Threat Level: green Handler on Duty: Renato Marinho

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Content-Type
Date
Server
Set-Cookie
Connection
Cache-Control
Vary
X-Powered-By
Expires
Content-Length
Last-Modified
Pragma
Link
Accept-Ranges
ETag
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
Strict-Transport-Security
X-Cache
CF-RAY
X-AspNet-Version
P3P
X-Pingback
Age
Content-Language
X-UA-Compatible
Via
Access-Control-Allow-Origin
Expect-CT
X-Adblock-Key
Upgrade
X-Varnish
P3p
X-Cacheable
X-Check
X-Template
X-Language
Content-Security-Policy
X-Generator
X-Buckets
X-Drupal-Cache
X-Request-Id
X-AspNetMvc-Version
X-Type
X-Cache-Group
X-Pass-Why
X-Hacker
X-Ac
Content-Location
X-Powered-By-Plesk
X-Cache-Hits
Alt-Svc
X-Xss-Protection
X-FRAME-OPTIONS
X-Runtime
X-Permitted-Cross-Domain-Policies
Host-Header
X-Download-Options
MS-Author-Via
X-ShopId
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-PodId
X-Dc
X-ShardId
X-Sorting-Hat-ShopId
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-Section
X-Alternate-Cache-Key
X-IPLB-Instance
Cartoon
X-Powered-CMS
X-Served-By
X-UA-Device
Status
Access-Control-Allow-Credentials
Access-Control-Allow-Headers
Access-Control-Allow-Methods
X-Amz-Cf-Id
X-Via
X-Iinfo
X-Cache-Status
X-Request-ID
X-Backend
X-Timer
X-CST
X-DIS-Request-ID
X-Contextid
CF-Cache-Status
X-TEC-API-VERSION
X-TEC-API-ROOT
X-TEC-API-ORIGIN
X-ServedBy
X-Mod-Pagespeed
Powered-By
X-PC-Hit
X-PC-Key
Content-Encoding
X-PC-Host
X-PC-AppVer
X-PC-Date
Keep-Alive
X-Logged-In
X-CDN
X-Host
X-Server
X-Rid
X-Cache-Hit
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Tumblr-User
X-Port
Referrer-Policy
X-Tumblr-Pixel-1
X-Server-Powered-By
X-Cache-Enabled
X-Robots-Tag
WPE-Backend
X-Tumblr-Pixel-2
X-Wix-Server-Artifact-Id
X-Endurance-Cache-Level
X-Seen-By
X-Wix-Request-Id
X-Wix-Renderer-Server
X-Nginx-Cache-Status
X-Accel-Version
X-Page-Speed
X-Turbo-Charged-By
X-Wix-PunisherID
X-Pad
WP-Super-Cache
X-Drupal-Dynamic-Cache
X-Forwarded-For
X-Content-Powered-By
Content-Security-Policy-Report-Only
X-Varnish-Cache
X-Forwarded-Proto
X-Content-Digest
X-Tumblr-Pixel-3
X-AH-Environment
X-Rack-Cache
Surrogate-Key-Raw
X-Styx-Req-Id
X-Pantheon-Styx-Hostname
X-Proxy-Cache
SPRequestGuid
X-SharePointHealthScore
X-Cnection
X-GitHub-Request-Id
X-Request-Country
MicrosoftSharePointTeamServices
X-MS-InvokeApp
X-XRDS-Location
X-Original-Date
X-LiteSpeed-Cache
X-Cache-Lookup
Edge-Control
X-Died
Timing-Allow-Origin
Cf-Railgun
X-Webserver
MicrosoftOfficeWebServer
X-FullPageCaching
Request-Id
X-Amz-Id-2
X-Amz-Request-Id
X-Safe-Firewall
X-PhApp
Charset
X-FW-Hash
X-FW-Static
X-Content-Security-Policy
X-FW-Type
X-FW-Serve
X-INKT-SITE
X-INKT-URI
Edge-Cache-Tag
SPIisLatency
SPRequestDuration
X-Node
X-HS-Cache-Config
X-HS-Content-Id
X-Hits
X-WPE-Loopback-Upstream-Addr
Composed-By
Access-Control-Max-Age
X-SERVER
X-CF-Powered-By
X-Tumblr-Pixel-4
Grace
Liferay-Portal
X-Swift-SaveTime
X-Swift-CacheTime
Served-By
EagleId
Request-Context
X-BC-Stapler
Access-Control-Expose-Headers
X-Newrelic-App-Data
X-Hyper-Cache
X-CDN-Pop
X-CDN-Pop-IP
X-Spip-Cache
Fastly-Debug-Digest
X-Server-Name
Content-MD5
X-Firenze-Processing-Times
X-Device
X-PHP-Backend
X-Backend-Server
Rating
X-VWS-Id
X-LJ-Flow-ID
X-AWS-Id
X-Dw-Request-Base-Id
X-Fastly-Request-ID
X-Microcache
X-VCache
Content-Style-Type
X-RateLimit-Remaining
Content-Script-Type
X-ServerName
X-Tumblr-Content-Rating
X-RateLimit-Limit
X-Cloud-Trace-Context
X-User-Agent
Real-Hostname
X-Loop
X-TNCMS
X-FB-Debug
X-RateLimit-Reset
X-Clacks-Overhead
Public-Key-Pins
X-Jimdo-Wid
X-Jimdo-Instance
X-Cache-Config
X-XN-XNHTML
X-XN-Trace-Token
Front-End-Https
Refresh
Surrogate-Control
X-Age
X-DDC-Arch-Trace
X-Acc-Exp
Xkey
Fpc-Cache-Id
PageSpeed
X-Px
X-Hostname
X-N-OperationId
X-StackifyID
X-Generated-By
X-DNS-Prefetch-Control
X-Cached
Response
Display
X-Middleton-Display
X-Middleton-Response
X-Tumblr-Pixel-5
X-Sol
X-SS-Conf
X-Topify-Platform
X-SS-Location
X-LiteSpeed-Cache-Control
X-WebKit-CSP
X-MiniProfiler-Ids
X-Zen-Fury
TCN
X-Trace
X-Cached-By
X-Request-Time
X-DynaTrace-JS-Agent
X-Whom
Surrogate-Key
X-Content-Options
X-ApacheServer
X-PERF
Rt-Fastcgi-Cache
X-CMS-Version
X-Url
X-DynaTrace
X-URL
X-Pantheon-Site
X-Pantheon-Environment
X-Pantheon-Phpreq
X-Microcachable
X-Outils-CS
Product
Edge-Control-Message
X-Amz-Version-Id
X-Kinsta-Cache
Imagetoolbar
X-AspNetWebPages-Version
X-Handled-By
X-HS-Combine-CSS
Host
Access-Control-Request-Method
X-LBLID
Dmn
Alternate-Protocol
X-OneAgent-JS-Injection
DynaTrace
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Varnish-TTL
X-Correlation-Id
X-Umbraco-Version
X-Magento-Tags
X-Engine
X-From
ServedBy
X-Fastcgi-Cache
X-Ruxit-JS-Agent
P-LB
P-WS
X-NWS-LOG-UUID
X-Cache-Rule
X-HOST
X-Tumblr-Pixel-6
X-Varnish-Cache-Hits
X-Recruiting
Powered
X-Goog-Hash
Fhost
X-Location-Id
Generator
X-Edge-Location
X-CacheServer
X-FORWARDED-FOR
X-Msg-2-Log
X-RESOURCE
X-Actual-URL
X-Micro-Cache
X-Track
X-B-Cache
X-URLSCHEME
X-Hosted-By
X-Original-Request
X-Passed-To-DLL
X-Returned-From
X-Passed-To
X-Returned-From-DLL
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processed-At
X-Vtex-Processado-Em
X-Vtex-Remote-Cache
X-Matrix-Proxy
X-Varnish-Beresp-Grace
X-Returned-From-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Varnish-Beresp-Ttl
X-Powered-By-VTEX-Janus-ApiCache
X-Varnish-Beresp-Status
X-Returned-From-BeforeDispatch
No
X-Matrix-Server
X-Passed-To-PostProcessResponse
WZWS-RAY
X-Powered-By-360WZB
Fastcgi-Cache
X-Varnish-Host
X-Tec-Api-Version
X-Tec-Api-Root
X-Tec-Api-Origin
Public-Key-Pins-Report-Only
X-Art-Request-Id
Arr-Disable-Session-Affinity
X-Stale
Akamai-IP
X-Accel-Expires
X-UD-Method
X-Powered-By-VTEX-Janus-Edge
X-Developer
X-Cache-Age
X-Application-Context
Origin
X-Instart-Request-ID
X-Cache-TTL
X-Duration
X-Upstream
X-App-Hosting
X-Version
X-Content-Security-Policy-Report-Only
X-Source
X-NetCat-Version
X-Debug-Info
X-Rocket-Nginx-Bypass
X-Platform-Router
X-Platform-Processor
X-BS
X-I-Sp
X-Internal-ReqID
X-Server-ID
X-Platform-Cluster
X-LB
X-TransIP-Balancer
X-Platform
X-Device-Type
X-S
Content-Hash
Powered-By-ChinaCache
X-Servedby
X-VARNISH-Cache
X-Response-Time
X-Varnish-Count
X-Expires-Orig
X-Varnish-HitMiss
X-Storage
X-Daa-Tunnel
MIME-Version
X-Defender
X-Shop-Id
X-ATG-Version
X-Cache-Info
X-HS-Content-Campaign-Id
X-Gamma-Serve
HTTPS
Last-Published
X-Translation
X-Microcache-Status
USPLoggingUUID
X-LW-Cache
X-Cache-Debug
X-EdgeConnect-Origin-MEX-Latency
X-TransIP-Backend
X-Varnish-Cacheable
Pool
X-I
X-Powered-By-VelaWeb
X-Cache-Operation
X-Signature
Node
Ohc-File-Size
Content-Disposition
X-Content-Encoded-By
Version
X-NoCache
X-EdgeConnect-MidMile-RTT
X-Supported-By
X-Page-Cache
X-Platform-Server
IBM-Web2-Location
X-Front
X-Firenze-Processing-Time
X-Origin
X-Director
X-Client-IP
Cache-Key
X-Cache-Key
X-SV-FromDBCache
X-Revision
X-SV-Nginx-Duration
X-SV-Pid
X-SV-Edge
X-TTL
X-SV-Duration
X-Cache-Tags
X-SV-CreatedAt
X-SV-Expires
X-SV-Cacheable
X-Dispatcher
X-SV-CacheTags
X-Varnish-Age
X-Hypernode
X-AOL-HN
X-UPSTREAM
Cache-Provider
X-Flow-Powered
X-Server-Upstream
X-SSL-Cipher
X-Cache-Control-Orig
X-VTEX-Cache-Status-Janus-Edge
X-Vcap-Request-Id
X-Magento-Cache-Debug
ServerName
Cneonction
X-Debug
Lsrequestid
X-Route-Server
X-CJ-Soft
X-F-Cache
X-SSL-Protocol
X-Varnish-GracePeriod
X-Varnish-RemainingTTL
X-Varnish-Seen-By
X-Varnish-ObjectSource
X-Varnish-RemainingLife
X-Platform-Cache
X-Lambda-Id
SSPAppContext
SN
ServerID
Srv
X-Abgroup
X-Akamai-Device-Characteristics
X-PwB-Node
X-ARC
Allow
X-Grace
X-Dispatch
X-Cache-Lifetime
Content-Encoding-Handler
IM-Version
X-Varnish-Backend
X-Cache-Only-Varnish
X-Cache-Expires
Accept-Encoding
X-Geo-Country
X-GeoIP-Country-Code
X-Edge-IP
X-LB-Node
X-Cookie-Domain
Backend
Proxy-Connection
FAI-W-FLOW
X-Abuse
PICS-Label
X-Country-Code
X-Last-Modified
Location
Edge-Content-Tag
Req-Id
NnCoection
Section-Io-Id
X-Varnish-Ttl
X-Content-Age
X-Akamai-Device-Model
Fw-Via
X-Akamai-Transformed
X-Dns-Prefetch-Control
X-ORACLE-DMS-ECID
X-SDS
X-Browser
X-Goog-Storage-Class
X-Goog-Stored-Content-Encoding
Tracecode
X-Sapient
X-Goog-Metageneration
X-Goog-Generation
X-Sucuri-ID
Pv
X-ServerID
X-Goog-Stored-Content-Length
X-GUploader-UploadID
X-Via-JSL
Wsr-Cache
X-Cache-Server
X-RequestId
RTSS
X-JAVAX-PORTLET-FACES-NAMESPACED-RESPONSE
X-Nbs
X-Generated
X-Loopia-Node
X-Url-Base
X-Sucuri-Cache
Page-Completion-Status
X-Drupal-Cache-Tags
X-Yadis-Location
X-Speed-Cache
X-Worker
X-Speed-Cache-Key
X-Id
X-Amz-Meta-S3cmd-Attrs
X-Hiawatha-Cache
X-Time
X-Proxy
X-BKSrc
X-Xrds-Location
X-N
X-GeoIP-Country-Name
X-Rnd
X-NewRelic-App-Data
Qs-Cache
X-IsCacheURL
X-Cache-Engine
Xc-Version
Accept-Charset
X-Nginx-Cache
Author
X-Processing-Time
X-Cf-Powered-By
X-Varnish-Url
X-BackendServer
X-FW
HAVer
HCVer
X-CDN-Forward
X-SRCache-Key
X-CDN-Node
X-Correlation-ID
X-ID
Cache
X-Orig-Vary
X-CDN-Cache-Status
S-Cnection
X-SE-Debug
X-Shield-Request-Id
S
A-Powered-By
Content-Transfer-Encoding
X-PF-Uncompressing
X-Empowered-By
WWW-Authenticate
SRV
If-Modified-Since
Cm-Server
X-Cache-CFC
X-Discourse-Route
X-Server-Id
X-Frontend
X-Purge-URL
Nodo
X-Processed-By
X-Cache-Level
Server-Info
MJ12bot
SEOMOZ
NetMindSessionID
X-NB-Cached-Page
X-Cache-Type
X-Middleware-Start
Eomportal-Instance
AMF-Ver
X-Environment
X-Varnish-ID
X-Magento-Cache-Control
X-DataDome
X-Vhost
X-Cache-Control
X-Amz-Storage-Class
X-Ttl
X-Pressidium-NinukisWP-Ver
Local-Info
X-Magnolia-Registration
Cached
X-Yottaa-Optimizations
X-Framework
X-Yottaa-Metrics
X-Always-Cache
Cache-Tag
Magicmarker
X-Cache-Handler
X-Pagename
X-Varnish-IP
X-SO
Thanks
X-Purge-Host
SVR
X-HP-Trace-ID
X-HP-Trace-Project
Use-Proxy
X-Directory-Script
X-Config-Blacklist-Version
X-Hit-Cache
X-App-Server
X-Dw-Trace-Id
X-ClientSide-Caching
X-DealerOn
X-ACMCache
X-ServerIndex
X-Srv
X-Varnish-Hits
X-Healthy
X-Amz-Meta-Cb-Modifiedtime
X-Cache-Doesi
X-Mobilized-By
X-Powered-By-Server
X-Webkit-CSP
Frame-Options
MC
X-VARITI-CCR
X-Litespeed-Cache-Control
X-Real-Server
Warning
X-Traffic
X-High-Performance
X-Varnish-Server
X-Route-To
X-CF-Passed-Proto
AddOutputFilterByType
X-Varnish-Retries
Access-Control-Allow-Header
X-Cache-Fix
X-Cache-PageType
NODE
X-IIJ-Cache
W
X-HW
Disablevcache
X-Env
X-Nginx-Host
X-LB-Server
Retry-After
X-Atraveo-Param-Rm
X-Atraveo-From-Varnish-Cache
X-Atraveo-Expires
X-EPiphany-Vid
X-CDN-RULE
X-Client-Vid
X-Atraveo-Set-Cookie
X-ASAP-Cache
X-Atraveo-Cache-Control
X-Atraveo-ETag
X-PRAM
X-Avg-Cookie-Expires
NtCoent-Length
X-AVG-Country-Code
X-Akamai-Edgescape
X-Cache-Source
Identity
X-Cache-Device-Type
X-CDN-COMPRESS
X-Redman-Backend
Cmsid
X-Force
X-Atraveo-Zone
X-Atraveo-Varnish-Server-Id
X-Client-Image-Vid
Cmstype
X-Redman-Final-Url
X-FireWall-Port
IISExport
X-Atraveo-TTL
X-Source-ID
Nitro-Cache
Front
X-AF-Userserver
X-Clara-ASAP
X-Cache-Provider
Server-Name
X-WR-Flags
X-VC-TTL
X-WN-ClientGroup
X-Provisioner-Version
CacheControlHeader
CLMOB
Machine
X-Key
Beyond-Iis
WN
X-GeoIP
X-Remote-Addr
X-App-Status
X-Domain-Checked
X-ORACLE-DMS-RID
X-Drupal-Cache-Contexts
Backend-Timing
X-Runtime-Memory
X-Cache-Node
X-Symfony-Cache
X-NODE
X-Analytics
BALANCEDTO
X-JG-Page-Cache
X-CB-Server
X-Drectory-Script
Cteonnt-Length
Smug-CDN
X-HOSTNAME
X-Balanceador
EagleEye-TraceId
X-SmugMug-Values
X-SmugMug-Hiring
X-WHOIS-Cached
X-Connection-Hash
X-Twitter-Response-Tags
X-Server-IP
X-Transaction
X-Sys-Req-ID
X-Cluster-Node
Bios
X-Cocoon-Version
X-LP
X-Adobe-Loc
X-Adobe-Content
X-Stage
X-ACCELERATE
X-TTFB-L
X-TTFB
X-Location
X-HTML-Minification-Powered-By
Pics-Label
X-Debug-Token
X-Mobile-URL
X-WR-MODIFICATION
Web-App-Origin-Name
X-Batcache-Reason
X-UA
X-Batcache
Yoncu-Errno
MW-Webserver
Content_type
X-EC2-Instance-Id
X-Runtime-Rack
X-Session-Reinit
X-AutoRu-App-Id
X-Webcelerate
X-Autoru-Host
X-Autoru-LB
X-Ezoic-Cdn
HitType
Ctx
Proxy-Agent
COMMERCE-SERVER-SOFTWARE
From
X-Req-Head-Response
Keywords
X-Map-Context
X-ARRServer
X-Unbounce-Variant
X-Unbounce-VisitorID
X-Origin-404Back
X-Unbounce-PageId
Dispatcher
X-Server-Instance
X-HP-Redirect
Id
X-Cache-Dispatchercachecontrol
X-Cache-Dispatcherpragma
X-B2f-Not-Route
X-DTC
X-WP
SBGI-RenderTime
SBGI-RealPath
DNNOutputCache
X-Origin-404URL
X-VC-Enabled
Max-Age
X-Varnish-Hostname
X-CAPServer
X-Content-Type-Option
X-TB-M
X-App
SBGI-5
X-This-Proto
X-Distil-CS
X-Served-Server
X-Varnish-Cache-Local
Home
X-RiS-UFDI
X-Rack-Cors
X-DB-Content-Length
Ufe-Result
X-NginX-Server
SBGI-9
SBGI-Device
X-Adnet
X-Culture
SBGI-10
X-Disney-Akamai-Rule
SBGI-1
X-A
SBGI-7
Description
Fastly-Backend-Name
X-NginX-Cache
X-Esi
Strikingly-Cached-Version
Access-Control-Allow-Method
X-HydroSheep
Nginx-Cache
NLCacheNote
X-Render-Time
From-Origin
X-Gyrobase-Publication
X-RealServer
SHInfo
X-Goog-Meta-Replace
Strikingly-Cache-Region
X-Session-ID
Strikingly-Cached
X-Page
X-Goog-Meta-Policy
WP-AdvCache-MemCached
X-Middleton-PageSpeed
X-Resolver-IP
X-MSEdge-Ref
X-Wikidot-Static-Cache
ScoreTracker
RN-Server
X-Machine
ServerTokens
ServerSignature
X-Depends
X-Frame-Option
OriginServer
X-Plat
XDomainRequestAllowed
X-Cache-Detail
X-Aramark-SID
X-Apm-Telemetry-Syncmark
Dis-Env
Cache-Tags
X-Rocket-Nginx-Serving-Static
X-Wikidot-Backend
X-E
X-Garden-Version
X-ACLR-Version
X-PM-ID
X-Backend-Status
Myheader
X-Amz-Meta-Content-Md5
X-Smartcache-Keys
X-Blog
X-Nginx
X-SERVER-NAME
X-Jphone-Copyright
X-We-Are-Hiring
X-Smartcache-Timeout
X-OpenCart-Lightning
X-Info
X-Cache-TTL-Remaining
X-DSMX-Render-MS
X-SDE-Name
X-Hosting-Env
AC-ELC
X-Artvisual-Server
X-DSMX-Rewrite-MS
X-Generated-Time
Edgecast
X-DN-Cache-Control
X-Fedora-School-Id
X-ReqId
X-Ser
X-Trace-Id
X-Rq
X-OPNET-Transaction-Trace
X-AEM
X-Unique-ID
X-Resty-Request-Id
X-LW-Web-Server
AsisCache
Swift-Performance
X-Search-Id
Noq
Buuteeq-Source
X-Origin-Cache
X-Cache-Id
X-Hrouter
X-Hstore
Ttl
X-HITS
Url
Ram
X-KoobooCMS-Version
X-Grid-Server
X-SCM-Server-Number
Hosted-By
Il-Cl
X-Svr
WebServer
X-EMAC-Request-ID
Accept-Language
X-Replay-Request-ID
Proxy-Cache
X-Obj.Ttl
AccessControlAllowOrigin
Content-Server
X-Rebelmouse-Surrogate-Control
Sophnep-Edge-FX
X-Cache-On
X-CRA-DC
X-Rebelmouse-Cache-Control
X-MidCOM-Meta-Cache
X-Actindo-Rs
X-Actindo-Thread-Id
X-Machine-Name
X-MAT-GEO
X-RDP
X-Response
TC-Cache-IC
TC-Cache
TC-Cache-U
TC-S-Cache
TC-S-Cache-M
X-SmartBan-URL
X-SmartBan-Host
X-Airee-Node
X-Highwire-RequestId
X-Highwire-SessionId
X-Proto
X-Actindo-Request-Id
X-Actindo-Error-1
X-HashTwo
X-Data-Request
X-Amz-Id-1
X-WPL-DATA
SB-Cache-Life
ViewMode
Set-Cookie2
X-Frames-Options
X-HA-Backend
X-HA-Frontend
X-Router
SB-Cache-Remaining
SB-Site-Device
X-Cached-Status
Cluster-ID
Hname
SG
Paypal-Debug-Id
Access-Control-Request-Headers
X-Ghost-Cache-Status
X-GSL-Server
X-Rewrite
X-Sc-Cache
X-Cache-Time
SB-Site-IE-VERSION
X-Avvio-Cms-Cacheload
X-AMAZEEIO
DrivedBy
VANITY-HOST
X-Cache-Via
X-Captured
X-Proxy-Cache-Key
X-ProcessESI
X-Origin-Server
Xc
X-CACHE-TTL
X-CacheResult
X-VarnMisc-Url
X-VarnMisc-UrlChanged
X-VarnState-NoCache
X-Cache-Keep
PServer
X-PBY
X-Upstream-Status
Ews
X-RemovedCookies
X-Real-IP
X-Upstream-Backend
X-Unique-Id
X-IP
X-Distributor
X-Turpentine-Esi
X-Rack-CORS
MS-CV
X-Goog-Meta-Goog-Reserved-File-Mtime
VServer
X-Header
Provider
X-HostName
Web
Og
X-Detected-Device
X-Oracle-DMS-ECID
SBMCLOUD
X-CSRF-Token
Worker
X-Cms-Mode
X-Nginx-Request-Processing-Time
X-Dev
X-Cluster
Gzip
X-Desc
FastCGI-Cache-Status
X-Hosting
X-ENV
CommunityServer
AMP-Access-Control-Allow-Source-Origin
X-LBPoolMember
X-Secret
Service-Worker-Allowed
Server-ID
N365rili
Ibf5scheme
F5-IpCliente
X-HAProxy
Response-Time
Tempo
X-Webstats-RespID
Server-Tuning
X-CacheID
Actual-Object-TTL
X-OCTOPOD
X-Title
X-M
X-MCB-Server
Hamster
X-Your-GrandPa-Would-Wait
X-Beatles
Traffic-Origin
X-SilverStripe-Cache
NS-VaryByCustom-Key
Serverid
X-Forwarded-Host
X-Layout
X-4ormat-Cacheable
Aurora-Node
X-Webkit-CSP-Report-Only
X-TTL-Age
X-Session-Id
X-Pixelsilk-Version
X-Pass-Through
X-Route
X-NodeID
X-Highwire-Smart-Code
X-Ezpublish-Installationid
X-Ezpublish-Nodeid
X-Would-Your-GrandPa-Wait
X-Highwire-Sitecode
X-Flex-Tags
X-Flex-Tag
X-Rewritten-By
X-XHR-Current-Location
X-Server-Generated
X-Viator-Tapersistentcookie
X-WA-Info
X-Flex-Community
X-Flex-Lastmod
X-Flex-Lang
X-Flex-Evstart
X-Flex-Evend
Session-From
X-Pixelsilk-Server
X-Cache-Set
X-Beatles-Hits
ClientIP
Ozcache
X-Zendesk-Origin-Server
X-Header-Treatment
X-Does-He-Have-Time
X-CCM
X-Pagely-Cache
User-Agent
ServerIP
X-FRUIT
X-ManagedFusion-Rewriter-Version
X-Checkout
X-Zendesk-User-Id
PagesDisplayed
X-Config-By
X-Ss-Conf
X-RAMCache
Device
X-SH-Cache-Status
X-ChromeLogger-Data
X-Reflector
X-Reflector-Cache
SiteSpeed
X-Site
X-REDIRECTSERVER
X-Ss-Location
X-Varnish-Ip
X-App-Runtime
BackendServer
X-Pj-Cache-Status
X-CACHE-KEY
X-Cache-BE
X-Bcwwwid
X-Varnish-Action
RSB-LINK
X-W3TC-Minify
X-Container
X-Cdn-Forward
NZSpeedy
X-Cache-Warmer
X-Resource
X-Serv
Server-Ip
RATING
X-Lb
TP-L2-Cache
X-Cache-HT
X-Varnish-URL
X-Optimization
X-Runtime-Affili
SERVER-ID
TP-Cache
X-Agent
X-Application
DbServerName
X-AppServer-Cache-Rule
X-Box
FindLaw
X-Amz-Meta-S3b-Last-Modified
Rewriter
Server-Id
UrlWatchModule-Time
Webserver
X-Cache-Extended
X-ImpID
X-Upgrade-Enabled
X-Proxy-Id
Arrnode
X-Uncacheable
X-Bip
X-Sites
X-DeliveryServer
Content-Cache
X-Dynamic
X-Brought-To-You-By
X-VLoc
X-Forwarded-By
X-DS1D
X-ASAP-Age
X-HS-Status
X-Restarts
X-Status
X-Src-Webcache
X-AG-MIPS
MwpReleaseVersion
X-Server-Addr
X-Old-Content-Length
X-Varnish-Debug-Age
CD4
AGI-Request-ID
X-Varnish-Debug-TTL
X-SV
X-Built-By
X-NID
X-Backend-Host
X-Server-Instance-Name
X-Test
X-Dynamic-Cache
X-GoCache-CacheStatus
X-Phpwcms-Page-Processed-In
X-Backend-Name
Accept-CH
X-UUID
X-Cjtype
X-Time-Microsecs
V-Age
X-Phpwcms-Release
X-Meta-MSThemeCompatible
X-Meta-MSSmartTagsPreventParsing
X-ServerAddr
X-Server-FQDN
X-Script
X-Streams-Distribution
X-Time-Zone
X-Varnish-Cached
X-UPServer
X-Node-ID
X-MCF-ID
X-Built-With
D
X-Cache-Varnish
X-Country
X-ELB
X-CPU-Time
X-Varnish-Cached-TTL
X-Varnish-Instance
X-Cache-TTL-Current
X-Cache-TTL-Age
X-Fstrz
X-Gannett-Site-Version
X-Meta-Imagetoolbar
X-Instance-Name
Resin-Trace
StatusCode
Debug-Status
X-FIRSTBase
Hostname
Httpd-Identifier
MSThemeCompatible
MSSmartTagsPreventParsing
Cache-Status
X-Sid
MageStack-Web-Node
MageStack-Tag
Str-Bsite
Str-Ip
X-Amcomm-Site
X-Accel-Cache-Control
MageStack-PageSpeed
MageStack-Magento-Version
MageStack-Cacheable
MageStack-Cache-Status
MageStack-Config
MageStack-Debug
MageStack-Loadbalancer
X-App-Version
AR-ATIME
Note
Fw-Cache-Status
Provided-Host
Referer
X-ETag
RequestId
X-RequesterIP
Y-Trace
X-JSESSIONID
X-Compressed-By
X-Srcache-Store-Status
X-V
X-Pubstack
MageStack-Cache-Lifetime
MageStack-Cache-Hits
X-HA
X-Deity
Fastly-Restarts
X-Lima-Id
X-Powered-By-Home.Pl
X-AppVersion
X-Debug-Message
X-Cname-TryFiles
Uuri
X-APP
X-Author
Quri
X-Cache-LB
X-Processed
X-SCProxy
Brightspot-Id
X-VNode
Lb
X-ZSITES-DNS
MageStack-Cache
MageStack-Area
CDCHOST
X-Theme
AR-PoweredBy
AR-SID
AR-CACHE
X-Served
X-Tag-Playlist
X-Cacheable-TTL
X-Test-Debug
X-PROCESSED-BY
X-UseReverse-Proxy
X-Nginx-Request-Time
X-Webapp
X-Serendipity-InterfaceLangSource
X-Serendipity-InterfaceLang
X-Pageid
X-Not-Cacheable
X-Max-Age
X-Router-Backend
XDisk
X-Who
X-LOCATION
X-DevSrv-CMS
X-HP-CAM-COLOR
SS
X-MainProfileCategory
X-MainProfileID
X-MainProfileURL
X-MainProfileName
Session-Id
X-Magento-Action
X-FPC
X-XHTML-Minification-Powered-By
X-FreeTag-Count
X-VC-Debug
INFO
NCache
DB-Nickname
X-WebNode
X-Fastly-Backend-Reqs
X-IP-Address
X-Srcache-Fetch-Status
X-L-Path
X-Environment-Context
X-CH-Device
X-DEBUG
X-Beresp-Ttl
ProxiaInstanceId
X-COUNTRY-CODE
X-Czt
X-WebKit-CSP-Report-Only
X-Memcached
Copyright
X-Amz-Meta-Version-Id
X-Server-Ident
X-DynamicCache
X-IsCached
AliCDN-Forbidden-Reason
X-Mobile-Rewrite
X-UT-Cache
X-Via-NSCOPI
X-Tt-Dbg
X-AISO-Cacheable
Ez
X-7d-Instance-Id
X-Cache-Action
X-7d-Trace-Id
X-Obvious-Tid
X-Obvious-Info
Tk
VC-NoCache
Vserver
No-Cache
X-BeResp-Ttl
Tst
X-Site-Name
X-Client-Ip
Yola-ID
X-Transaction-Name
CacheControlMode
X-AISO-Server
X-AISO-Cache
Section-Io-Cache
VAR-Cache
LB
X-Config-Version
Memento-Datetime
BM-Cache-Status
BM-Cache-Node
OutputRewritten
Realaction
Www.Aujourdhui.Com
ServerNode
BM-Cache-Key
Actioncode
X-Request-Processing-Time
X-Protected-By
X-Request-Received
X-Server-App
X-TempoPesquisa
X-Allow-Redis
X-Ar-Debug
CpuTime
X-Varnish-Store
TestCC
X-Custom-Header
X-Prerendered
X-Je-Conversation
X-Varnish-Set-Cookie
X-Varnish-Esi-Method
X-Purge-Level
X-Cache-Served
X-Turpentine-Cache
X-Varnish-Currency
X-Varnish-Esi-Access
X-PoweredBy
X-Custom-Name
X-Wm-VIP
X-Wm-1
Expiries
X-LB-Backend
MachineName
X-LB-Frontend
X-Node-Name
X-Hit
X-ServiceProvider
X-Farm-Server
Apple-Itunes-App
Cookie
Kp-EeAlive
Tesla.Performance
Powered-By-VeryCDN
X-WHO
X-Cache-Date
X-Ants-Host
X-Ants-Machine-Id
X-BC
X-AWS
X-Archive-Orig-Server
X-Archive-Orig-Etag
X-Archive-Guessed-Charset
TTL
X-Archive-Orig-Connection
X-Archive-Orig-Content-Length
X-Archive-Orig-Date
Progma
X-ACache
Load-Balancer
Kanooh-Host
AMFplus-Ver
X-B3-Spanid
X-B3-Traceid
IES-Server
RSL-Trace-ID
X-Front-Cache
X-MSU-SOURCE
X-Service-Id
X-SuperCache
WFE
X-Vary-Options
X-NewCloud-V-Cache
Cleartype
IsMobile
X-Varnish-Mode
X-Varnish-Auto-Cache-Miss
Type
ResourceTag
Public-Extension
X-Cache-Me-Harder
X-Fpc
X-Backend-TTL
X-Sn-Servicetimems
Dynatrace
X-DDM-SERVER-UPDATED
X-DDM-SERVER
X-Instance-Id
X-NewsFlow-Sitename
X-Faeria
X-Geo-IP
X-Catalyst
X-PBS-Appsvrip
X-PBS-Appsvrname
X-9XB-Server
X-Wily-Info
X-SRV
X-POPSUGAR-Server-Name
X-PBS-Fwsrvname
X-Cache-FS-Status
ReqUrl
SINA-TS
SINA-LB
X-Obj-Ttl
X-Instart-Cache-Id
X-Clx-Request
X-RiS-PX
X-Tradeindia-Request-GUID
FrontEnd
X-Skip-Cache
X-Vid
X-Tradeindia-SMgmt
X-Cache-V
X-Dynatrace
X-ESI
X-ClusterID
X-Serverid
Be
EQ-Cache
WSR-Cache
WSCLoggingUUID
X-BPool-Fx-Cache
X-BPool-Bx-Cache
X-BServer
X-Static
X-Varnish-Cache-Ttl
EREV-Ver
HostName
Phoenix-Cache
Phoenix-A
Phoenix-Cache-V
Phoenix-Mark
Phoenix-Proxy-Cache
PB-RID
PB-PID
X-Cache-ID
X-HEAD
X-UPSTREAM-Address
Generate-Time
X-BPool-Back
X-BPool
X-Enhanced-By
Upgrade-Insecure-Requests
X-FG-RequestId
Microcache
X-Mobile-Device
Page-Template
Container
X-Made-On
X-Dynatrace-Js-Agent
X-Imforza-Hosted
X-Nginx-Page-Cache
X-Csrf-Token
X-Mobile-Device-Type
GranicusServer
X-Ssl-Cipher
X-BIT-Node
!~Request-OOB-Work
Language
TheAnswer
X-Wily-Servlet
Https
CDN-Cache
CDN-Cache-Hit
CDN-Node
DeleGate-Ver
Proxy1