Threat Level: green Handler on Duty: Jim Clausing

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Set-Cookie
Connection
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
P3P
X-XSS-Protection
X-Pingback
X-Frame-Options
X-AspNet-Version
X-Cache
Content-Language
Age
CF-RAY
X-UA-Compatible
Strict-Transport-Security
Via
X-Adblock-Key
Access-Control-Allow-Origin
X-Language
X-Check
X-Template
X-Varnish
X-Buckets
X-Cacheable
X-Generator
X-Drupal-Cache
Content-Location
X-Request-Id
X-AspNetMvc-Version
X-Hacker
X-Ac
X-Powered-By-Plesk
X-Type
X-Cache-Group
X-Pass-Why
MS-Author-Via
X-Runtime
WP-Super-Cache
Status
X-Powered-CMS
X-Cache-Hits
X-Permitted-Cross-Domain-Policies
Ngpass-Ngall
X-Download-Options
Host-Header
X-UA-Device
X-Dc
X-ShardId
X-ShopId
X-Alternate-Cache-Key
Access-Control-Allow-Credentials
Keep-Alive
Access-Control-Allow-Headers
X-Iinfo
X-Via
Content-Security-Policy
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Tumblr-User
Access-Control-Allow-Methods
X-Tumblr-Pixel-1
X-Mod-Pagespeed
X-Backend
X-Logged-In
X-Served-By
X-Pad
X-Tumblr-Pixel-2
X-Cache-Status
X-ServedBy
X-Contextid
X-PC-Hit
X-PC-Key
X-Server
Powered-By
X-FRAME-OPTIONS
Upgrade
X-CDN
X-Cache-Hit
X-Host
Content-Encoding
X-Tumblr-Pixel-3
X-PC-AppVer
X-PC-Date
X-PC-Host
X-Request-ID
X-Port
X-Timer
X-Robots-Tag
X-Accel-Version
X-Rack-Cache
X-Varnish-Cache
X-Cache-Lookup
SPRequestGuid
MicrosoftSharePointTeamServices
X-Cnection
X-SharePointHealthScore
X-Amz-Cf-Id
X-Server-Powered-By
MicrosoftOfficeWebServer
X-Request-Country
X-Page-Speed
Alt-Svc
X-Safe-Firewall
X-MS-InvokeApp
Rating
X-XRDS-Location
X-Turbo-Charged-By
X-AH-Environment
CF-Cache-Status
X-Content-Powered-By
X-Tumblr-Content-Rating
X-Tumblr-Pixel-4
X-Content-Digest
X-W-DC
X-Cache-Enabled
X-Node
X-Seen-By
X-Wix-Renderer-Server
X-Wix-Request-Id
X-GitHub-Request-Id
X-FullPageCaching
Public-Key-Pins
X-PhApp
X-Webserver
Content-Security-Policy-Report-Only
Request-Id
X-INKT-SITE
X-INKT-URI
SPIisLatency
SPRequestDuration
Composed-By
X-Firenze-Processing-Times
Timing-Allow-Origin
Cf-Railgun
Served-By
X-Amz-Request-Id
X-Amz-Id-2
X-HeyJason
Permitted-Cross-Domain-Policies
X-Proxy-Cache
Liferay-Portal
X-Hyper-Cache
X-Pantheon-Endpoint
X-Styx-Version
X-Styx-Req-Id
X-Pantheon-Styx-Hostname
Surrogate-Key-Raw
X-Spip-Cache
Access-Control-Max-Age
Access-Control-Expose-Headers
Xkey
X-Content-Security-Policy
X-Server-Name
Surrogate-Key
X-Swift-SaveTime
X-Swift-CacheTime
Charset
X-CF-Powered-By
X-Drupal-Dynamic-Cache
X-Tumblr-Pixel-5
EagleId
Content-MD5
Grace
X-CDN-Pop
X-CDN-Pop-IP
Content-Script-Type
X-SERVER
Content-Style-Type
X-Hits
X-FW-Hash
Access-Control-Allow-Method
X-VWS-Id
X-AWS-Id
X-LJ-Flow-ID
X-XN-XNHTML
X-Dw-Request-Base-Id
X-XN-Trace-Token
X-FB-Debug
X-FW-Serve
X-FW-Type
X-FW-Static
Public-Key-Pins-Report-Only
X-Device
X-Tumblr-Adult-Blog
X-VCache
X-Clacks-Overhead
Refresh
X-Fastly-Request-ID
X-User-Agent
X-Jimdo-Instance
X-Jimdo-Wid
X-Backend-Server
X-Cache-Config
X-Loop
Real-Hostname
X-TNCMS
X-DDC-Arch-Trace
X-Umbraco-Version
X-Cache-Server
X-HOST
X-Generated-By
X-Url
X-LiteSpeed-Cache
X-ServerName
X-Cache-Result
X-Cloud-Trace-Context
X-Tumblr-Pixel-6
X-Cdn
X-MiniProfiler-Ids
Fastly-Debug-Digest
Cartoon
Edge-Control
X-Age
X-Cached
X-Hostname
X-Cached-By
PageSpeed
X-Px
X-Powered-By-360WZB
WZWS-RAY
X-CMS-Version
X-Whom
X-Outils-CS
Surrogate-Control
NS-RTIMER-COMPOSITE
Fpc-Cache-Id
X-DynaTrace-JS-Agent
TCN
Response
X-Forwarded-For
X-WebKit-CSP
X-DynaTrace
X-Sol
X-Middleton-Response
Display
X-Middleton-Display
X-Handled-By
Rt-Fastcgi-Cache
X-AspNetWebPages-Version
X-TTL
X-Varnish-Cache-Hits
Imagetoolbar
DynaTrace
Product
Front-End-Https
ServedBy
X-Recruiting
X-Do-Not-Hack
X-Content-Options
X-Newrelic-App-Data
X-URL
X-Msg-2-Log
X-From
Access-Control-Request-Method
X-BC-Stapler
Fhost
X-Country-Code
X-Servedby
IBM-Web2-Location
X-Micro-Cache
Akamai-IP
X-LiteSpeed-Cache-Control
Alternate-Protocol
X-EC-Security-Audit
Origin
X-NetCat-Version
X-Content-Encoded-By
Page-Completion-Status
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
X-ApacheServer
Generator
X-Varnish-Beresp-Status
X-Returned-From-DLL
X-Passed-To
X-Passed-To-DLL
X-Actual-URL
X-Original-Request
X-Returned-From
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Passed-To-BeforeDispatch
X-Stale
X-Returned-From-BeforeDispatch
X-Passed-To-PostProcessResponse
X-Returned-From-PostProcessResponse
X-Hosted-By
X-Track
X-Expires-Orig
X-Matrix-Server
X-App-Hosting
X-Matrix-Proxy
X-Origin
X-ContextId
X-Varnish-Host
X-FORWARDED-FOR
X-UD-Method
X-Firenze-Processing-Time
X-Varnish-TTL
X-Server-ID
X-Platform
Content-Encoding-Handler
X-Cache-TTL
X-I
Powered
X-Engine
X-Daa-Tunnel
X-PERF
X-Art-Request-Id
X-I-Sp
Host
X-BS
Ag-Send-Time
Ag-Server-Time
X-Version
Ag-Execution-Time
Magicmarker
X-CacheServer
X-Location-Id
X-Abuse
Powered-By-ChinaCache
X-Varnish-Backend
X-S
X-Magnolia-Registration
X-Developer
Content-Hash
ServerName
X-OneAgent-JS-Injection
X-Cache-Rule
Surrogate-Keys
X-Cache-Age
MIME-Version
X-Microcachable
X-Varnish-Cacheable
X-Vtex-Remote-Cache
X-Vtex-Processed-At
X-Response-Time
X-Source
X-Vtex-Processado-Em:
X-VTEX-Cache-Status-Janus-ApiCache
X-Powered-By-VTEX-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
USPLoggingUUID
X-VTEX-Janus-Router-Backend-App
X-Powered-By-VTEX-Janus-Edge
No
X-DefendeR-Status
X-Director
X-Gamma-Serve
X-DefendeR-Runtime
Content-Disposition
Server-Info
X-Request-Time
X-Upstream
X-Cache-Info
X-RESOURCE
X-URLSCHEME
X-Varnish-RemainingTTL
X-Route-Server
X-SDS
X-Goog-Hash
X-Varnish-Seen-By
Node
X-ATG-Version
X-Device-Type
Fastcgi-Cache
X-Duration
X-Translation
X-Cache-Debug
X-Microcache-Status
X-Cache-Control-Orig
X-B-Cache
Lsrequestid
X-CJ-Soft
X-NoCache
X-Cache-Lifetime
X-Cache-Expires
X-DNS-Prefetch-Control
Edge-Control-Message
X-Instart-Request-ID
X-Varnish-Age
X-Speed-Cache-Key
X-Drectory-Script
SN
X-Speed-Cache
X-PwB-Node
Version
Content-Security-Policy-Rerport-Only
X-Geo-IP
X-Server-Id
Location
Nitro-Cache
Proxy-Agent
X-Powered-By-Server
Proxy-Connection
X-Vcap-Request-Id
X-Front
X-Cache-Operation
X-Cookie-Domain
X-Platform-Processor
X-Varnish-GracePeriod
X-Varnish-ObjectSource
X-Varnish-RemainingLife
X-N
X-Platform-Router
X-Revision
X-Zen-Fury
ServerID
X-Rocket-Nginx-Bypass
X-Time
X-FW
X-ServerID
Last-Published
X-Fastcgi-Cache
PICS-Label
X-GeoIP-Country-Code
X-Geo-IP-Country
X-Correlation-Id
X-Geo-IPV
Pics-Label
Arr-Disable-Session-Affinity
X-Storage
Cache-Key
X-Geo-IP-Metro
X-Geo-IP-Region
S
X-GeoIP-Country-Name
Buuteeq-Source
Cache
X-SV-Duration
X-SV-CreatedAt
Webluker-Edge
X-SV-Nginx-Duration
X-SV-FromDBCache
X-Grace
X-SV-Pid
X-Client-IP
X-Akamai-Device-Characteristics
X-LB
X-Akamai-Device-Model
X-Processing-Time
X-Cache-Tags
X-Varnish-Server
X-SV-CacheTags
X-SV-Edge
X-Xrds-Location
RTSS
X-SV-Expires
X-Nurl
X-Nhost
X-NFE
X-Kinsta-Cache
X-Varnish-HitMiss
X-Amz-Version-Id
X-Varnish-Count
X-Content-Age
X-ACMCache
MJ12bot
SEOMOZ
X-Cache-Key
X-Hypernode
CC-CACHE
Req-Id
X-Server-Upstream
X-Orig-Vary
SVR
X-NB-Cached-Page
Filter-Revision
X-SE-Debug
X-CDN-Node
X-Varnish-IP
X-CDN-Cache-Status
X-Platform-Cache
X-Page-Cache
X-VARNISH-Cache
X-Edge-Location
X-Dispatch
Retry-After
Accept-Encoding
Accept-Charset
X-AOL-HN
X-Mobilized-By
X-ClientSide-Caching
X-Purge-URL
X-Real-Server
X-Server-Response-Time
W
X-Yadis-Location
X-Processed-By
X-Application-Context
Srv
X-StackifyID
Nodo
Qs-Cache
X-UPSTREAM
X-Config-Blacklist-Version
X-WEBSERVER
X-Frontend
X-App-Server
X-Varnish-Hits
COMMERCE-SERVER-SOFTWARE
X-Origin-Id
HAVer
HCVer
NetMindSessionID
Logging-CorrelationId
X-Nitra-Side
X-PF-Uncompressing
X-Server-Start-Time
X-Framework
X-Yottaa-Metrics
X-Yottaa-Optimizations
X-Varnish-Hostname
A-Powered-By
Backend
X-Config-By
Mobiquo-Is-Login
X-Mobile-URL
X-Purge-Host
X-Blog
Author
X-Nginx-Host
NODE
X-Trace
X-Directory-Script
X-Browser
WSR-Cache
X-NginX-Node
X-AbeBooks-Version
X-Cache-Engine
Cm-Server
X-NginX-Upstream-Status
X-NginX-Upstream-Addr
SSPAppContext
Content-Transfer-Encoding
X-NginX-Upstream-Response-Time
X-LW-Web-Server
X-CDN-Forward
X-Highwire-SessionId
X-Highwire-RequestId
X-SmartBan-Host
X-Sys-Req-ID
X-Discourse-Route
X-SmartBan-URL
X-Empowered-By
IISExport
X-GeoIP
X-Cache-Doesi
Frame-Options
X-Garden-Version
AMF-Ver
X-Twitter-Response-Tags
X-PG
Front
X-Transaction
X-ARC
X-Plat-Be-Ip
X-Plat
X-Connection-Hash
X-BKSrc
X-Member
Section-Io-Id
Cached
X-Edge-IP
X-LB-Server
Host-Service
X-Grid-Server
X-NginX-Cache
X-Plat-Va-Ip
X-IsCacheURL
X-Debug
X-Cache-Fix
X-Cache-PageType
X-Ttl
Backend-Timing
X-IIJ-Cache
X-Analytics
X-Cocoon-Version
X-XTM-Node
Id
CacheControlHeader
X-Supported-By
X-Machine-Name
X-F-Cache
Allow
X-Session-Reinit
Thanks
X-Worker
Pool-Info
Keywords
X-TempDebug
X-Adobe-Content
X-V
X-Nginx-Cache-Status
X-Adobe-Loc
Head
Myheader
X-AOL-SNH
X-Resolver-IP
Server-Name
X-NginX-Server
X-Flow-Powered
IM-Version
X-Real-IP
WWW-Authenticate
X-Airee-Node
X-Amz-Meta-S3cmd-Attrs
X-Dispatcher
SRV
X-Cache-Control
XDomainRequestAllowed
X-NginX-Cache-Status
Eomportal-Instance
X-Varnish-Ttl
X-TTFB
X-SmugMug-Values
X-TTFB-L
CT
X-HW
X-Jphone-Copyright
X-SmugMug-Hiring
X-ORACLE-DMS-ECID
A
X-Prefetched
X-EDGECONNECT-GUID-DEBUG
X-Balanceador
VAR-Cache
BALANCEDTO
X-Hosts-Backend
Smug-CDN
Ibf5scheme
X-Varnish-Debug-Age
Rewriter
X-BackendServer
X-Env
X-WR-Flags
Cneonction
Ram
X-Symfony-Cache
X-Client-Image-Vid
X-Client-Vid
X-EPiphany-Vid
X-Dynatrace
X-Amz-Storage-Class
Cpu
X-Atraveo-Zone
X-Atraveo-Varnish-Server-Id
X-Atraveo-TTL
X-Atraveo-Param-Rm
X-Vary-Options
X-WP
Noq
X-Smartcache-Keys
X-Smartcache-Timeout
X-Atraveo-From-Varnish-Cache
X-Atraveo-Set-Cookie
X-Trace-Id
X-Atraveo-Cache-Control
Mime-Version
X-Atraveo-ETag
X-Vhost
X-JG-Page-Cache
X-Atraveo-Expires
X-Frames-Options
X-Source-ID
X-HP-Trace-ID
X-Captured
X-Force
X-Unique-Id
X-Provisioner-Version
X-RiS-UFDI
X-PRAM
ORIGIN
Referrer-Policy
X-HP-Trace-Project
X-App-Status
X-Webstats-RespID
X-Unique-ID
X-Domain-Checked
X-Nginx-Cache
X-WA-Info
X-Pagename
S-Cnection
D
X-Optimization
X-Hit-Cache
Ngpass-Vcall
X-Varnish-Debug-TTL
X-Sucuri-ID
SBGI-9
X-Dns-Prefetch-Control
SBGI-RenderTime
SBGI-RealPath
SBGI-Device
Beyond-Iis
P-LB
X-Dev
P-WS
X-Distributor
X-FIRSTBase
X-DealerOn
X-Cms-Mode
Worker
Bios
X-Varnish-Grace
X-Magento-Tags
SBGI-7
X-SRV
X-HOSTNAME
SBGI-1
SBGI-5
HitInfo
X-Server-IP
MW-Webserver
X-ID
X-ServerIndex
SBGI-10
Dynatrace
Servername
X-Distributed-By
Set-Cookie2
CLMOB
X-Ob-Mode
Ksid
Description
X-Avvio-Cms-Cacheload
X-GUploader-UploadID
Web
X-Goog-Storage-Class
X-Goog-Metageneration
X-Goog-Generation
X-CB-Server
X-Goog-Stored-Content-Encoding
X-Webcelerate
Prxy
X-Goog-Stored-Content-Length
X-Detected-Device
X-Key
Real-Server
X-SDE-Name
X-MrHost
X-Runtime-Affili
X-REDIRECTSERVER
X-Id
CmsCacheEngine
X-SV
Cmstype
Cmsid
X-Rack-Cors
X-Ser
X-HTML-Minification-Powered-By
NLCacheNote
X-Varnish-Instance
MC
X-Srv
X-Esi
X-Varnish-RemainingGrace
X-Header
From
X-DOM
X-Cache-Set
X-Signature
X-EdgeConnect-MidMile-RTT
X-Phpwcms-Page-Processed-In
Actual-Object-TTL
X-Server-Instance
X-Secret
X-EdgeConnect-Origin-MEX-Latency
X-Phpwcms-Release
Backend-Node
Content-Server
X-RDP
Access-Control-Request-Headers
X-MAT-GEO
X-DTC
X-Cache-Level
X-Rot
SS
X-Rebelmouse-Cache-Control
X-Unbounce-Variant
NnCoection
X-Accel-Expires
X-Actindo-RS
X-Desc
X-Invoke-Duration
X-Unbounce-VisitorID
X-Rebelmouse-Surrogate-Control
X-Fstrz
Accept-Language
X-Response
Cluster-ID
OT-RequestId
AsisCache
N365rili
X-Sov
X-Pressidium-NinukisWP-Ver
VnhCdn-Status
Cache-Rule
X-Unbounce-PageId
X-GSL-Server
X-DSMX-Render-MS
X-DSMX-Rewrite-MS
Warning
Fw-Via
ScoreTracker
X-ASAP-Cache
X-Cache-Var
X-Restarts
X-B2f-Not-Route
X-B
X-Hiawatha-Cache
X-Cache-On
X-Lifetime
X-Cache-Source
X-Cache-Provider
X-7d-Trace-Id
Sid
X-Site:
Proxy-Cache
Ec
Device-Type
X-Apm-Telemetry-Syncmark
X-T3CacheTags
Imx-Cookies-Used
X-7d-Instance-Id
X-Clara-ASAP
X-Pagely-Cache
Paypal-Debug-Id
X-Server-By
Resin-Trace
X-T3CacheInfo
X-Cache-Var-Map
Sophnep-Edge-FX
X-Cache-Node
X-T3Cache
X-We-Are-Hiring
X-Nginx
X-RequestId
X-Magento-Action
Serverid
X-SSL-Cipher
X-SSL-Protocol
X-Backend-Name
Ctx
CommunityServer
MageStack-Area
ServerSignature
ServerTokens
WP-AdvCache-MemCached
X-Upstream-Backend
X-VC-TTL
MageStack-Config
MageStack-Tag
MageStack-PageSpeed
MageStack-Web-Node
X-Ratelimit-Remaining
Xc
X-Rack-CORS
MageStack-Loadbalancer
MageStack-Debug
MageStack-Cache-Lifetime
MageStack-Cache-Hits
MageStack-Cache
MageStack-Cache-Status
MageStack-Cacheable
X-Ocache
X-Oracle-DMS-ECID
X-Enhanced-By
X-Environment
X-Varnish-Action
X-Platform-Server
Nginx-Cache
Pool
X-Hstore
X-Hrouter
X-DN-Cache-Control
X-DN-GyrobaseID
Copyright
X-Amz-Id-1
X-Middleton-PageSpeed
Il-Cl
X-OPNET-Transaction-Trace
WFE
X-Varnish-URL
X-Appmachine-Environment
Ttl
X-Search-Id
T
DrivedBy
If-Modified-Since
X-Remote-Addr
X-Turpentine-Cache
X-Varnish-Set-Cookie
X-Varnish-Store
X-Varnish-Esi-Method
X-Varnish-Esi-Access
X-Varnish-Currency
B-Powered-By
X-Tile-Url
Atp-Isdpp
Cteonnt-Length
X-SID
X-CSRF-TOKEN
X-OCTOPOD
X-Varnish-Error-Restart
Fastly-Restarts
Max-Age
X-Varnish-Backend-Healthy
X-NewRelic-App-Data
X-Is-Mobile
X-HAProxy
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-LW-T
X-Content-Security-Policy-Report-Only
Og
X-FastCGI-Cache
X-Timing
Kanooh-Host
X-Time-Microsecs
GenSvr
X-HITS
X-Author
X-Generated
X-Runtime-Memory
X-Info
X-Bcwwwid
X-Node-Name
X-AISO-Server
X-AccessDev
NS-VaryByCustom-Key
X-Litespeed-Cache-Control
X-TB-M
X-Turpentine-Esi
X-Rewritten-By
X-Stage
IsMobile
X-Healthy
X-Seschat-URL
Content-Generator
INCOMING-TIME
Server-Ip
X-ManagedFusion-Rewriter-Version
M
User-Cache-Control
X-4ormat-Cacheable
X-RealServer
VServer
X-APP
X-SeschatTemplateID
X-DEBUG
Server-Id
Mto-License-Status
X-Hosting
X-SeschatRedID
X-SeschatLayout
X-ACCELERATE
X-Cluster-Node
Provider
PServer
NZSpeedy
X-SeschatDID
HOST-SERVICE
X-COUNTRY-CODE
X-Wikidot-Static-Cache
X-AWS
X-Wikidot-Backend
X-WHOIS-Cached
Brandcast-Brand-Id
X-Wm-1
At-Shoptype
Session-Id
X-WR-MODIFICATION
At-Isb
X-Wm-VIP
Brandcast-Load-Balancer
X-ProxyInstancename
F5-IpCliente
X-Router
X-Router-Backend
X-Status
X-RAMCache
X-Old-Content-Length
Cache-Status
ClientIP
X-Jcms-Ajax-Id
X-Nginx-Request-Time
X-OpenCart-Lightning
RouteID
X-Hosting-Env
X-MSU-SOURCE
X-PoolMember
X-Serendipity-InterfaceLang
X-FreeTag-Count
X-GRACE
Version-Epoch
RN-Server
X-Forwarded-Proto
WSCLoggingUUID
QC-Time
X-Serendipity-InterfaceLangSource
X-WorkerInstancename
CIPHER-NAME
Content
Progma
X-Render-Time
Cache-Control:
X-SilverStripe-Cache
QC-Key
APP-VERSION
QC-Hit
X-UseReverse-Proxy
X-E
Url-Hash
X-Clx-Request
X-Farm-Server
X-ORACLE-DMS-RID
VC-NoCache
X-Domino-CacheValidationWithETagResult
X-Application
X-Security
Powerd-By
X-A
X-Domino-CacheValidationWithETagReason
X-Varnish-Cache-Local
E-TAG
Expire
SAVVIS
X-Custom-Header
X-This-Proto
X-ACLR-Version
TP-L2-Cache
TP-Cache
X-IP-Address
X-Catalyst
X-Not-Cacheable
X-NewsFlow-Sitename
X-Cache-Device-Type
X-Cache-Keep
X-Cache-TTL-Remaining
X-CacheResult
X-Cache-2
X-Depends
X-Webapp
XDisk
Gzip
X-EPiLogOnScreen-PostUrl
X-Contact
X-Company
X-Cache-Action
X-Box
X-EPiLogOnScreen
X-NewsFlow-DoCache
X-Cache-Extended
X-CDN-COMPRESS
X-Faeria
X-Fedora-School-Id
X-Firewall
X-Cluster-Host
X-Mobile
Fastly-Backend-Name
X-N-ViewType
X-Requested-Page
X-Vhost-ID
Expiries
X-Hcom-Styx-Info
X-FFX-B
BKREF
MageStack-Cache-Warning
X-Ar-Debug
X-ESI-Enable
Cdate
Host-Name
Hamster
X-Device-Group
X-HostName
X-Flex-Community
Www.Aujourdhui.Com
RequestId
NtCoent-Length
Apachenode
PowerCDN
X-Proxy-Cache-Key
X-ASAP-Age
X-DataDome
X-Src-Webcache
X-Server-Addr
X-EZPublish-InstallationID
X-T
X-Artvisual-Server
Note
Edgecast
Vacache
X-App
X-EZPublish-NodeID
X-Proto
X-PBY
X-RequesterIP
X-Bypass-Ssl-Transform
X-Span
X-FCMS-Cache
DB-Nickname
X-Gannett-Site-Version
X-Hit
X-Litespeed-Tag
X-Flex-Evend
X-ATP-Server
X-CCM
X-Cms-Server
X-Does-He-Have-Time
X-Dw-Trace-Id
X-Beatles-Hits
Be
ServerIP
X-Flex-Evstart
X-Route
X-Amz-Meta-Cb-Modifiedtime
X-MCF-ID
Http
User-Agent
Apache
X-Your-GrandPa-Would-Wait
X-TTL-Age
X-Would-Your-GrandPa-Wait
X-Nocache
X-Gyrobase-Publication
X-ETag
X-Max-Age
X-Xhr-Current-Location
X-Obr-Rule
X-Pb-Mii
X-HP-CAM-COLOR
X-Hash
X-Flex-Lang
X-Flex-Lastmod
X-Flex-Tag
X-Flex-Tags
X-PM-ID
X-Mii-Cache-Hit
X-Powered-By-Home.Pl
X-Uid
X-RateLimit-Remaining
X-Cache-Me-Harder
X-Pj-Cache-Status
X-Mod-Oboe-PS
Aoestatic
X-DDM-SERVER-UPDATED
X-DDM-SERVER
Orgin-Server
Public-Extension
X-Time-Spent
Exires
Redirect
ResourceTag
X-VC-Enabled
LB
X-Cache-Via
HA-Front
TMP
RSL-Trace-ID
Beon-Cache-Status
Web-Head
X-Powered-By-Anquanbao
X-Content-Type
X-Checkout
X-Cache-Ua
X-DB-Content-Length
X-HA
X-Pj-Cache-Expires
X-Original-Host
X-B3-Traceid
X-DB-NAR
WWW
X-Varnish-Max-Age
X-Title
X-Fpc
X-W3TC-Minify
MageStack-Cacheable-Reason
SLB
MageStack-Response-Ttl
X-Pj-Cache-Flags
X-Pj-Cache-Gzip
X-Cache-ID
X-Backend-TTL
Lookup-Cache-Hit
X-DEBUG-TTL
BlockPHPCallEnd
X-Pixelsilk-Server
X-NewCloud-V-Cache
Content-Instance
Cleartype
X-Logword
X-Pj-Cache-Time
X-Pj-Cache-Key
X-ProcessTime
X-Reason-Bp
X-Varnish-Cache-Control
X-Transaction-Id
X-Pixelsilk-Version
XX
X-HASH
X-Geo
X-LS-DEBUG
X-ProcessESI
X-Cache-Ttl
X-RemovedCookies
X-DeliveryServer
X-Client-Ip
X-9XB-Server
X-WebNode
X-AREQUESTID
X-ASEN
X-CDN-Any-IP
X-AUSERNAME
HA-Cloudapp
HA-Geocity
NKBVHEADER
HA-Urlpath
X-Capoed
WebServer
X-CPU-Time
X-Built-With
HA-Servedtime
HA-Ipaddr
HA-Geolat
HA-Geocountry
HA-Geolon
HA-Georegion
HA-Host
X-PS-MURDOCK-ORIG-PROTOCOL
X-PS-MURDOCK-ORIG-FILEEXT
X-VCS-Billing
X-Tradeindia-SMgmt
X-VCS-Cache-Server
X-VCS-Cacheable
X-VCS-Host
X-VCS-Hit
X-Tradeindia-Request-GUID
X-Tags
X-PF-CACHE-FAILED
X-Pageid
X-Provided-By
X-Session-ID
X-SuperCache
X-Site-Name
X-VCS-Nrhit
X-VCS-Status
X-CACHE-TTL
X-Beresp-Ttl
X-LOCATION
X-Obj-Ttl
X-PS-MURDOCK-CASE-NORMALIZATION
X-POPSUGAR-Server-Name
Server-ID
ReqUrl
X-VCS-Url
X-VCS-Ttl
X-Zendesk-Origin-Server
X-Zendesk-User-Id
X-Rq
X-Magento-Lifetime
X-Goog-Meta-Replace
X-ESI
X-Expose-Generated
X-Cache-Handler
X-Apache2-RT-MicroSec
Thinkindot-CacheControl-Type
Thinkindot-Control
X-Expose-Hostname
X-Expose-Site
X-Nginx-VM-RT
X-Original-IP
X-Matched-Rule
X-Highwire-Sitecode
X-Expose-Took
X-Feed
Thinkindot-CacheControl
REFRESH
X-MOBILE
LBC
X-Nginx-Page-Cache
X-Location
X-Ghost-Cache-Status
X-JSESSIONID
X-Do-Esi
LBVIS
Debug-Status
AC-ELC
X-FG-RequestId
X-Compressed-By
Served-From
X-SATserver
Origin-Server
X-Powered-Developer
X-Test
X-TargSmaku
WP-Cache
Fpc-Expire
SERVER-IP
X-Mobile-Device
X-Memcached
X-Accel-Cache-Control
V-Cache
Dispatcher
X-Batcache
X-FarmId
Ews
Pw-Value
X-MCB-Server
X-NGINX-Cache
X-IP
X-BC
X-Theme
Aurora-Node
X-Protected-By
X-VhostID
X-BeResp-Ttl
X-Web-Node
X-DynamicCache
X-Cache-Served
OutputRewritten
X-CO-Host
X-AppServer-Cache-Rule
X-Venda-Hitid
X-RSS-CACHE-STATUS
DeleGate-Ver
Disablevcache
HostName
EXT-CACHEEXPIRE
X-Cache-Why
X-AG-MIPS
AGI-Request-ID
X-UA
CD1
Hosted-By
MwpReleaseVersion
Machine
VANITY-HOST
X-Built-By
X-BPool
Language
X-BServer
X-Cacheable-TTL
X-Layout
X-Distil-CS
X-VARITI-CCR
X-UUID
X-Orig-Host
X-Content-Parsed-By
X-Pubstack
X-Request-Processing-Time
X-Request-Received
X-SL-Notranslate
X-SL-Norewrite
"
From-Origin
X-UltraCart-Server-Round-Trip
X-UltraCart-Inject-Critical-Path-CSS
X-UltraCart-Critical-Path-CSS-Injected
X-UltraCart-Critical-Path-CSS-Key
P
SiteName
X-AISO-Cacheable
X-AppServer-Status
X-AISO-Cache
X-Server-Generated
X-Server-Instance-Name
X-Sn-Servicetimems
X-Sentry-Token
X-Goog-Meta-Policy
X-Cache-Backend
X-Instance-Name
X-Meta-Imagetoolbar
X-Meta-MSThemeCompatible
X-Meta-MSSmartTagsPreventParsing
Svr
MSThemeCompatible
X-Ratelimit-Limit
X-Ratelimit-Reset
Content-ID
Httpd-Identifier
MSSmartTagsPreventParsing
X-Region