Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Connection
Set-Cookie
Cache-Control
X-Powered-By
Vary
Expires
Content-Length
Last-Modified
Pragma
Accept-Ranges
Link
ETag
X-Content-Type-Options
X-Pingback
P3P
X-Frame-Options
X-XSS-Protection
X-Cache
X-AspNet-Version
Content-Language
Age
CF-RAY
X-UA-Compatible
Via
Strict-Transport-Security
X-Adblock-Key
X-Varnish
Access-Control-Allow-Origin
X-Check
X-Language
X-Template
X-Cacheable
X-Generator
X-Buckets
Content-Location
X-Drupal-Cache
P3p
X-AspNetMvc-Version
X-Hacker
X-Ac
X-Powered-By-Plesk
MS-Author-Via
X-Type
X-Cache-Group
X-Pass-Why
X-Request-Id
Keep-Alive
X-Runtime
WP-Super-Cache
X-Iinfo
Status
X-Powered-CMS
Ngpass-Ngall
X-Cache-Hits
Host-Header
X-Permitted-Cross-Domain-Policies
Content-Security-Policy-Report-Only
Access-Control-Allow-Credentials
X-Download-Options
X-UA-Device
X-ShopId
X-ShardId
X-Dc
X-Alternate-Cache-Key
X-Mod-Pagespeed
Access-Control-Allow-Headers
X-Via
X-Pad
X-Request-ID
X-Logged-In
Access-Control-Allow-Methods
X-Tumblr-Pixel
X-Tumblr-User
X-Tumblr-Pixel-0
X-Served-By
X-Backend
X-Tumblr-Pixel-1
X-Server
X-ServedBy
Content-Security-Policy
X-ContextId
X-Tumblr-Pixel-2
X-CDN
X-PC-Key
X-PC-Hit
X-Host
Powered-By
Upgrade
Content-Encoding
X-Cache-Status
X-Cache-Hit
X-Port
X-PC-AppVer
X-PC-Host
X-PC-Date
X-Xss-Protection
X-Robots-Tag
X-Tumblr-Pixel-3
X-Timer
X-Cache-Lookup
MicrosoftOfficeWebServer
X-Accel-Version
X-Rack-Cache
MicrosoftSharePointTeamServices
X-Varnish-Cache
SPRequestGuid
X-SharePointHealthScore
X-Cnection
X-Request-Country
X-XRDS-Location
X-MS-InvokeApp
X-Page-Speed
X-Amz-Cf-Id
X-Wix-Renderer-Server
X-Seen-By
X-Wix-Request-Id
X-Safe-Firewall
X-AH-Environment
X-Turbo-Charged-By
CF-Cache-Status
X-W-DC
X-Content-Powered-By
Rating
X-Server-Powered-By
X-Ua-Compatible
X-Content-Digest
X-PhApp
X-FullPageCaching
X-Webserver
X-Cache-Enabled
X-Tumblr-Content-Rating
X-GitHub-Request-Id
X-Firenze-Processing-Times
X-Tumblr-Pixel-4
Composed-By
X-INKT-URI
Request-Id
X-INKT-SITE
Public-Key-Pins
Alt-Svc
X-Node
SPIisLatency
SPRequestDuration
Served-By
Cf-Railgun
X-Amz-Id-2
X-Amz-Request-Id
X-Proxy-Cache
X-Spip-Cache
Liferay-Portal
Permitted-Cross-Domain-Policies
X-HeyJason
Timing-Allow-Origin
X-Hyper-Cache
Surrogate-Key
Xkey
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
Surrogate-Key-Raw
X-Pantheon-Endpoint
X-Styx-Version
X-Server-Name
Charset
Access-Control-Max-Age
Access-Control-Expose-Headers
X-Content-Security-Policy
X-Swift-CacheTime
X-Swift-SaveTime
EagleId
Content-Script-Type
X-XN-Trace-Token
X-XN-XNHTML
X-OneAgent-JS-Injection
Content-Style-Type
X-FW-Hash
X-SERVER
Grace
X-CF-Powered-By
X-Dw-Request-Base-Id
X-CDN-Pop
X-CDN-Pop-IP
X-Clacks-Overhead
X-Tumblr-Pixel-5
X-Hits
X-FW-Static
X-FW-Type
X-FW-Serve
Refresh
Access-Control-Allow-Method
X-VCache
Content-MD5
X-FB-Debug
X-Fastly-Request-ID
X-Drupal-Dynamic-Cache
Public-Key-Pins-Report-Only
X-Cache-Server
X-Umbraco-Version
X-Loop
Real-Hostname
X-Backend-Server
X-Device
X-TNCMS
X-Jimdo-Wid
X-Jimdo-Instance
X-Cache-Result
X-User-Agent
X-AWS-Id
X-Beta
X-Gateway
X-LJ-Flow-ID
X-VWS-Id
Edge-Control
X-Cached-By
X-MiniProfiler-Ids
X-Generated-By
Cartoon
X-Hostname
X-REQUEST-ID
X-Px
X-DDC-Arch-Trace
X-LiteSpeed-Cache
X-Powered-By-360WZB
X-Tumblr-Adult-Blog
X-Cache-Config
X-Cloud-Trace-Context
X-DynaTrace-JS-Agent
PageSpeed
X-Cached
X-ServerName
X-Age
Surrogate-Control
X-Served-From-Cache
NS-RTIMER-COMPOSITE
Fastly-Debug-Digest
X-Outils-CS
Fpc-Cache-Id
X-Url
X-DynaTrace
X-CMS-Version
X-Tumblr-Pixel-6
X-Forwarded-For
TCN
Response
X-Whom
X-WebKit-CSP
X-URL
Display
X-Middleton-Response
X-Sol
X-Middleton-Display
X-From
Product
DynaTrace
X-Varnish-Cache-Hits
X-Recruiting
Imagetoolbar
X-Handled-By
X-Msg-2-Log
X-Content-Options
ServedBy
X-TTL
X-AspNetWebPages-Version
X-Country-Code
Rt-Fastcgi-Cache
X-Micro-Cache
X-Matrix-Server
X-HOST
X-Matrix-Proxy
X-Content-Encoded-By
X-FORWARDED-FOR
Access-Control-Request-Method
X-Firenze-Processing-Time
Page-Completion-Status
Alternate-Protocol
Powered-By-ChinaCache
IBM-Web2-Location
X-ApacheServer
X-Varnish-Host
X-NetCat-Version
ServerName
X-App-Hosting
X-Hosted-By
Generator
X-Actual-URL
X-Passed-To-DLL
X-Returned-From-DLL
X-Returned-From
X-Original-Request
X-Passed-To
X-Passed-To-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Returned-From-BeforeDispatch
Front-End-Https
X-Returned-From-PostProcessResponse
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Status
Magicmarker
X-Varnish-Beresp-Grace
Akamai-IP
X-Do-Not-Hack
X-S
X-Stale
Fhost
X-Expires-Orig
X-Varnish-Backend
X-I
X-Track
X-Magnolia-Registration
X-SDS
X-PERF
X-Art-Request-Id
Content-Encoding-Handler
USPLoggingUUID
X-ATG-Version
Surrogate-Keys
X-Version
X-Abuse
X-UD-Method
X-Request-Time
X-Varnish-TTL
X-Origin
X-Server-ID
Content-Hash
X-Cache-TTL
X-Platform
X-LiteSpeed-Cache-Control
Host
Content-Disposition
X-Cache-Age
X-Varnish-Cacheable
Lsrequestid
MIME-Version
X-Gamma-Serve
X-Microcachable
X-Duration
X-Varnish-RemainingTTL
X-Varnish-Seen-By
Origin
Ag-Server-Time
Ag-Send-Time
Ag-Execution-Time
X-CacheServer
Powered
CONTENT-SECURITY-POLICY
X-Microcache-Status
X-Route-Server
X-Translation
X-Powered-By-Server
X-Cache-Info
ServerID
X-Device-Type
X-VARNISH-Cache
X-Location-Id
X-I-Sp
X-BS
X-Cache-Debug
X-URLSCHEME
X-RESOURCE
Buuteeq-Source
X-Goog-Hash
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-DNS-Prefetch-Control
X-Powered-By-VTEX-Janus-Edge
X-Vtex-Processed-At
Content-Security-Policy-Rerport-Only
X-VTEX-Janus-Router-Backend-App
X-VTEX-Cache-Status-Janus-ApiCache
X-Vtex-Processado-Em:
X-Vtex-Remote-Cache
X-VTEX-Cache-Status-Janus-Edge
No
X-CJ-Soft
X-Powered-By-VTEX-Janus-ApiCache
X-Cache-Expires
X-Newrelic-App-Data
X-BackEnd
X-Vcap-Request-Id
Node
X-Grace
X-Cache-Rule
X-Instart-Request-ID
X-Source
X-Mobilized-By
X-Response-Time
X-Developer
SN
X-Drectory-Script
X-Cache-Control-Orig
X-Cache-Lifetime
X-NoCache
X-PwB-Node
X-BC-Stapler
X-Front
CC-CACHE
X-Processed-By
X-Cf-Powered-By
X-Cache-Tags
X-Daa-Tunnel
X-WebServer
X-Geo-IP
X-Fastcgi-Cache
X-Varnish-Server
Proxy-Agent
Version
Accept-Charset
X-CDN-Cache-Status
X-DefendeR-Status
X-DefendeR-Runtime
X-Revision
X-CDN-Node
X-App-Status
X-Akamai-Device-Characteristics
X-Time
Cache
X-Varnish-Age
Server-Info
X-Akamai-Device-Model
Pics-Label
X-ServerID
X-N
Nitro-Cache
Webluker-Edge
PICS-Label
X-Client-IP
X-Purge-URL
Qs-Cache
Last-Published
X-Trace-Cache
X-FW
X-Director
NODE
X-Processing-Time
X-B-Cache
X-Ttl
Arr-Disable-Session-Affinity
Proxy-Connection
X-UPSTREAM
AMF-Ver
X-Trace
X-Geo-IP-Metro
X-Geo-IP-Country
Cache-Key
Retry-After
X-Geo-IPV
X-Geo-IP-Region
X-Frontend
X-Purge-Host
X-Mobile-URL
X-Yottaa-Metrics
SVR
X-Varnish-Grace
X-Yottaa-Optimizations
SID
X-ACMCache
X-Cache-Operation
Location
X-Blog
NetMindSessionID
Srv
A-Powered-By
Frame-Options
X-ClientSide-Caching
Req-Id
X-Real-Server
X-Varnish-HitMiss
COMMERCE-SERVER-SOFTWARE
X-Discourse-Route
X-Zen-Fury
X-CDN-Forward
X-Varnish-Hostname
X-Varnish-IP
X-Varnish-Count
Edge-Control-Message
HCVer
X-Server-Id
X-Content-Age
WWW-Authenticate
HAVer
X-SV-Expires
X-SV-Edge
X-SV-CreatedAt
X-SV-FromDBCache
X-SV-Nginx-Duration
X-Varnish-RemainingGrace
X-SV-Pid
X-SV-CacheTags
X-SV-Duration
X-Page-Cache
Filter-Revision
Cm-Server
X-Highwire-SessionId
X-Engine
X-Highwire-RequestId
X-Speed-Cache-Key
Cached
Content-Transfer-Encoding
X-NginX-Node
Author
X-NginX-Cache-Status
X-NginX-Upstream-Response-Time
X-SmartBan-Host
X-Speed-Cache
X-Cookie-Domain
X-NginX-Upstream-Status
X-WR-Flags
X-SE-Debug
Accept-Encoding
X-AbeBooks-Version
X-Cache-Doesi
X-NginX-Upstream-Addr
X-Dispatch
X-SmartBan-URL
X-Varnish-ObjectSource
Thanks
X-Varnish-RemainingLife
Mobiquo-Is-Login
X-Hypernode
X-Varnish-Hits
X-Yadis-Location
X-Varnish-GracePeriod
X-Sys-Req-ID
MJ12bot
SEOMOZ
X-Platform-Processor
X-Platform-Router
X-NB-Cached-Page
X-GeoIP-Country-Code
X-AOL-HN
X-Cocoon-Version
X-Rocket-Nginx-Bypass
RTSS
X-PF-Uncompressing
X-Cache-Key
LBVIS
X-Server-Response-Time
WSR-Cache
X-Session-Reinit
Backend
X-Provisioner-Version
X-Nurl
X-Ruxit-JS-Agent
X-Nginx-Host
X-Machine-Name
X-Nhost
X-FIRSTBase
X-Domain-Checked
X-NFE
Id
X-Server-Upstream
X-TempDebug
X-Empowered-By
X-Plat
X-SmugMug-Hiring
Front
X-Env
Smug-CDN
X-Prefetched
IISExport
X-Nitra-Side
X-Dynatrace
X-Resolver-IP
Logging-CorrelationId
X-GeoIP-Country-Name
X-Server-Start-Time
SRV
X-TTFB-L
X-SmugMug-Values
CT
X-StackifyID
X-Origin-Id
X-TTFB
X-Config-By
X-BackendServer
X-Directory-Script
X-Cache-Fix
X-Cache-PageType
ORIGIN
X-Amz-Version-Id
Fastcgi-Cache
Tk
Nodo
X-Transaction
X-Connection-Hash
X-Adobe-Content
X-Nginx-Cache
X-Twitter-Response-Tags
X-NewRelic-App-Data
X-Adobe-Loc
X-Obvious-Info
X-Obvious-Tid
X-Framework
X-Debug
Keywords
S
X-Uid
X-Garden-Version
X-Varnish-Debug-Age
X-V
X-ID
Beyond-Iis
Ibf5scheme
X-WA-Info
Mime-Version
X-Orig-Vary
X-App
X-LW-Web-Server
X-Litespeed-Cache
Host-Service
X-HP-Trace-ID
X-HP-Trace-Project
X-Upstream
X-Src-Webcache
X-App-Server
X-Flow-Powered
X-XTM-Node
X-Sucuri-ID
X-Unique-ID
Noq
Cpu
X-Hiawatha-Cache
X-Grid-Server
X-Distributed-By
X-IsCacheURL
Ram
X-Atraveo-TTL
X-Atraveo-Varnish-Server-Id
X-Atraveo-Set-Cookie
ServerSignature
X-Atraveo-ETag
X-Libra-UpstreamHost
X-Atraveo-Cache-Control
X-BKSrc
Eomportal-Instance
CacheControlHeader
XDomainRequestAllowed
ServerTokens
X-Atraveo-From-Varnish-Cache
X-Atraveo-Expires
X-NginX-Cache
X-NginX-Server
X-Atraveo-Param-Rm
X-Atraveo-Zone
X-Aicache-OS
From
X-PRAM
X-Kinsta-Cache
P-WS
P-LB
X-LB-Server
X-Server-IP
VAR-Cache
LBC
X-Varnish-Debug-TTL
Rewriter
X-LB
X-Cache-Level
X-Pressidium-NinukisWP-Ver
X-Webcelerate
XX
BALANCEDTO
X-Force
X-Storage
X-Platform-Cache
Backend-Timing
X-Cache-Control
X-Analytics
W
X-JG-Page-Cache
Pool-Info
Allow
NtCoent-Length
X-Balanceador
Server-Name
X-Symfony-Cache
X-SDE-Name
X-Accel-Expires
Description
X-Cache-Engine
X-Application-Context
X-Dns-Prefetch-Control
X-Worker
X-Do-Esi
X-Detected-Device
X-Smartcache-Timeout
X-AOL-SNH
X-Smartcache-Keys
X-Varnish-Action
X-EPiphany-Vid
X-EdgeConnect-Origin-MEX-Latency
Decompress
X-EdgeConnect-MidMile-RTT
X-Client-Vid
RN-Server
X-Dw-Trace-Id
X-WP
X-Dispatcher
X-Edge-Location
X-Hosts-Backend
X-Middleton-PageSpeed
X-Magento-Cache-Debug
MW-Webserver
X-DPWN-IS-SECURE
SiteName
SS
Section-Io-Id
X-Full-URL
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
VServer
Cneonction
NnCoection
ScoreTracker
X-Varnish-Ttl
Imx-Cookies-Used
X-Source-ID
Hamster
NLCacheNote
X-ARC
Cache-Rule
X-Unbounce-Variant
X-DSMX-Render-MS
N365rili
X-Cache-Action
Cluster-ID
X-Cache-Set
X-Key
X-Full-Url
Sophnep-Edge-FX
X-MrHost
X-Cookie
X-Info
X-Unbounce-VisitorID
Hash
IM-Version
X-MAT-GEO
X-Invoke-Duration
X-Unbounce-PageId
X-ServerIndex
X-REDIRECTSERVER
X-Secret
X-Server-Instance
X-RiS-UFDI
Content-Server
Sid
X-Actindo-RS
X-DTC
WP-AdvCache-MemCached
Dynatrace
X-DSMX-Rewrite-MS
SSPAppContext
Prxy
X-B2f-Not-Route
X-Apm-Telemetry-Syncmark
X-ProxyInstancename
X-RDP
X-Rebelmouse-Cache-Control
X-Amz-Meta-Cb-Modifiedtime
PowerCDN
X-Rack-CORS
Ksid
Accept-Language
X-Rebelmouse-Surrogate-Control
X-Response
X-N-ViewType
Cdate
CLMOB
X-SilverStripe-Cache
X-Hit-Cache
Ctx
X-Jphone-Copyright
X-DOM
X-Cache-Node
X-CB-Server
OT-RequestId
X-Browser
X-Amz-Id-1
X-Cache-Original-TTL
X-SRV
Myheader
Beid
WP-Cache
Il-Cl
X-ATM-RTime
X-Captured
X-ATM-RServer
X-IIJ-Cache
X-Amz-Meta-S3cmd-Attrs
X-Ec-Custom-Error
X-Pagename
TP-Cache
X-Optimization
X-Header
X-Cache-TTL-Remaining
X-CacheResult
X-Cache-CFC
A
X-HW
X-Cache-Keep
X-Avvio-Cms-Cacheload
Warning
S-Cnection
X-Is-Cachable
X-Ob-Mode
X-DealerOn
TP-L2-Cache
X-Cache-On
X-AWS
X-HeBS-Cache-Status
X-Id
X-Real-IP
X-Site:
X-XS4ALL-Server
X-Server-Instance-Name
CommunityServer
X-Server-Generated
X-Trace-App
X-T3CacheInfo
X-HP-CAM-COLOR
X-EDGECONNECT-GUID-DEBUG
X-T3Cache
Device-Type
X-Healthy
X-Time-Microsecs
X-T3CacheTags
X-RequestId
Pool
X-Vary-Options
X-Distributor
Bios
X-Wix-Route-ID
X-Varnish-URL
X-Node-Name
Jobb.Gil.Se
Jobb.Assistentpoolen.Se
X-Amz-Storage-Class
If-Modified-Since
Backend-Name-Original
X-Clara-ASAP
X-B
X-ASAP-Cache
B-Powered-By
Jobb.Passal.Se
Open.Jobgate.Se
Www.Myjob.Se
Www.Mirrorgate.Se
Mto-License-Status
X-Backend-Name
X-F-Cache
Www.Mabracertifiering.Se
Ibm-Web2-Location
D
X-Block
P3P:CP
X-Channel-Maxage
Test.Executivepeople.Se
X-Cms-Server
X-Ocache
Set-Cookie2
X-PHP-Response-Code
X-Artvisual-Server
Max-Age
X-Varnish-Error-Restart
X-Rot
Url-Hash
At-Shoptype
Head
X-Restarts
X-Akamai-Edgescape
Atp-Isdpp
X-Varnish-Backend-Healthy
X-Desc
X-Litespeed-Cache-Control
X-Supported-By
X-APP
Machine
X-WorkerInstancename
X-Sov
X-Client-Ip
X-Vhost-ID
At-Isb
X-Timing
Dispatcher
HOST-SERVICE
X-Frames-Options
PServer
Worker
X-Cms-Mode
X-Wikidot-Backend
X-Wikidot-Static-Cache
Paypal-Debug-Id
X-Oracle-DMS-ECID
Resin-Trace
X-SERVER-ID
X-Srv
Real-Server
VC-NoCache
X-Medium-Entity-Type
X-Medium-Entity-Id
X-Esi
Web
X-ACCELERATE
X-Hosting
X-Trace-Id
X-Dev
X-Stage
X-Is-Mobile
Xc
INCOMING-TIME
Ngpass-Vcall
X-Sid
X-Varnish-Instance
X-CACHE-TTL
NZSpeedy
X-Flex-Lang
MageStack-Cache-Lifetime
MageStack-Cache-Status
X-Flex-Evstart
Aurora-Node
X-Flex-Evend
MageStack-Cache-Hits
MageStack-Cache
Cmstype
X-Flex-Lastmod
CmsCacheEngine
Cmsid
MageStack-Area
MageStack-Cacheable
MageStack-Loadbalancer
X-W3TC-Minify
VANITY-HOST
CpuTime
X-Signature
X-Rewritten-By
X-ManagedFusion-Rewriter-Version
X-CCM
MageStack-Web-Node
MageStack-Tag
MageStack-Debug
X-Cluster-Node
MageStack-Config
Webserver
MageStack-PageSpeed
Fastly-Backend-Name
Host-Name
X-Flex-Community
Ews
SBGI-RealPath
SBGI-Device
SBGI-RenderTime
Ttl
X-CID
X-CCC
SBGI-9
SBGI-7
Note
Fw-Via
SBGI-1
SBGI-10
SBGI-5
X-Expires
X-Status
Xxxxx-Age
X-Appmachine-Environment
Xxxxx-Cache
Xxxxx-Hit-Count
Xxxxx-Restarts-Count
X-Environment
X-Tags
X-OCTOPOD
X-GSL-Server
X-Requested-Page
SharePointError
X-ESI
Ec
Access-Control-Allow-Orgin
X-ORACLE-DMS-ECID
X-DEBUG
X-Beatles
X-Beatles-Hits
X-FreeTag-Count
X-Does-He-Have-Time
X-AccessDev
IsMobile
X-Nginx
X-Max-Age
X-We-Are-Hiring
Countrycode
X-Varnish-Store
X-GeoIP
X-TTL-Age
X-Hrouter
X-EdgeRouter
X-Hstore
X-MobileDetected
X-NewCloud-V-Cache
X-Cache-Me-Harder
X-Backend-TTL
X-Your-GrandPa-Would-Wait
X-Would-Your-GrandPa-Wait
Apache
Cleartype
Content-Instance
X-Flex-Tags
X-Flex-Tag
SINA-TS
X-ETag
X-Ghost-Cache-Status
SINA-LB
X-Runtime-Memory
Requested-Host
User-Cache-Control
X-Author
X-SATserver
X-RateLimit-Remaining
X-Sn-Servicetimems
GenSvr
Publisher
X-Xhr-Current-Location
MSSmartTagsPreventParsing
X-Proto
X-Meta-MSThemeCompatible
X-RealServer
X-Server-Addr
AGI-Request-ID
X-SV
X-Meta-MSSmartTagsPreventParsing
X-Meta-Imagetoolbar
DPOOL-HEADER
MSThemeCompatible
X-Wm-VIP
X-Wm-1
X-Gannett-Site-Version
X-Powered-By-Home.Pl
X-Pagely-Cache
X-PG
X-VG-WebCache
X-PM-ID
X-Magento-Cache-Control
Device
X-LS-DEBUG
X-Webstats-RespID
X-HAProxy
Backend-Node
TotalTime
AsisCache
X-EntryPoint
X-Fallback
X-HASH
INFO
X-JSESSIONID
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-LW-T
X-MCF-ID
X-Orig-Host
X-Fpc
X-Box
X-Geo
X-Varnish-Set-Cookie
Og
X-Cache-Extended
X-B3-Traceid
X-Forwarded-Proto
Kanooh-Host
X-SeschatTemplateID
X-Country
X-BE
X-RSS-CACHE-STATUS
X-SeschatLayout
X-Seschat-URL
X-SeschatDID
X-EZPublish-InstallationID
X-Span
Cteonnt-Length
X-Varnish-Currency
X-SeschatRedID
X-Varnish-Esi-Method
X-Turpentine-Esi
X-Varnish-Esi-Access
Expire
Foglight-Request-UUID
X-EZPublish-NodeID
X-FCMS-Cache
X-Cluster-Host
X-Application
X-AG-MIPS
Provider
X-E
X-Remote-Addr
X-DataDome
X-Hit
X-A
X-Turpentine-Cache
X-Server-By
X-FastCGI-Cache
X-HOSTNAME
X-Ratelimit-Remaining
X-HostName
Cxy-All
X-GRACE
X-Mod-Oboe-PS
X-COUNTRY-CODE
Servername
Lfy
X-Airee-Node
NKBVHEADER
X-Bcwwwid
X-WR-MODIFICATION
DB-Nickname
BlockPHPCallEnd
OriginServer
X-SID
X-Rack-Cors
QC-Hit
X-OneLinkServiceType
X-OneLinkProcessing
X-OneLinkTook
X-PageType
X-Generation-Time
X-Purge-Level
X-OneLinkHost
X-Old-Content-Length
X-HTML-Minification-Powered-By
X-Highwire-Sitecode
X-Magento-Action
X-MCB-Server
X-Nginx-Request-Time
X-WebNode
Charly
X-Cache-Origin
X-Dynamic
QC-Key
QC-Time
X-Magento-Tags
X-Clx-Request
X-DeliveryServer
X-Delivered-By
POOL
Content
X-Fe
Tempo
X-Brought-To-You-By
X-MSU-SOURCE
Httpd-Identifier
X-Pb-Mii
X-Mii-Cache-Hit
X-WHOIS-Cached
X-Batcache
X-Content-Type
X-GUploader-UploadID
X-Goog-Stored-Content-Length
X-Goog-Generation
X-Goog-Metageneration
X-Goog-Storage-Class
X-Goog-Stored-Content-Encoding
X-Varnish-Cache-Control
Lookup-Cache-Hit
Copyright
Http
X-Powered-Developer
X-TargSmaku
X-AppServer-Cache-Rule
X-AppServer-Status
X-Cache-ID
X-Test
AC-ELC
Tracker
X-D-Time
X-Device-Group
X-Ratelimit-Reset
NodeId
User-Agent
X-Instance-Name
X-Ratelimit-Limit
X-Process-Time
X-DB-NAR
X-EvoSuite-Machine
X-EvoSuite-Secs
X-OpenCart-Lightning
X-ASAP-Age
X-Client-Image-Vid
X-FFX-B
V-Age
Www.Aujourdhui.Com
X-ATP-Server
X-ESI-Enable
X-Cache-Handler
X-Enhanced-By
Edgecast
EXT-CACHEEXPIRE
Content-Cache
X-Capoed
Nginx-Cache
X-IP-Address
X-Pj-Cache-Key
X-Pj-Cache-Status
X-RAMCache
X-Gyrobase-Publication
X-BPool
X-Compressor
BKREF
X-Cacheable-TTL
X-BServer
X-Route
X-7d-Instance-Id
X-AREQUESTID
SL-NOREWRITE-REDIRECTS
X-ASEN
X-AUSERNAME
X-Accel-Cache-Control
VM
ServerIP
X-Ants-Machine-Id
X-7d-Trace-Id
X-Ants-Host
X-DN-GyrobaseID
X-DN-Cache-Control
X-Obr-Rule
X-Rq
X-Compressed-By
X-Protected-By
X-VhostID
X-Hash
Hosted-By
MwpReleaseVersion
X-T
SLB
X-4ormat-Cacheable
Debug-Status
RATING
X-Hcom-Styx-Info
X-Hcom-Origin-Id
X-DB-Content-Length
Server-Optimized-By
Expiries
X-Webkit-CSP
X-Nucleus-Cache
FindLaw
X-ServedByHost
X-Backend-Ip
NS-VaryByCustom-Key
Public-Extension
Pw-Value
ReqUrl
RequestId
X-Webapp
X-TempoPesquisa
X-SuperCache
X-Nginx-Backend
X-UseReverse-Proxy
ResourceTag
SB-Cache-Life
X-AISO-Server
X-Cache-Device-Type
X-Catalyst
X-Content-Security-Policy-Report-Only
X-AISO-Cacheable
X-AISO-Cache
SB-Cache-Remaining
SB-Site-Device
Server-ID
Session-Id
X-Site-Name
X-Serendipity-InterfaceLangSource
X-PHP
X-Render-Time
X-Hosting-Env
Server-Id
X-PBY
RouteID
DNNOutputCache
X-Cache-Backend
X-Pardot-LB
X-Pardot-Route
X-S-Misc
X-ACLR-Version
X-Pageid
X-Router
X-Router-Backend
X-Serendipity-InterfaceLang
X-Jcms-Ajax-Id
X-DDM-SERVER-UPDATED
X-Cache-Via
X-PoweredBy
X-DDM-SERVER
X-Fedora-School-Id