Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Date
Content-Type
Server
Set-Cookie
Connection
Cache-Control
Vary
X-Powered-By
Expires
Content-Length
Link
Last-Modified
Pragma
Accept-Ranges
ETag
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
Strict-Transport-Security
CF-RAY
Age
X-Cache
P3P
Expect-CT
Content-Language
X-AspNet-Version
X-Pingback
Via
X-UA-Compatible
Upgrade
Access-Control-Allow-Origin
Content-Security-Policy
X-Cacheable
X-Varnish
Referrer-Policy
X-Adblock-Key
X-Request-Id
X-Check
X-Generator
X-Xss-Protection
X-Language
X-Template
X-Type
WPE-Backend
X-Buckets
X-Cache-Group
X-Pass-Why
X-Drupal-Cache
Alt-Svc
X-Permitted-Cross-Domain-Policies
X-Download-Options
X-Wix-Server-Artifact-Id
X-Accel-Buffering
X-Ac
X-Hacker
X-Cache-Hits
Host-Header
X-AspNetMvc-Version
X-ShopId
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-PodId
X-Sorting-Hat-FeatureSet
X-Sorting-Hat-PrivacyLevel
X-ShardId
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-Section
X-Dc
X-Sorting-Hat-ShopId
X-Alternate-Cache-Key
X-Via
X-Powered-By-Plesk
X-Served-By
X-Runtime
X-Contextid
X-PC-Key
X-PC-Hit
X-PC-AppVer
X-ServedBy
X-UA-Device
X-Amz-Cf-Id
MS-Author-Via
X-PC-Host
X-PC-Date
Content-Location
Access-Control-Allow-Headers
X-IPLB-Instance
Access-Control-Allow-Methods
X-Powered-CMS
X-Timer
X-TEC-API-VERSION
X-TEC-API-ROOT
X-TEC-API-ORIGIN
X-Ua-Compatible
Status
X-Rid
X-Seen-By
X-Wix-Request-Id
X-Tumblr-Pixel
X-Tumblr-User
X-Tumblr-Pixel-0
CF-Cache-Status
X-Tumblr-Pixel-1
X-FRAME-OPTIONS
Cartoon
X-Iinfo
Access-Control-Allow-Credentials
X-Tumblr-Pixel-2
X-Backend
X-Shopify-Stage
X-Cache-Status
X-CST
X-Host
X-WPE-Loopback-Upstream-Addr
Content-Encoding
Powered-By
X-Endurance-Cache-Level
X-Mod-Pagespeed
X-Cache-Hit
X-Cache-Enabled
X-Port
X-CDN
X-Request-ID
X-Tumblr-Pixel-3
X-Logged-In
X-Server-Powered-By
X-Drupal-Dynamic-Cache
Keep-Alive
X-DIS-Request-ID
X-Server
X-Nginx-Cache-Status
X-Robots-Tag
X-Accel-Version
X-Proxy-Cache
X-Turbo-Charged-By
X-Styx-Req-Id
X-Pantheon-Styx-Hostname
X-LiteSpeed-Cache
X-Page-Speed
P3p
X-Content-Powered-By
X-Content-Digest
Content-Security-Policy-Report-Only
X-AH-Environment
Request-Context
X-Rack-Cache
X-GitHub-Request-Id
X-FW-Hash
X-FW-Server
X-Tumblr-Pixel-4
X-FW-Static
X-FW-Serve
X-FW-Type
X-Pad
X-Varnish-Cache
X-Hits
X-Webcom-Cache-Status
Access-Control-Expose-Headers
X-BC-Stapler
X-XRDS-Location
SPRequestGuid
Edge-Control
X-MS-InvokeApp
X-Newrelic-App-Data
X-SharePointHealthScore
X-Trace
X-Node
X-Request-Country
MicrosoftSharePointTeamServices
WP-Super-Cache
Cf-Railgun
Timing-Allow-Origin
Edge-Cache-Tag
X-HS-Cache-Config
X-Amz-Request-Id
X-Amz-Id-2
X-HS-Content-Id
X-CF-Powered-By
Charset
X-Content-Security-Policy
X-PHP-Backend
X-INKT-URI
X-INKT-SITE
X-FullPageCaching
X-Cache-Lookup
Request-Id
X-Fastly-Request-ID
Access-Control-Max-Age
X-Cnection
X-HS-Combine-CSS
SPIisLatency
SPRequestDuration
X-Backend-Server
Allow
X-Edge-Cache
X-Edge-Cache-Key
X-SERVER
Ali-Swift-Global-Savetime
X-Swift-CacheTime
X-Swift-SaveTime
X-Died
EagleId
MicrosoftOfficeWebServer
X-CDN-Pop-IP
Grace
X-CDN-Pop
Composed-By
Rating
Served-By
X-Server-Name
X-Tumblr-Pixel-5
X-SS-Conf
X-SS-Location
X-Safe-Firewall
X-Device
X-NF-Request-ID
Liferay-Portal
X-DDC-Arch-Trace
X-Tumblr-Content-Rating
X-Dw-Request-Base-Id
X-Spip-Cache
X-Do-Not-Hack
X-HeyJason
Permitted-Cross-Domain-Policies
X-VCache
Front-End-Https
X-Hyper-Cache
P-WS
P-LB
X-LiteSpeed-Cache-Control
X-Original-Date
X-OneAgent-JS-Injection
X-RateLimit-Limit
X-RateLimit-Remaining
Surrogate-Control
X-Cloud-Trace-Context
X-Cluster-Node
X-TNCMS
X-Loop
X-RateLimit-Reset
X-Middleton-Display
X-Sol
Display
X-Clacks-Overhead
X-Webserver
X-Kinsta-Cache
X-Firenze-Processing-Times
X-Jimdo-Instance
X-Jimdo-Wid
Response
X-Middleton-Response
X-FB-Debug
X-Acc-Exp
X-Vtex-Processado-Em
X-PhApp
Content-Style-Type
X-Debug-Info
X-StackifyID
Content-Script-Type
Public-Key-Pins
Feature-Policy
X-Age
X-Ruxit-JS-Agent
X-Magento-Tags
X-Tumblr-Pixel-6
X-Servedby
X-XN-XNHTML
X-XN-Trace-Token
Refresh
X-LW-Cache
X-Cached
X-DNS-Prefetch-Control
X-Amz-Version-Id
X-Frame-Option
X-DynaTrace-JS-Agent
X-WebKit-CSP
Fpc-Cache-Id
X-User-Agent
X-Goog-Hash
Xkey
X-N-OperationId
X-Zen-Fury
PageSpeed
X-Cache-Config
X-HOST
X-Px
X-Version
Retry-After
X-Hostname
X-ARC
X-Generated-By
X-Edge-Location
X-Handled-By
X-Topify-Platform
X-Upstream
X-Url
X-Goog-Storage-Class
X-EdgeConnect-Origin-MEX-Latency
X-Goog-Generation
X-Goog-Metageneration
X-Goog-Stored-Content-Encoding
X-Goog-Stored-Content-Length
X-Whom
X-EdgeConnect-MidMile-RTT
Access-Control-Request-Method
X-Source
X-FORWARDED-FOR
WPX
TCN
X-Microcache
X-B-Cache
X-MiniProfiler-Ids
Rt-Fastcgi-Cache
Fastcgi-Cache
Powered
X-Cached-By
X-Dns-Prefetch-Control
X-Magento-Cache-Debug
X-Loopia-Node
X-Accel-Expires
X-Outils-CS
X-RESOURCE
X-URLSCHEME
X-CMS-Version
ServedBy
X-Engine
X-Powered-By-VTEX-Janus-ApiCache
X-VTEX-Cache-Status-Janus-ApiCache
X-VTEX-Janus-Router-Backend-App
X-CacheServer
X-Varnish-HitMiss
X-ET-API-VERSION
X-ET-API-ROOT
No
X-Vtex-Processed-At
X-Vtex-Remote-Cache
X-Varnish-Count
X-ET-API-ORIGIN
Last-Published
X-Platform-Server
X-Request-Time
X-Platform-Cluster
X-Platform-Processor
X-Platform-Router
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Content-Options
X-AspNetWebPages-Version
X-Varnish-Cache-Hits
X-DynaTrace
Fhost
Imagetoolbar
X-NewRelic-App-Data
Product
X-Developer
X-Fastcgi-Cache
X-Varnish-Host
X-Application-Context
Pagespeed
X-From
X-Location-Id
X-S
X-Actual-URL
X-URL
Host
X-Signature
Public-Key-Pins-Report-Only
Warning
X-Passed-To-DLL
X-Shop-Id
X-Defender
X-Returned-From
X-LBLID
X-Passed-To
X-Cache-Info
X-Returned-From-DLL
X-Original-Request
X-PERF
Dmn
X-ApacheServer
X-F-Cache
X-Ezoic-Cdn
X-Varnish-Beresp-Status
X-Cache-Key
X-Acquia-Application-UUID
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
X-Acquia-Application-Trace
X-Returned-From-BeforeDispatch
X-Magento-Cache-Control
X-Returned-From-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Stale
X-Passed-To-PostProcessResponse
Generator
X-Microcachable
Cache-Provider
Cache-Key
X-Gateway-Cache-Key
X-Gateway-Skip-Cache
X-Gateway-Cache-Status
X-NWS-LOG-UUID
Origin
X-Powered-By-360WZB
X-Platform
X-SSLUpstream
X-Forwarded-For
Arr-Disable-Session-Affinity
X-SSLProxy
X-Cache-Rule
X-Hosted-By
X-HS-Content-Campaign-Id
X-Device-Type
X-Response-Time
X-Umbraco-Version
Version
Alternate-Protocol
X-Sapient
X-Environment
Content-Hash
X-Cache-Age
X-Platform-Cache
X-Varnish-TTL
X-Guploader-Uploadid
X-SVR-IIS
X-Svr-Proxy
X-Akam-SW-Version
X-Translation
X-Microcache-Status
X-Msg-2-Log
X-Rnd
X-Via-JSL
X-Cache-Tags
X-Micro-Cache
X-Dispatcher
DynaTrace
Surrogate-Key
X-Server-ID
X-App-Status
X-SO
X-BS
X-I-Sp
X-Track
MIME-Version
X-GUploader-UploadID
SSPAppContext
X-DealerOn
X-Instart-Request-ID
WZWS-RAY
X-Dealeron-Original-Url
X-Dealeron-Backend
X-Cache-Namespace
USPLoggingUUID
X-ORACLE-DMS-ECID
Content-Disposition
X-SSL-Cipher
X-Lambda-Id
S-Cnection
X-Correlation-ID
X-Supported-By
X-Server-Upstream
X-CSRF-Protection
X-Expires-Orig
X-Drupal-Cache-Tags
X-SSL-Protocol
X-Abgroup
X-NetCat-Version
SN
X-Duration
Cache
X-Powered-By-VTEX-Janus-Edge
X-Vcap-Request-Id
X-Client-IP
X-I
X-Gamma-Serve
X-Cache-Control-Orig
X-Director
X-VARITI-CCR
X-Matrix-Proxy
X-Sucuri-ID
X-Matrix-Server
RTSS
X-Powered-By-VelaWeb
X-Cache-TTL
X-Art-Request-Id
X-UD-Method
X-TransIP-Balancer
Node
Wsr-Cache
X-App-Hosting
X-Generated
X-Correlation-Id
X-Debug
FAI-W-FLOW
X-Geo-Country
X-Front
X-Edge-IP
X-Varnish-Seen-By
Content-Encoding-Handler
X-Varnish-RemainingLife
X-Varnish-ObjectSource
X-Sucuri-Cache
X-Varnish-RemainingTTL
X-Cache-Server
X-Varnish-GracePeriod
ServerID
X-Storage
X-Hypernode
X-TransIP-Backend
X-Helper-Autoassign-All
Pool
X-Daa-Tunnel
X-ATG-Version
X-Route-Server
X-Vhost
Src-Update
X-Forwarded-Proto
X-Grace
X-Varnish-Cacheable
X-Url-Base
Powered-By-ChinaCache
Update-Time
X-SV-Duration
X-SV-Edge
X-SV-FromDBCache
X-SV-Cacheable
X-SV-CacheTags
X-SV-CreatedAt
X-ServerName
X-SV-Expires
X-SV-Pid
X-Cache-Lifetime
X-Now-Id
X-SV-Nginx-Duration
Contao-Page-Layout
X-Github-Request-Id
Req-Id
X-Varnish-Url
X-Amz-Meta-S3cmd-Attrs
X-Cache-Debug
X-Locale
X-Env
Edge-Control-Message
X-Esi
X-Rocket-Nginx-Bypass
X-SmugMug-Hiring
Cneonction
X-SmugMug-Values
X-Page-Cache
X-TTFB
X-SRV
X-Rocket-Nginx-Serving-Static
Author
X-Recruiting
Smug-CDN
X-Cache-Handler
X-NoCache
CF-Worker-Script
Akamai-IP
Cache-Tags
X-TTFB-L
Accept-Encoding
X-Varnish-Age
X-Last-Modified
X-CJ-Soft
X-Drupal-Cache-Contexts
Service-Worker-Allowed
X-UPSTREAM
X-LB-Server
X-Revision
X-Content-Encoded-By
X-Cache-Level
X-Firenze-Processing-Time
X-ORACLE-DMS-RID
X-Server-Id
X-Pressidium-NinukisWP-Ver
X-Flow-Powered
X-Trace-Id
Section-Io-Id
X-Country-Code
X-TTL
X-FTR-Request-ID
CF-Worker-Version
X-PwB-Node
X-Cache-Engine
X-Content-Type-Option
X-Discourse-Route
X-Cache-Control
If-Modified-Since
X-N
Strikingly-Cached-Version
Strikingly-Cached
X-IsCacheURL
X-Cache-Type
Strikingly-Cache-Region
Lsrequestid
Server-Name
X-Middleware-Start
X-Ttl
X-Cache-Operation
Content-MD5
X-Akamai-Device-Model
Server-Timing
X-Akamai-Device-Characteristics
X-Unbounce-VisitorID
X-Unbounce-Variant
X-Server-Instance
X-Unbounce-PageId
X-Magnolia-Registration
SiteSpeed
X-TransIP-Reserved
X-GeoIP-Country-Code
X-Speed-Cache-Key
X-NA-CachePolicy
X-Varnish-Backend
X-Speed-Cache
X-SDS
Proxy-Connection
X-Varnish-IP
X-Dispatch
X-Cache-Expires
X-Rq
Srv
X-Time
X-High-Performance
X-FIRSTBase
X-Varnish-Retries
W
Backend
AMF-Ver
X-CF-Passed-Proto
Page-Completion-Status
Use-Proxy
Https
X-NginX-Cache
X-LB
X-Hiawatha-Cache
X-Empowered-By
Custom-Header
MJ12bot
X-Dynamic-Cache
Dtk-Cache-Check-0
X-Fastly-Request-Id
X-GeoIP-Country-Name
PICS-Label
Nodo
X-Cache-Only-Varnish
X-Nginx-Cache
Pv
X-Now-Cache
SEOMOZ
X-CLOUD-TRACE-CONTEXT
S
Accept-Charset
X-Analytics
X-Storage-Cache-Date
X-Service-Id
X-Storage-Cache
X-Cache-Device-Type
X-Storage-Cache-Expires
X-Browser
From-Origin
X-CDN-Forward
X-Symfony-Cache
FindLaw
IBM-Web2-Location
X-BKSrc
NnCoection
X-FW
X-PF-Uncompressing
X-Connection-Hash
X-Key
X-Litespeed-Cache-Control
X-Amz-Rid
X-TB-M
X-SRCache-Key
Qs-Cache
X-Twitter-Response-Tags
Location
X-Transaction
X-CacheFROM
X-Frontend
X-Processing-Time
Xc-Version
MC
Local-Info
Backend-Timing
X-Content-Age
X-Real-Server
X-Config-Blacklist-Version
X-Wikidot-Backend
X-Wikidot-Static-Cache
X-Cache-PageType
X-Cache-Fix
X-ID
X-Worker
X-Varnish-Server
Cached
X-Webkit-CSP
X-Nitro-Cache
X-Content-Security-Policy-Report-Only
ServerName
X-Srv
X-ServerID
X-Cookie-Domain
X-Disney-Akamai-Rule
Edit
Prama
X-Amz-Meta-Content-Md5
X-Amz-Storage-Class
Ohc-File-Size
X-HW
X-WR-MODIFICATION
X-Adobe-Content
X-BackendServer
X-Shard
X-Adobe-Loc
X-Cache-Miss-From
X-Sedo-Request-Id
Noq
X-ACMCache
Ramp
Ram
X-Server-IP
Tracecode
X-Varnish-Hits
Cm-Server
X-FireWall-Port
X-A
Content-Transfer-Encoding
X-ARRServer
X-WR-Flags
X-Orig-Vary
Pics-Label
X-WEBSERVER
Swift-Performance
SRV
X-Ruxit-Js-Agent
X-4ormat-Cacheable
X-SP-UniqueName
X-SP-Farm
X-Yadis-Location
X-Cache-TTL-Remaining
X-RealServer
X-CB-Server
HAVer
X-LW-Web-Server
Accept-CH
X-LB-Node
HCVer
CacheControlHeader
X-RequestId
X-Cache-2
X-App-Server
X-Plat
X-Yottaa-Optimizations
X-Stage
Server-Info
X-Processed-By
X-GeoIP
X-Origin
Frame-Options
Pf.Web.Request.Id
X-Varnish-Hostname
Adm-Server
X-Drectory-Script
X-Client-Vid
X-Yottaa-Metrics
NetMindSessionID
X-Akamai-Edgescape
X-AEM
X-LP
X-Remote-Addr
X-EPiphany-Vid
X-Redman-Final-Url
X-Hstore
X-Hrouter
RequestId
X-Forwarded-Host
Referer
Beyond-Iis
X-Role
A-Powered-By
X-AVG-Country-Code
X-Distributor
X-Avg-Cookie-Expires
Drupal-Pagecache-Memcache
X-Client-Image-Vid
X-Redman-Backend
Content_type
X-Cache-Ttl
X-Akamai-Transformed
X-Framework
Url
X-Hit-Cache
X-GoCache-CacheStatus
X-HydroSheep
Lookup-Cache-Hit
Accept-Language
X-ClientSide-Caching
X-Pagename
Front
SHInfo
X-Path-Route
X-Generated-Timestamp
SVR
X-Proxy-Backend
X-PRAM
Report-To
X-Webstats-RespID
X-Force
X-VC-Enabled
X-Source-ID
X-CAPServer
X-Request-Uri
Proxy-Agent
X-Appmachine-Environment
X-Cache-Dispatcherpragma
X-Cache-Dispatchercachecontrol
X-Varnish-Id
X-Cache-CFC
X-Span
IISExport
X-HTML-Minification-Powered-By
X-E
X-Nbs
X-VCS-Cacheable
X-RiS-PX
X-VCS-Ttl
Request-Country
Request-EU
Cteonnt-Length
Environment
X-Balanceador
X-NginX-Server
X-Cacheable-TTL
X-Cache-Doesi
Hummingbird-Cache
X-Real-IP
X-Varnish-ID
X-Domain-Checked
X-UnsetCookies
X-Provisioner-Version
Nopic
X-Via-NSCOPI
X-Oneagent-Js-Injection
X-ServerIndex
X-Runtime-Memory
CDN-Cache
IM-Version
X-JG-Page-Cache
X-Distil-CS
Access-Control-Allow-Method
X-Varnish-Ttl
X-Unique-Id
CDN-PullZone
CDN-CachedAt
X-ZSITES-DNS
Copyright
X-Route
X-Sys-Req-ID
X-Upgrade-Enabled
CDN-RequestId
X-SDE-Name
RN-Server
X-Hosting-Env
X-Purge-URL
X-Proxy
X-Akamai-ERRuleID
X-Envoy-Upstream-Service-Time
Eomportal-Instance
Home
CDN-Uid
X-Akamai-ERPolicy
NODE
X-CACHE-TTL
X-Proxy-Cache-Key
X-SERVER-ID
Nginx-Cache
ScoreTracker
AsisCache
X-Purge-Host
X-Vcache
X-Nginx-Host
X-Pantheon-Environment
Disablevcache
X-Pantheon-Site
Server-ID
X-Pantheon-Az
Surrogate-Key-Raw
X-Shield-Request-Id
X-IIJ-Cache
X-Pantheon-Phpreq
WWW-Authenticate
X-AOL-HN
X-NWS-UUID-VERIFY
X-Atraveo-ETag
X-Atraveo-Cache-Control
X-Resource
X-NginX-Upstream
X-Atraveo-Expires
X-Atraveo-From-Varnish-Cache
X-Atraveo-Varnish-Server-Id
X-Atraveo-TTL
X-Atraveo-Set-Cookie
X-HeBS-Cache-Status
X-Consent-Required
Machine
X-Detected-Device
X-Backend-Status
X-FastCGI-Cache
X-Debug-Token
X-Unique-ID
Pramga
X-Atraveo-Zone
X-Atraveo-Param-Rm
PServer
Identity
X-Actindo-Rs
X-Actindo-Thread-Id
X-Adnet
X-B2f-Not-Route
VANITY-HOST
X-GSL-Server
X-Actindo-Request-Id
X-Resolver-IP
X-SAPP
Il-Cl
Arrnode
Resin-Trace
BALANCEDTO
X-Confluence-Request-Time
X-Aramark-SID
X-FPC
Locale
X-JSESSIONID
Play-Detected-Device
Play-Detected-UserAgent
X-Session-Reinit
TC-Cache-U
TC-S-Cache
X-ACCELERATE
Myheader
TC-S-Cache-M
X-PBY
TC-Cache-IC
NGX
X-Aramark-CSID
X-Timestamp
Proxy-Cache
TC-Cache
X-Secret
X-Varnish-Backend-Beresp-Backend
X-AF-Userserver
X-Amz-Apigw-Id
Thanks
X-Compress-Hint
X-Proxy-Cache-Control
X-Desc
X-Cache-Varnish
X-Soro
Paypal-Debug-Id
Access-Control
X-Via-S
X-MAT-GEO
WP-FROM-CACHE
X-Cache-On
X-Qnm-Cache
X-CRA-DC
X-M-Log
X-Rebelmouse-Cache-Control
X-Response
Access-Control-Allow-Header
Yoncu-Errno
AMP-Redirect-To
Max-Age
X-WebNode
X-M-Reqid
X-Amzn-RequestId
X-Amzn-Trace-Id
XX
Filters
CS-SERVER
YF-ID
X-WPL-DATA
*
X-Served-Server
X-Garden-Version
X-Highwire-RequestId
X-GeoIP-Country
X-RiS-UFDI
X-Highwire-SessionId
X-Refresh
X-Fedora-School-Id
X-SmartBan-URL
X-SmartBan-Host
Nitro-Cache
AETN-Latitude
AETN-Area-Code
X-Origin-Date
X-Location
AETN-City
AETN-Continent-Code
AETN-DEVICE
AETN-Country-Name
AETN-Country-Code
Firespring-Website-Id
X-Varnish-Debug-TTL
X-Varnish-Cache-Local
X-Ms-Request-Id
VServer
XDomainRequestAllowed
X-Amz-Meta-S3b-Last-Modified
X-Varnish-Debug-Age
Cmsid
Cmstype
AETN-EU
COMMERCE-SERVER-SOFTWARE
X-HostName
DNNOutputCache
AETN-Postal-Code
AETN-State-Code
Load-Balancer
AKA-DEVICE
Access-Control-Request-Headers
IES-Server
X-Server-Addr
AETN-Longitude
X-Goog-Meta-Replace
X-Dw-Trace-Id
X-Smartcache-Timeout
X-Session-ID
X-Smartcache-Keys
Prot
NLCacheNote
X-Goog-Meta-Policy
Magicmarker
X-Bip
MICROSOFTOFFICEWEBSERVER
X-App-Runtime
X-WP
X-Cocoon-Version
Dis-Env
Web-App-Origin-Name
Bios
Serverid
X-Always-Cache
X-Runtime-Affili
X-Fstrz
X-WEBMGR-CACHE
CommercePlatform-Version
OracleCommerceCloud-Sandiego
X-Map-Context
Lb
X-UA-Bot
X-Upstream-Status
X-Batcache
Edgecast
X-Req-Head-Response
X-SH-Cache-Status
Fastly-Backend-Name
X-PHP-Response-Code
X-Flex-Lang
X-Flex-Evstart
Cf-Ipcountry
X-Rack-Cors
X-SERVER-NAME
X-Flex-Evend
X-Dynatrace-Js-Agent
X-Autoru-Host
Upgrade-Insecure-Requests
X-Culture
N365rili
X-Flex-Community
X-Flex-Lastmod
X-Flex-Tag
Srv-Name
X-Cdn-Forward
AC-ELC
X-7d-Trace-Id
X-7d-Instance-Id
X-WebServer
X-ENV
Aurora-Node
X-Nginx-Dummy
X-Flex-Tags
X-Upstream-Backend
OracleCommerceCloud-Version
X-ETag
X-Shopware-Cache-Id
X-Sorting-Hat-Expire-Cache
X-Shopware-Allow-Nocache
X-Proxy-Skip
X-Jphone-Copyright
X-Test
X-Webcelerate
X-Reflector
X-Origin-Cache
X-App
X-Id
Fastly-Debug-Digest
X-Middleton-PageSpeed
X-Status
X-Frames-Options
X-DSMX-Rewrite-MS
X-Gyrobase-Publication
X-Lb
X-Client-Id
X-Amcomm-Site
X-Amz-Id-1
X-Mobilized-By
X-DN-Cache-Control
X-Depends
X-Country
X-DSMX-Render-MS
X-Captured
Pragrma
GranicusServer
X-MCB-Server
Xc
X-Varnish-Action
X-CacheID
X-Rule
X-Static
CLMOB
FRONT-END-SECUREBROWSER
Actual-Object-TTL
X-VC-TTL
X-Hit
X-Autoru-App-Id
X-Custom-Name
Hosted-By
X-Instance
X-Reflector-Cache
X-Instance-Id
X-Geo
DrivedBy
X-Varnish-Grace
X-V
X-IP
X-Proto
NZSpeedy
X-Directory-Script
X-ReqId
Provider
X-DataDome
CommunityServer
X-Nginx
X-Cms-Mode
X-DB-Content-Length
X-Dev
X-Cache-Extended
Og
Worker
X-Cache-Id
X-ESI
X-DevSrv-CMS
Keywords
Description
X-UUID
X-CacheDebug
TP-L2-Cache
X-Appid
X-Xml-Http-Blocked
Dispatcher
TP-Cache
X-We-Are-Hiring
X-Gateway-Rate-Limit-Delayed
X-Wodby-Node
X-Flash-Messages
X-Global-Transaction-ID
X-BServer
X-Blog
X-BPool-Back
X-Vol-Mrp
X-Airee-Node
X-Origin-Upstream-Status
X-Now-Trace
X-Vary-Options
X-Grid-Server
X-Vol-Correlation
X-TLS-Version
X-Mobile-Rewrite
X-Zendesk-Origin-Server
X-Nginx-Request-Processing-Time
X-Origin-Server
X-ProcessESI
X-Proxy-Server
X-Highwire-Smart-Code
X-Highwire-Sitecode
X-Cache-Via
X-Nws-Log-Uuid
X-NoIndex
X-Generated-Time
X-Domino-CacheValidationWithETagResult
X-Domino-CacheValidationWithETagReason
X-PageCache
X-FromPodPressCache
X-Zendesk-User-Id
From
Ttl
X-Beatles
X-RemovedCookies
SS
X-Serv
X-Server-Generated
HitType
PB-RID
Response-Time
X-Podname
X-TKP-SRV-ID
Section-Io-Origin-Status
X-FastCGI-Cache-Status
X-Resty-Request-Id
X-HashTwo
X-Rack-CORS
X-SE-Debug
X-Cache-Date
X-Data-Request
IP-Addr
X-PM-ID
X-Cache-HT
X-Served-From
VSID
X-Nx-All
ViewMode
Ssl-Proxy-Server
X-GZip
X-WA-Info
Apachenode
X-Optimization
X-Mighty-Proxy
X-W3TC-Minify
X-Src-Webcache
X-Varnish-Ip
Now
X-Gannett-Site-Version
X-Layout
X-ManagedFusion-Rewriter-Version
PB-PID
X-Nx
X-Firefox-Spdy
X-Backside-Transport
REFRESH
PBS
Num
X-Netrix-ID
X-Rewritten-By
X-Title
X-HA-Backend
X-HA-Frontend
X-Cache-Time
X-Render-Time
Section-Io-Origin-Time-Seconds
X-NodeID
Traffic-Origin
X-Protected-By
X-Built-By
X-Server-Hostname
X-HS-Status
X-Box
X-Phpwcms-Page-Processed-In
X-Phpwcms-Release
X-SilverStripe-Cache
X-Sid
D
Content
X-Agent
Web
X-Application
X-Cluster
CF-Cache-Key
X-Compressed-By
X-SV
SBSS
ModuleCacheType
Content-Sn
TYPO3-Pid
TYPO3-Sitename
X-Cdn-Origin
X-Batcache-Reason
X-Proxy-Id
X-Policy
Webserver
UrlWatchModule-Time
X-Amzn-Remapped-Date
X-AppServer-Cache-Exception
X-AppServer-Status
X-AppServer-Cache-Rule
HSTS
X-PBS-Fwsrvname
X-Pageid
X-Header
X-RAMCache
X-Vid
F5-IpCliente
ClientIP
X-Ghost-Cache-Status
X-Fastly-Backend-Reqs
Origin-Vm
Amfplus-Ver
Provided-Host
X-Beresp-Ttl
X-CH-Device
X-Cache-Node
Gzip
ProxiaInstanceId
X-FORWARDED-PROTO
X-DynamicCache
X-Middleton-Pagespeed
X-MyName
X-PBS-Appsvrname
X-PBS-Appsvrip
X-Catalyst
X-Cache-FS-Status
SINA-LB
Session-Id
SINA-TS
VC-NoCache
X-Beget-Proxy
X-Avvio-Cms-Cacheload
X-EC2-Instance-Id
X-Cache-Action
MSThemeCompatible
Server-Ip
ServerIP
Session-From
MSSmartTagsPreventParsing
Id
X-Meta-MSThemeCompatible
X-Node-App
MachineName
StatusCode
X-SSL-Host
X-Firewall
X-Meta-Imagetoolbar
X-Info
X-Instance-Name
Cleartype
X-Meta-MSSmartTagsPreventParsing
X-Cache-TTL-Age
X-Cache-TTL-Current
MwpReleaseVersion
X-Varnish-Cached-TTL
Httpd-Identifier
X-Varnish-Cached
X-Streams-Distribution
X-MCF-ID
X-UPServer
X-Scheme
MageStack-Cache-Lifetime
X-WHO
X-OpenCart-Lightning
MageStack-Config
MageStack-Cache-Status
MageStack-Magento-Version
Z
MageStack-Cache-Hits
X-Cache-Warmer
MageStack-Debug
X-Appversion
MageStack-Loadbalancer
X-Ms-Version
MageStack-Cacheable
X-CACHE-KEY
AMP-Access-Control-Allow-Source-Origin
Device
X-VERSION
MageStack-Cache
X-Serverid
Viewport
MageStack-PageSpeed
X-Clx-Request
MageStack-Area
MageStack-Web-Node
MageStack-Tag
X-Cache-Me-Harder
Servername
X-LBPoolMember
X-MSU-SOURCE
NEL
X-WN-ClientGroup
X-B
X-HS-Content-Group-Id
X-VC-Debug
X-VC-Hash
X-VC-Cacheable
CINC-Endpoint
X-Goog-Meta-Goog-Reserved-File-Mtime
X-ZORequestID
X-V-Cache
X-Enabled3
X-This-Proto
X-Served
Generate-Time
MageStack-Cache-Lifetime-Sent
MageStack-Cache-Warning
X-Processed
X-Pj-Cache-Status
X-Debug-Message
X-Deity
X-HA
X-Oferteo-Domain
MageStack-Last-Modified
WN
X-Requestid
X-Time-Spent
X-BIT-Node
Server-Id
X-UD-METHOD
X-Varnish-Cache-Control
X-Access-Control-Allow-Origin
X-Enabled2
X-Enabled1
X-ProBase-Server
X-UT-Cache
X-UPSTREAM-Address
X-Thanos
X-Beluga-Response-Time
X-VG-WebCache
No-Cache
X-AWS
Progma
X-Beluga-Response-Time-X
X-SuperCache
X-DDM-SERVER
X-Amz-Meta-Cb-Modifiedtime
X-DDM-SERVER-UPDATED
X-Newrelic-Synthetics
X-Beluga-Status
X-Beluga-Trace
X-Croise-Owner
X-Beluga-Record
X-ASAP-Cache
X-ASAP-Age
X-Clara-ASAP
X-Beluga-Cache-Status
X-LAKANA-AB
X-Enhanced-By
Page-Template
X-TNCMS-Bot-Tier
AddDefaultCharset
X-ServiceProvider
Apple-Itunes-App
X-Beluga-Node
X-Built-With
NtCoent-Length
X-Cname-TryFiles
Requested-Host
129prxHost
X-Stiffia-Cache
135prxHost
196prxHost
262prline
259pxline
X-OCTOPOD
X-Dispatcher-Number
X-Transaction-Name
X-T
X-VC-Cache
X-Pool
NB-Cache
X-Page
X-InstanceId
X-Cjtype
AR-ATIME
X-Request-Received
AR-CACHE
AR-PoweredBy
X-Request-Processing-Time
AR-SID
HitInfo
Xxline
316pxxline
Www.Aujourdhui.Com
Powered-By-115
X-Author
X-Container
Language
X-Req-Counter
X-Tradeindia-SMgmt
X-Pass-Through
X-Node-Id
X-Fpc
X-Powered-By-ADS
X-Rocket-Nginx-File
X-CacheLoc
X-NMT-Proxy
X-Sn-Servicetimems
Expiries
X-Abuse
Debug-Status
X-Dck
X-Cache-Bypass
X-Rocket-Nginx-Reason
X-SCM-Server-Number
Fastly-Restarts
DB-Nickname
Hit-Count
Purge-Cache-Tags
Value-Of-Url
Backend-Powered-By
X-XHTML-Minification-Powered-By
X-WebKit-CSP-Report-Only
X-Block-RuleID
X-Test-Debug
X-Block-Rule
X-Varnish-Cache-Ttl
X-B3-Sampled
Ohc-Response-Time
HA-Status
SB-Cache-Life
SB-Cache-Remaining
X-Client-Ip
Origin-Edge-Control
X-Machine
Origin-Cache-Control
X-Apache2-RT-MicroSec
X-AMAZEEIO
ServerTokens
ServerSignature
SB-Site-Device
Tk
TTL
X-Nginx-VM-RT
X-Obvious-Info
X-LB-Backend
X-User-Agent-Tier
X-DODN-Region
CDCHOST
X-DODN-Id
X-LB-Frontend
X-SATserver
X-UA
X-Obvious-Tid
X-Page-Cacheable
X-Old-Content-Length
X-RequesterIP
X-APIAUTH-VAL
X-APIVERSION
RSL-Trace-ID
X-Custom-Header
Fw-Via
Fastly-Drupal-Html
EQ-Cache
BackendServer
X-Front-Cache
X-No-Session
SB-Site-IE-VERSION
X-Varnish-URL
X-Tradeindia-Request-GUID
TestCC
VAR-Cache
Ews
ID
Tempo
MS-CV
Tesla.Performance
X-Activity-Id
X-Cache-Detail
X-Az
HTTPS
X-Tag-Playlist
X-Cache-ID
NS-VaryByCustom-Key
X-CSRF-Token
X-Expires
X-RunCloud-Cache
X-Telligent-Evolution
X-Router
X-Search-Id
X-ROUTING
X-Varnish-Debug-Hits
WP-AdvCache-MemCached
Cache-Ctrol
SERVER-NAME
X-PressLabs-Stats
X-Geo-IP
Ibf5scheme
X-ENDPOINT
X-Max-Age
X-ORIKEY
X-Skip-Cache
X-NewsFlow-Sitename
PROGMA
X-InDy-Query
X-InDy-Memory
X-InDy-Time
X-Bitrix-Composite
X-Reqid
X-Healthy
X-MainProfileCategory
X-MainProfileURL
Sl-Pgid
X-MainProfileName
X-MainProfileID
X-From-Cache
X-Cache-LB