Request-ID
X-DS1D
X-AG-MIPS
MwpReleaseVersion
X-Old-Content-Length
X-Meta-MSThemeCompatible
X-Fstrz
X-Cache-TTL-Current
X-Cache-TTL-Age
X-Gannett-Site-Version
X-Instance-Name
X-Meta-MSSmartTagsPreventParsing
X-Meta-Imagetoolbar
X-Forwarded-By
X-HS-Status
Aurora-Node
Accept-CH
X-UUID
Service-Worker-Allowed
X-Cjtype
X-ManagedFusion-Rewriter-Version
X-FRUIT
X-Pass-Through
X-NodeID
X-Status
X-Config-By
Arrnode
X-SV
X-Built-By
X-Ezpublish-Nodeid
X-Ezpublish-Installationid
StatusCode
X-Zendesk-Origin-Server
X-Environment-Context
X-CH-Device
X-Fastly-Backend-Reqs
X-FreeTag-Count
X-L-Path
X-IP-Address
X-Cacheable-TTL
RequestId
Fw-Cache-Status
Y-Trace
Note
Provided-Host
Referer
X-Magento-Action
X-Pageid
X-DevSrv-CMS
Session-Id
X-HP-CAM-COLOR
X-Instance-Id
X-MainProfileCategory
X-LOCATION
XDisk
X-Zendesk-User-Id
X-Serendipity-InterfaceLang
X-Router-Backend
X-Serendipity-InterfaceLangSource
X-UseReverse-Proxy
X-Webapp
X-V
X-Proxy-Id
X-Powered-By-Home.Pl
X-Made-On
Lb
MageStack-Area
MageStack-Cache-Hits
MageStack-Cache
X-Csrf-Token
GranicusServer
X-Srcache-Fetch-Status
X-Srcache-Store-Status
VANITY-HOST
SS
X-Max-Age
MageStack-Cache-Lifetime
MageStack-Cache-Status
Str-Bsite
MageStack-Web-Node
Str-Ip
X-Accel-Cache-Control
X-App-Version
X-Amcomm-Site
MageStack-Tag
MageStack-PageSpeed
MageStack-Config
MageStack-Cacheable
MageStack-Debug
MageStack-Loadbalancer
MageStack-Magento-Version
X-MainProfileID
X-Compressed-By
X-DeliveryServer
X-Cluster
X-Dynamic
X-ENV
X-Sid
X-Cache-Extended
X-Box
X-WebNode
Resin-Trace
X-Agent
X-Application
X-Upgrade-Enabled
Content-Cache
Webserver
X-AppServer-Cache-Rule
X-MainProfileName
X-Bip
UrlWatchModule-Time
X-Highwire-Sitecode
DbServerName
FindLaw
Rewriter
X-Highwire-Smart-Code
X-VC-Debug
X-Brought-To-You-By
X-MainProfileURL
X-Nginx-Request-Time
X-Not-Cacheable
X-Beresp-Ttl
X-COUNTRY-CODE
X-DEBUG
X-Purge-Level
X-Turpentine-Cache
X-Varnish-Currency
X-Tt-Dbg
X-Via-NSCOPI
X-Config-Version
X-Varnish-Esi-Access
AliCDN-Forbidden-Reason
X-ServiceProvider
X-Farm-Server
Apple-Itunes-App
X-MSU-SOURCE
X-Amz-Meta-S3b-Last-Modified
X-Service-Id
Progma
X-Varnish-Esi-Method
X-SuperCache
No-Cache
X-Ar-Debug
X-Cache-Served
X-Client-Ip
VC-NoCache
VAR-Cache
Vserver
Microcache
X-Obvious-Info
Tk
Ez
Tst
X-BeResp-Ttl
X-Cache-Action
Upgrade-Insecure-Requests
ERev-Ver
X-Obvious-Tid
X-Varnish-Set-Cookie
X-AISO-Cacheable
X-AISO-Server
X-Serverid
X-Varnish-Store
X-AISO-Cache
X-DDM-SERVER-UPDATED
!~Request-OOB-Work
X-7d-Instance-Id
X-7d-Trace-Id
Cookie
X-Allow-Redis
Fastly-Restarts
X-Ants-Host
X-Ants-Machine-Id
X-AWS
CDCHOST
X-WHO
X-Cache-Date
X-RequesterIP
X-Theme
BM-Cache-Node
X-BC
X-Custom-Name
X-Request-Received
X-Server-App
X-TempoPesquisa
X-Test-Debug
X-Request-Processing-Time
X-Pubstack
BM-Cache-Key
X-PoweredBy
Actioncode
X-Protected-By
X-Archive-Orig-Server
X-Archive-Orig-Etag
X-Wm-VIP
Expiries
X-LB-Backend
X-LB-Frontend
X-Wm-1
X-Node-Name
X-XHTML-Minification-Powered-By
X-Hit
Www.Aujourdhui.Com
ServerNode
Realaction
Section-Io-Cache
OutputRewritten
X-Archive-Orig-Content-Length
BM-Cache-Status
X-Archive-Orig-Date
X-Archive-Orig-Connection
X-Archive-Guessed-Charset
MachineName
Memento-Datetime
Powered-By-VeryCDN
TTL
Kp-EeAlive
Tesla.Performance
CDN-Cache
X-Wily-Info
CDN-Cache-Hit
CDN-Node
DeleGate-Ver
X-Obj-Ttl
X-RiS-PX
X-SRV
Dynatrace
X-Mobile-Device
X-Mobile-Device-Type
X-Wily-Servlet
Https
X-Sn-Servicetimems
X-PROCESSED-BY
WFE
X-Ssl-Cipher
X-9XB-Server
Server-Id
X-ACache
X-Instart-Cache-Id
X-BIT-Node
X-Front-Cache
X-FG-RequestId
X-Enhanced-By
X-PBS-Appsvrip
X-Catalyst
X-Cache-FS-Status
X-Nginx-Page-Cache
X-Faeria
X-Dynatrace-Js-Agent
Type
X-NewsFlow-Sitename
X-Cache-V
X-Dynatrace
ResourceTag
ReqUrl
X-Vid
X-POPSUGAR-Server-Name
X-Tradeindia-SMgmt
X-Tradeindia-Request-GUID
Page-Template
X-PBS-Fwsrvname
FrontEnd
Public-Extension
X-PBS-Appsvrname
Container
RSL-Trace-ID
X-Who
IsMobile
DB-Nickname
Cleartype
X-Varnish-Mode
Proxy1
IES-Server
Generate-Time
X-B3-Spanid
SINA-TS
Load-Balancer
Kanooh-Host
X-Varnish-Auto-Cache-Miss
X-Clx-Request
X-Server-Ident
X-Transaction-Name
Yola-ID
CacheControlMode
X-Memcached
X-IsCached
X-Imforza-Hosted
X-DDM-SERVER
Copyright
X-Czt
EREV-Ver
X-B3-Traceid
X-BPool-Bx-Cache
X-BPool-Fx-Cache
X-BServer
AMFplus-Ver
X-BPool-Back
X-BPool
X-ZSITES-DNS
Language
TheAnswer
X-AppVersion
X-Vary-Options
X-Static
X-Skip-Cache
X-ClusterID
X-Fpc
SINA-LB
X-APP
X-Backend-TTL
X-Varnish-Cache-Ttl
X-NewCloud-V-Cache
X-Geo-IP
X-Cache-Me-Harder
LB