Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
ETag
Link
X-Pingback
P3P
X-AspNet-Version
X-Content-Type-Options
X-XSS-Protection
X-Cache
X-Frame-Options
Content-Language
Age
X-Adblock-Key
X-UA-Compatible
CF-RAY
Via
Keep-Alive
X-Template
X-Language
X-Check
X-Varnish
X-Cacheable
X-Buckets
Access-Control-Allow-Origin
Content-Location
Strict-Transport-Security
X-Generator
X-Drupal-Cache
Status
X-Ac
X-Hacker
X-AspNetMvc-Version
X-Powered-By-Plesk
MS-Author-Via
X-Request-Id
WP-Super-Cache
X-Runtime
X-Geo
X-Geo-Port
X-Type
X-Cache-Group
X-Pass-Why
X-Powered-CMS
X-Pad
X-Mod-Pagespeed
Ngpass-Ngall
P3p
X-Cache-Hits
Access-Control-Allow-Credentials
Host-Header
X-UA-Device
X-Logged-In
X-Iinfo
X-Host
X-Via
Content-Security-Policy-Report-Only
X-Backend
X-ShopId
X-Dc
X-ShardId
X-Alternate-Cache-Key
X-Tumblr-User
X-Tumblr-Pixel
X-Tumblr-Pixel-0
X-Server
Access-Control-Allow-Headers
MicrosoftOfficeWebServer
X-Tumblr-Pixel-1
Access-Control-Allow-Methods
X-Served-By
X-ServedBy
X-CDN
X-Tumblr-Pixel-2
X-ContextId
X-Cache-Lookup
MicrosoftSharePointTeamServices
X-Cache-Hit
X-Rack-Cache
X-PC-Key
X-PC-Hit
X-Request-Country
X-Robots-Tag
X-Port
SPRequestGuid
X-SharePointHealthScore
X-Accel-Version
X-Varnish-Cache
Content-Encoding
X-XRDS-Location
X-BC-Is-HA
X-PC-Host
X-PC-AppVer
X-PC-Date
X-FRAME-OPTIONS
X-MS-InvokeApp
X-Tumblr-Pixel-3
X-Page-Speed
X-Safe-Firewall
X-Webserver
X-Amz-Cf-Id
Powered-By
X-Cnection
X-PhApp
X-INKT-SITE
X-INKT-URI
X-Ua-Compatible
X-FullPageCaching
Content-Security-Policy
X-AH-Environment
X-W-DC
Composed-By
X-Seen-By
X-Wix-Renderer-Server
X-Wix-Request-Id
X-Served-From-Cache
Served-By
X-Firenze-Processing-Times
X-Request-ID
X-Timer
X-Cache-Status
CF-Cache-Status
X-Turbo-Charged-By
X-GitHub-Request-Id
Request-Id
X-Content-Digest
Public-Key-Pins
Liferay-Portal
SPIisLatency
SPRequestDuration
Rating
X-Styx-Build-Num
X-Styx-Build-Sha
X-Styx-Req-Id
X-Styx-Build-Date
X-Pantheon-Styx-Hostname
X-Styx-Version
X-Pantheon-Endpoint
X-SERVER
X-CF-Powered-By
X-Spip-Cache
X-Node
X-Amz-Id-2
X-XN-Trace-Token
X-XN-XNHTML
X-Cache-Enabled
X-Amz-Request-Id
X-Tumblr-Content-Rating
X-Tumblr-Pixel-4
X-Hyper-Cache
Permitted-Cross-Domain-Policies
X-HeyJason
Cf-Railgun
Cartoon
Content-Script-Type
X-Server-Name
Content-Style-Type
X-Cache-Info
X-Proxy-Cache
X-Powered-By-360WZB
X-Umbraco-Version
X-Clacks-Overhead
Refresh
Timing-Allow-Origin
X-FB-Debug
X-Cache-Server
Alternate-Protocol
X-CDN-Any-IP
X-CDN-Geo
X-CDN-Geo-IP
X-VCache
Public-Key-Pins-Report-Only
X-Cache-Result
X-Cached-By
X-TN-ServedBy
Real-Hostname
X-Loop
X-PHP-Engine
X-Device
Charset
X-Url
X-Age
X-FW-Hash
X-Px
X-FW-Type
X-FW-Serve
X-FW-Static
X-TNCMS
X-PersistenceNode
X-DynaTrace-JS-Agent
X-Microcachable
X-Cached
X-Tumblr-Pixel-5
X-Hits
NS-RTIMER-COMPOSITE
X-Swift-SaveTime
X-Swift-CacheTime
EagleId
X-Outils-CS
TCN
X-Hostname
X-Fastly-Request-ID
X-Permitted-Cross-Domain-Policies
X-Generated-By
Alt-Svc
Proxy-Connection
Magicmarker
X-Jimdo-Pid
X-Jimdo-Wid
Access-Control-Max-Age
X-User-Agent
X-From
X-Backend-Server
Response
X-Forwarded-For
X-DynaTrace
X-Cache-Config
X-Content-Security-Policy
X-DDC-Arch-Trace
Page-Completion-Status
X-Msg-2-Log
Grace
X-CMS-Version
X-Sol
X-Middleton-Response
X-Middleton-Display
Display
X-Whom
X-Content-Encoded-By
Imagetoolbar
Generator
Product
X-MiniProfiler-Ids
X-Content-Options
Surrogate-Control
Content-MD5
X-Micro-Cache
X-Matrix-Server
X-Matrix-Proxy
Powered-By-ChinaCache
X-Handled-By
IBM-Web2-Location
X-Mobilized-By
X-FORWARDED-FOR
Fastly-Debug-Digest
X-Expires-Orig
X-Firenze-Processing-Time
ServedBy
X-AspNetWebPages-Version
X-ARC
X-Country-Code
X-Version
X-URL
X-App-Hosting
X-Varnish-TTL
X-Tumblr-Pixel-6
X-Gateway
X-AWS-Id
X-LJ-Flow-ID
X-LiteSpeed-Cache
X-VWS-Id
X-Beta
X-Varnish-Backend
Fpc-Cache-Id
DynaTrace
Cxy-All
X-I
Upgrade
CC-CACHE
X-Returned-From-DLL
X-Returned-From
X-Returned-From-BeforeDispatch
X-Varnish-Host
X-Passed-To-BeforeDispatch
X-Passed-To
X-Original-Request
X-ApacheServer
X-Passed-To-PostProcessResponse
X-Actual-URL
X-Returned-From-PostProcessResponse
X-Passed-To-DLL
Rt-Fastcgi-Cache
Retry-After
X-SDS
X-Processed-By
Access-Control-Request-Method
Node
PageSpeed
X-Director
Proxy-Agent
Content-Encoding-Handler
Pics-Label
X-WebKit-CSP
Ngpass-Vcall
X-UD-Method
X-Instart-Request-ID
Thanks
Lsrequestid
X-Hosted-By
X-Nitra-Side
X-ATG-Version
RTSS
X-Stale
X-Duration
Content-Disposition
X-Varnish-Age
Fhost
X-Track
X-Srv
Akamai-IP
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
SID
X-Cache-Debug
X-PERF
X-Cache-Rule
X-ServerName
MIME-Version
X-Time
VAR-Cache
X-Cache-TTL
NODE
X-NoCache
X-Cache-CFC
X-Varnish-Hits
X-Cache-Expires
X-S
ServerID
X-PwB-Node
Host
Powered
X-PF-Uncompressing
X-Purge-Host
Access-Control-Expose-Headers
X-TTL
SN
ServerName
X-Upstream
X-CacheServer
X-Location-Id
X-Server-ID
S
X-Ttl
IISExport
Cache
Edge-Control
X-Varnish-Cache-Hits
X-DNS-Prefetch-Control
X-Cache-Age
Accept-Encoding
X-Art-Request-Id
X-Powered-By-Server
X-FW
X-Varnish-Cacheable
X-Cookie-Domain
X-Amz-Meta-S3cmd-Attrs
X-Cache-Control-Orig
X-BackEnd
COMMERCE-SERVER-SOFTWARE
X-Powered-By-Anquanbao
X-ServerID
Location
X-Front
X-BS
Accept-Charset
X-Varnish-IP
X-I-Sp
X-Response-Time
X-Vtex-Remote-Cache
Server-Info
X-Varnish-Hostname
X-Purge-URL
X-Vtex-Processed-At
X-Vtex-Processado-Em:
X-Powered-By-VTEX-Janus-Router
X-Powered-By-VTEX-Janus-Edge
BDPAGETYPE
BDQID
X-VTEX-Cache-Status-Janus-ApiCache
X-Drectory-Script
X-VTEX-Janus-Router-Backend-App
No
X-Powered-By-VTEX-Janus-ApiCache
X-VTEX-Cache-Status-Janus-Edge
X-CJ-Soft
Buuteeq-Source
Server-Name
WWW-Authenticate
X-Distil-CS
X-Speed-Cache
BDUSERID
X-Route-Server
X-FIRSTBase
X-Speed-Cache-Key
Webluker-Edge
X-App-Status
X-GeoIP-Country-Name
Filter-Revision
X-GeoIP-Country-Code
X-Do-Esi
X-Yadis-Location
X-Recruiting
Srv
X-Vary-Options
X-Geo-IP
X-Loc
X-VARNISH-Cache
X-Cache-Operation
X-Zephyr
X-Trace-Cache
X-Microcache-Status
X-Cache-Tags
X-Blog
X-Frontend
X-Device-Type
X-Translation
X-App
X-ACMCache
X-Origin
X-Daa-Tunnel
X-Secret
NtCoent-Length
X-Directory-Script
SEOMOZ
PICS-Label
X-Session-Reinit
Content-Hash
X-Do-Not-Hack
MJ12bot
Sprequestguid
Cm-Server
X-Sharepointhealthscore
Backend
X-Symfony-Cache
Cache-By-Node
X-Highwire-SessionId
X-SmartBan-Host
X-Highwire-RequestId
X-SmartBan-URL
Qs-Cache
X-BackendServer
X-Geo-IP-Country
X-Geo-IP-Region
X-Geo-IP-Metro
X-N
X-Developer
X-Gamma-Serve
X-ClientSide-Caching
A-Powered-By
X-Provisioner-Version
X-Geo-IPV
X-Domain-Checked
X-Client-IP
Origin
X-Goog-Hash
AMF-Ver
X-Grace
Frame-Options
X-WR-Flags
Sfy
Content-Transfer-Encoding
Lfy
X-Trace
X-Cocoon-Version
Host-Service
Nodo
RATING
NetMindSessionID
X-CDN-Node
X-CDN-Cache-Status
Arr-Disable-Session-Affinity
X-Adobe-Content
X-Adobe-Loc
X-Orig-Vary
X-Libra-UpstreamHost
LBVIS
X-Empowered-By
Front-End-Https
X-DefendeR-Runtime
Author
X-Fastcgi-Cache
X-Bettercache-Proxy
X-DefendeR-Status
X-Varnish-Server
X-Yottaa-Optimizations
X-Ms-Invokeapp
X-Magnolia-Registration
X-Yottaa-Metrics
Req-Id
Mobiquo-Is-Login
X-Sys-Req-ID
X-Edge-Location
X-Distributed-By
S-Cnection
X-Download-Options
X-Real-Server
X-Xrds-Location
CT
X-TempDebug
Version
X-UPSTREAM
X-Object-Type
X-Gannett-Site-Version
Id
X-Object-Id
X-Src-Webcache
X-Varnish-Count
X-Cache-Lifetime
CacheControlHeader
X-Varnish-HitMiss
X-Debug
X-Origin-Id
X-WA-Info
Smug-CDN
SVR
X-ID
Last-Published
X-Varnish-Action
X-Prefetched
X-TTFB-L
BM-Cache-Node
BM-Cache-Key
X-Server-Instance
X-TTFB
X-SmugMug-Values
X-SCProxy
X-Drupal-Dynamic-Cache
X-SmugMug-Hiring
X-Env
Pool-Info
X-Amz-Version-Id
X-Id
X-W3TC-Minify
X-FreeTag-Count
X-ServerCache-Info
Sophnep-Edge-FX
X-Engine
X-Atraveo-ETag
X-Machine-Name
X-Atraveo-Param-Rm
X-B2f-Cache-Load
Mime-Version
X-Amz-Storage-Class
BM-Cache-Status
X-Atraveo-Cache-Control
X-Cache-Control
X-Atraveo-Zone
X-Atraveo-Varnish-Server-Id
X-Atraveo-TTL
X-Atraveo-Set-Cookie
MW-Webserver
X-Atraveo-From-Varnish-Cache
X-Abuse
X-Atraveo-Expires
X-Cf-Requestid
X-Old-Content-Length
X-Storage
W
Beyond-Iis
X-SE-Debug
X-Garden-Version
X-PRAM
Cneonction
X-Cache-On
X-Server-Id
X-ORACLE-DMS-ECID
X-NetCat-Version
X-Source-ID
X-Varnish-Debug-Age
X-Force
X-Req-Host
X-Resolver-IP
X-Expires
X-Amz-Id-1
SiteName
X-Uid
X-JG-Page-Cache
X-Edge-IP
X-NginX-Cache
XDomainRequestAllowed
ORIGIN
X-AOL-SNH
X-AWS
SS
X-Revision
X-Distributor
Ec
HAVer
HCVer
LBC
WFE
Hamster
X-Full-URL
BALANCEDTO
X-Unbounce-PageId
X-SDE-Name
Fastcgi-Cache
X-GeoIP
X-EBAY-C-REQUEST-ID
X-Unbounce-Variant
X-Plat
X-Cache-Action
X-Unbounce-VisitorID
RlogId
ScoreTracker
X-Content-Age
Nitro-Cache
MIH-CLIENT-FARM
X-Detected-Device
Spiislatency
NnCoection
X-Who
Keywords
X-Nginx-Host
MIH-PLATFORM
Sprequestduration
SRV
X-APP
From
MIH-PUBLIC-IDENTIFIER
X-Stage
X-Max-Age
X-Pagename
X-Dev
X-Varnish-ID
X-Hit-Cache
X-NFE
X-Phpwcms-Page-Processed-In
X-Nhost
X-Nurl
Machine
WP-AdvCache-MemCached
X-Phpwcms-Release
X-Farm-Server
X-NginX-Server
X-SERVER-ID
X-HOSTNAME
X-Grid-Server
BrandBucket-Domain
X-Bcwwwid
Description
X-Twitter-Response-Tags
X-SV
X-Remote-Addr
NLCacheNote
X-Connection-Hash
Accept-Language
X-PBY
X-Source
X-ManagedFusion-Rewriter-Version
X-Airee-Node
X-Transaction
X-Cache-Set
X-Rewritten-By
X-ChromeLogger-Data
Www.Mirrorgate.Se
X-Site:
Cluster-ID
B-Powered-By
Edgecast
Www.Myjob.Se
Hash
X-EPiLogOnScreen
X-BLSR-COST
X-Response
OT-RequestId
CommunityServer
X-HostName
Nodeid
X-ServerIndex
X-Built-By
P3P:CP
Cache-Rule
Open.Jobgate.Se
X-Invoke-Duration
X-SSL
X-T3Cache
Jobb.Passal.Se
Jobb.Gil.Se
X-T3CacheTags
Jobb.Assistentpoolen.Se
X-ATM-RServer
X-ATM-RTime
X-CacheTTL
Test.Executivepeople.Se
X-DTC
X-AIA-Log
PROPSON-FARM
Www.Mabracertifiering.Se
No-Cache
X-Actindo-RS
X-J-Proxy
X-Kirra-SiteId
X-Varnish-Device
Set-Cookie2
X-Varnish-Debug-TTL
X-J-Proxy-Hostname
X-J-Proxy-Servername
Ksid
X-Webstats-RespID
X-N-ViewType
X-Middleton-PageSpeed
X-Rack-Cors
X-Jphone-Copyright
BM-CountryCode
Apache
X-EPiLogOnScreen-PostUrl
X-Server-Node
X-CCC
X-REDIRECTSERVER
X-CID
Cache-Id
X-DPWN-IS-SECURE
Pool
X-B2f-Not-Route
X-XTM-Node
SIP
Worker
Cache-Ctrol
FROM-SERVER
Vacache
X-Info
X-Is-Mobile
X-Cms-Mode
X-EPiphany-Vid
Fastly-Backend-Name
X-SV-Edge
X-SV-FromDBCache
X-SV-Duration
Warning
X-SV-CacheTags
X-Cache-Doesi
X-Frames-Options
X-SRV
X-SV-CreatedAt
X-WorkerInstancename
X-Client-Vid
X-Block
Y-Trace
X-Channel-Maxage
SSPAppContext
X-Ruxit-JS-Agent
Rt-Server
X-Trace-App
X-Author
Content-Instance
X-Render-Time
X-Powered
Backend-Name-Original
Prxy
X-AISO-Cache
X-GC-Pointer
X-GC-Read
X-Catalyst
TP-Cache
X-GC-App
Encoding
X-DSMX-Rewrite-MS
X-ESI-Enable
X-DSMX-Render-MS
X-AISO-Server
X-AISO-Cacheable
X-Cache-Engine
X-GC-Write
X-Optimization
X-Hash
No-Cookie
BM-Cache-Bypass
X-FFX-B
CtExclusions
X-ACCELERATE
TP-L2-Cache
X-Powered-Developer
X-GSL-Server
Ibf5scheme
Countrycode
PServer
Disaptch-Cache-Rule
X-Real-IP
MachineName
Ttl
X-Processing-Time
X-Worker
X-Would-Your-GrandPa-Wait
X-Venda-Hitid
X-HeBS-Cache-Status
X-Your-GrandPa-Would-Wait
X-T3CacheInfo
X-Ar-Debug
SERVER-IP
Acdc-Web
Sss
X-TTL-Age
X-Compressor
X-Vhost-ID
X-CacheResult
Disablevcache
X-Key
X-Domino-CacheValidationWithETagResult
X-Span
-GCR
X-Edge-V
X-Nginx
X-Server-IP
Web-Server
Provider
X-Domino-CacheValidationWithETagReason
X-Cache-Backend
X-This-Proto
X-Dispatch
X-Page-Cache
X-IsCacheURL
Bs-Header
X-Test
X-Cache-Ttl
X-BKSrc
X-PageID
X-MrHost
Copyright
OutputRewritten
X-Plat-Be-Ip
Language
Imx-Cookies-Used
X-Cache-TTL-Remaining
X-Cache-Keep
Il-Cl
X-Plat-Va-Ip
X-Search-Id
X-ProxyInstancename
X-Esi
X-Rocket-Nginx-Bypass
X-7d-Trace-Id
X-Turpentine-Cache
X-7d-Instance-Id
X-Framework
X-Platform-Processor
X-Platform-Router
X-UD-Host
X-Node-Name
Server-N
X-Route
X-IP-Address
X-Analytics
X-DELIVERYSERVER
X-ELC-Checkpoint4
X-HA
X-ENV
X-Cookie-Store
X-DC-Origin-IP
X-DeliveryServer
Xc
X-Url-Store
X-Hosting
X-Var-Hash
X-Ratelimit
X-SilverStripe-Cache
Og
X-Obvious-Info
X-Obvious-Tid
X-Time-Microsecs
X-Cache-Original-TTL
X-AppServer-Cache-Rule
Tk
X-SID
X-Static-Version
X-WR-MODIFICATION
FindLaw
X-KO-Site-Id
X-UType
X-Powered-By-Home.Pl
X-Remove-Cookie
Unique-Request-Id
Tracker
X-Stiffia-Cache
X-Proxy
X-Varnish-Esi-Access
X-Varnish-Esi-Method
X-B
X-Checkout
X-Request-Count
X-Nginx-Cache
X-Serendipity-InterfaceLang
X-Serendipity-InterfaceLangSource
X-Time-Spent
X-Webbins-Node
X-Rack-CORS
X-Provided-By
Redirect
RouteID
X-Ec-Custom-Error
X-MCB-Server
XDisk
Noahs-Classifieds
Cpu
Noq
Ram
X-Cluster-Host
X-SRVID
X-Drupal-Cache-Tags
X-Cache-Extended
X-Cookie-Request-Debug
X-Cookie-Response-Debug
X-Dispatcher
Http
NZSpeedy
X-Flex-Evend
X-Flex-Evstart
X-Flex-Lang
X-Flex-Community
X-SeschatLayout
X-SeschatTemplateID
X-SeschatRedID
X-Flex-Lastmod
X-SeschatDID
X-NID
X-Server-By
X-Prerender-Token
X-Gyrobase-Publication
X-Flex-Tags
X-Seschat-URL
X-Turpentine-Esi
X-Varnish-Hashed-On
Debug-3-1
X-WP
X-Smartcache-Timeout
Public-Extension
SV-Duration
X-CPU-Time
ResourceTag
X-Smartcache-Keys
X-CCM
Server-Optimized-By
X-Varnish-ServiceNetIP
Allow
1
X-Node-ID
Device
X-Purge-Level
X-Flex-Tag
AcceptLangage
X-WHOIS-Cached
ServerIP
Be-Ip
Apachenode
Be-Va
X-Artvisual-Server
X-BE
AC-ELC
X-Server-Generated
Sid
Foglight-Request-UUID
X-Backend-Status
X-Obj-Ttl
X-Cache-Key
X-Cache-PageType
X-Varnish-Ttl
X-HITS
X-CB-Server
Web
Cteonnt-Length
X-Cache-Fix
X-Xhr-Current-Location
X-Wb-Version-Expiry
X-PageCache-Ttl
X-PURGE-Server
X-Runtime-Memory
X-TargSmaku
X-Wb-Version-Value
INCOMING-TIME
X-SRCache-Fetch-Status
Progma
X-SRCache-Store-Status
Serv
X-App-Server
MSThemeCompatible
Aoestatic
X-Status
X-Hosts-Backend
X-Backend-Ip
MSSmartTagsPreventParsing
Esi-Enabled
Fw-Via
X-Built-With
X-JSESSIONID
X-AOESTATIC-FETCH
X-Cached-Until
X-Cluster-Node
X-Header
X-Ghost-Cache-Status
X-Goog-Stored-Content-Encoding
X-Goog-Storage-Class
X-Goog-Stored-Content-Length
X-Goog-Generation
X-GUploader-UploadID
X-9XB-Server
WebServer
X-PageCache-Expire
X-PageCache-Defaultable
X-PageCache-Key
X-PageCache-Level
X-PageCache-PagePath
X-Goog-Metageneration
Head
Server-Hostname
X-Made-Cache-Ttl
X-Magento-Action
X-Magento-Lifetime
X-PageCache-ParseTime
Server-Ip
SBGI-1
X-Instance-Name
Httpd-Identifier
SBGI-10
SBGI-5
SBGI-Device
SBGI-9
SBGI-7
X-ServedByHost
Mto-License-Status
X-Request-Received
X-Request-Processing-Time
X-Pardot-Rsp
Response-Time
X-SERVERID
X-DN-Cache-Control
WP-Cache
SBGI-RealPath
SBGI-RenderTime
Wn-Vars
WN
MDX-Naviid
X-WN-ClientGroup
X-Rot
CpuTime
X-Sov
X-Varnish-Debug-Hits
X-S-Misc
X-Op
X-LS-DEBUG
X-Lookup-Mode
X-ProxyDuration
X-D-Time
X-Generation-Time
X-FE
X-Pardot-Route
X-Pardot-LB
X-AVG
X-AG-MIPS
X-Debug-Site-Time-OnInit.Master
X-AVG-REWRITE
X-Avvio-Cms-Cacheload
X-ESI
X-Confluence-Request-Time
Railo-Version
Count-Click-Attempt2
X-Meta-MSThemeCompatible
X-Meta-MSSmartTagsPreventParsing
X-Meta-Imagetoolbar
X-Ocache
X-T
XX
X-USERNAME
X-FCMS-Cache
X-Oracle-DMS-ECID
Url-Hash
Rewriter
Real-Server
X-Content-Parsed-By
X-Ct-Info
X-Lang
X-Discourse-Route
HostName
Atp-Isdpp
X-Webobjects-Loadaverage
X-Server-Addr
X-RSS-CACHE-STATUS
X-Wikidot-Backend
X-Wikidot-Static-Cache
At-Shoptype
At-Isb
X-HOSTTYPE
X-KoobooCMS-Version
SL-NOREWRITE-REDIRECTS
HA-Front
X-ATP-Server
X-Device-Group
DNNOutputCache
WEBO
SBMCLOUD
MGIT
X-Hrouter
X-Allow-Redis
ContentType
RequestId
X-Request-Time
X-Varnish-Restarts
X-Say-Original-IP
X-Varnish-Debug-Pool-Fetch
RSL-Trace-ID
X-Say-Original-URL
X-Say-TTL
X-Say-Original-Host
X-Say-Cacheable
X-Varnish-Debug-Varnish-TTL-Set-From-Server
X-Foresight-Air
X-Foresight-Customresponse
X-Varnish-Debug-Pool-Recv
X-BPool
X-BServer
Www.Aujourdhui.Com
X-Web-Node
X-Cache-Via
X-Webkit-CSP
X-R4L-VHOST
X-Cachable
X-VhostID
Time
SAVVIS
Web-Head
X-Accelerated-By
X-ACLR-Version
X-PvInfo
X-Hit
X-Martin
X-Req-Counter
X-Hstore
X-Cacheable-TTL
X-UA-Vendor
X-MobileDetected
X-PoolMember
X-NODE-NAME
X-Accel-Expires
X-Platform
X-Path
X-Nocache
X-Say-Original-UA
X-SiteConInfo
X-Instance
X-UseReverse-Proxy
X-Webapp
X-SayCDN-UA
X-Obr-Rule
X-EdgeRouter
X-SayCDN-Original-Host
X-ProcessESI
X-RP-WP-Expires
X-Router
X-Router-Backend
Apple-Itunes-App
X-Origin-Cache
X-Cached-On
X-Cache-Me-Harder
X-Aberdeen-Site
Thinkindot-CacheControl
X-Pb-Mii
X-Cache-Host
X-Aberdeen-Cache
X-AccessDev
Thinkindot-Control
Surrogate-Key
Thinkindot-CacheControl-Type
X-Healthy
X-RemovedCookies
X-Nucleus-Cache
IsMobile
X-SayCDN-TTL
X-Uplex
X-Varnish-URL
X-Flow-Powered
Ozcache
X-Fallback
X-SayCDN-Original-Path
X-Mii-Cache-Hit
X-EntryPoint
X-SayCDN-Original-UA
X-Li-Pop
X-RAMCache
X-LI-UUID
X-Li-Fabric
X-Full-Url
X-FS-UUID
X-Platform-Cache
X-View
Publisher
X-RNDPAGE
X-TAG
X-Pageid
X-LTM-ID
X-Environment
Requested-Host
X-Zendesk-Origin-Server
X-Zendesk-Request-Id
X-Frontal
X-Cms-Server
Tempo
X-BIN
X-Crafted
X-WorkerDuration
Exires
X-Forwarded-Proto
X-PC3-Control
X-PC3-Time
X-Trace-Id
X-PoweredBy
X-UA
AGI-Request-ID
X-Enhanced-By
X-LB
X-ASAP-Cache
X-Clara-ASAP
X-Frame-Option
X-A
Machinename
X-MOBILE
Is-Cached
X-Dynamic
V-RESP
Servername
X-Brought-To-You-By
X-Cookie
X-Process-Time
X-PressLabs-Stats
X-B3-Traceid
X-LOCATION
X-Orig-Host
X-Pagely-Cache
Kanooh-Host
INFO
X-Amz-Meta-Cb-Modifiedtime
X-Timestamp
X-Trans-Id
Login-Required
X-SATserver
X-We-Are-Hiring
X-GLaDOS
X-Goog-Meta-Policy
X-Goog-Meta-Replace
X-Haiku
X-Generated-At
Svr
Content
Content-ID
NodeId
X-VG-WebCache
X-ErrorPage
Device-Type
HGR-NOCACHE
MageStack-Area
MageStack-Cache
Cmstype
Cmsid
X-Medium-Entity-Type
X-Varnish-Set-Cookie
Aurora-Node
Cluster
X-Tags
MageStack-Cache-Hits
X-Wm-VIP
MageStack-Cacheable
MageStack-Config
MageStack-Debug
X-Wm-1
MageStack-Cache-Status
X-Varnish-Currency
X-Varnish-Store
MageStack-Cache-Lifetime
X-Medium-Entity-Id
X-Tile-Url
SERVER-NAME
Robots
Fpc-Expire
Portlet.Expiration-Cache
Backend-Host
ClientIP
X-HasAuthorization
X-IsPremium
F5-IpCliente
X-Cluster-ID
X-Highwire-Cache
X-LB-Server
X-Lima-Id
X-Akamai-Edgescape
X-SiteFrom
X-Serverid
X-RP-SuperCache
X-Highwire-Sitecode
X-ETag
X-GETTER-Cache
MageStack-Loadbalancer
MageStack-PageSpeed
X-Mobile
X-Region
X-Rq
Access-Control-Allow-Origin:
X-Mag
X-Country
FX-TTL
Test
V-Age
X-Backend-Name
Ews
X-NewRelic-App-Data
X-Czt
Yola-ID
D
E-TAG
X-Accel-Cache-Control
0
X-Cluster
X-Pixelsilk-Server
X-Pixelsilk-Version
FX-Forwarded-For
FX-Cache
X-Ants-Host
X-Ants-Machine-Id
Be
X-Cdn-View
TIMESTAMP
X-Gondor-Server
MageStack-Tag
MageStack-Web-Node
MwpReleaseVersion
X-Client-Addr
X-IDS-WS
X-OPNET-Transaction-Trace
Gzip
BX-Cache
BX-TTL
X-Upstream-Time
X-RequesterIP
X-Http-Host
X-Beatles
X-Restarts
Front