Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: HTTP Header Usage Statistics - SANS Internet Storm Center HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Date
Content-Type
Server
Set-Cookie
Connection
Cache-Control
Vary
X-Powered-By
Expires
Content-Length
Link
Last-Modified
Pragma
Accept-Ranges
ETag
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
Strict-Transport-Security
CF-RAY
X-Cache
Age
Content-Language
X-AspNet-Version
P3P
X-Pingback
Expect-CT
X-UA-Compatible
Via
Upgrade
Access-Control-Allow-Origin
Content-Security-Policy
X-Cacheable
X-Request-Id
X-Adblock-Key
Referrer-Policy
X-Varnish
X-Xss-Protection
X-Check
X-Generator
X-Language
X-Template
X-Buckets
X-Drupal-Cache
X-Type
WPE-Backend
X-Cache-Group
X-Pass-Why
P3p
Alt-Svc
X-Permitted-Cross-Domain-Policies
X-Download-Options
X-Hacker
X-Ac
X-Cache-Hits
X-AspNetMvc-Version
X-Accel-Buffering
X-Wix-Server-Artifact-Id
Host-Header
X-Dc
X-Sorting-Hat-Section
X-Alternate-Cache-Key
X-ShopId
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-FeatureSet
X-ShardId
X-Sorting-Hat-PodId
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-PrivacyLevel
X-Via
X-Powered-By-Plesk
X-Runtime
X-Served-By
MS-Author-Via
X-Contextid
Content-Location
X-ServedBy
X-PC-Key
X-PC-Hit
X-Amz-Cf-Id
X-UA-Device
X-PC-AppVer
X-PC-Host
X-PC-Date
Access-Control-Allow-Headers
X-Powered-CMS
X-IPLB-Instance
Access-Control-Allow-Methods
Status
X-Timer
X-TEC-API-VERSION
X-TEC-API-ROOT
X-TEC-API-ORIGIN
Access-Control-Allow-Credentials
Cartoon
X-Rid
CF-Cache-Status
X-Tumblr-User
X-Tumblr-Pixel-0
X-Tumblr-Pixel
X-Wix-Request-Id
X-Seen-By
X-Iinfo
X-Tumblr-Pixel-1
X-Backend
X-WPE-Loopback-Upstream-Addr
X-NewRelic-App-Data
X-Host
X-Tumblr-Pixel-2
Powered-By
X-Mod-Pagespeed
X-Cache-Status
Content-Encoding
X-Endurance-Cache-Level
X-Server
X-CST
X-Cache-Hit
X-Cache-Enabled
X-Port
X-CDN
X-Logged-In
Keep-Alive
X-DIS-Request-ID
X-Tumblr-Pixel-3
X-Server-Powered-By
X-Drupal-Dynamic-Cache
X-Accel-Version
X-Nginx-Cache-Status
X-Robots-Tag
Server-Timing
X-Turbo-Charged-By
X-Proxy-Cache
X-Page-Speed
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
X-Newrelic-App-Data
X-Content-Digest
X-Content-Powered-By
X-LiteSpeed-Cache
Content-Security-Policy-Report-Only
X-GitHub-Request-Id
X-Rack-Cache
X-AH-Environment
X-Pad
X-ASPNET-VERSION
X-Varnish-Cache
X-FW-Hash
Edge-Control
X-FW-Server
X-FW-Serve
X-FW-Type
X-FW-Static
X-Tumblr-Pixel-4
X-Request-Country
X-XRDS-Location
Request-Context
X-Request-ID
X-Hits
SPRequestGuid
X-Webcom-Cache-Status
X-MS-InvokeApp
X-SharePointHealthScore
WP-Super-Cache
MicrosoftSharePointTeamServices
X-Trace
X-BC-Stapler
X-Node
Timing-Allow-Origin
Cf-Railgun
Edge-Cache-Tag
X-Amz-Request-Id
X-HS-Cache-Config
X-Amz-Id-2
Access-Control-Expose-Headers
X-Cache-Lookup
X-HS-Content-Id
X-Content-Security-Policy
X-Webserver
X-FullPageCaching
X-Ua-Compatible
Charset
X-PhApp
X-HS-Combine-CSS
X-INKT-URI
X-INKT-SITE
X-Cnection
Request-Id
X-CF-Powered-By
X-PHP-Backend
Access-Control-Max-Age
X-Fastly-Request-ID
SPIisLatency
SPRequestDuration
X-Backend-Server
X-Died
EagleId
MicrosoftOfficeWebServer
Composed-By
X-Swift-SaveTime
X-Swift-CacheTime
X-SS-Location
X-SS-Conf
X-CDN-Pop
X-CDN-Pop-IP
Grace
Served-By
X-Device
X-Safe-Firewall
X-Spip-Cache
Rating
Liferay-Portal
X-Tumblr-Pixel-5
X-Server-Name
X-DDC-Arch-Trace
X-Edge-Cache-Key
X-Edge-Cache
X-Dw-Request-Base-Id
X-Hyper-Cache
X-VCache
Front-End-Https
X-NF-Request-ID
X-Tumblr-Content-Rating
X-Wix-Punisher
X-Cloud-Trace-Context
X-Cluster-Node
Surrogate-Control
X-FB-Debug
X-Loop
X-Microcache
X-LiteSpeed-Cache-Control
X-TNCMS
X-RateLimit-Remaining
X-RateLimit-Limit
Permitted-Cross-Domain-Policies
X-HeyJason
X-Do-Not-Hack
X-RateLimit-Reset
X-SERVER
X-Clacks-Overhead
X-Jimdo-Instance
X-Jimdo-Wid
X-StackifyID
X-Acc-Exp
Content-Style-Type
X-DNS-Prefetch-Control
X-OneAgent-JS-Injection
Content-Script-Type
P-LB
P-WS
X-Firenze-Processing-Times
Display
X-Middleton-Display
X-Sol
X-Middleton-Response
Response
Refresh
X-Vtex-Processado-Em
X-Kinsta-Cache
X-Debug-Info
X-Age
Public-Key-Pins
X-Original-Date
X-User-Agent
X-XN-Trace-Token
X-XN-XNHTML
X-Cached
X-Magento-Tags
X-WebKit-CSP
X-Px
X-Cache-Config
X-Ruxit-JS-Agent
Fpc-Cache-Id
X-N-OperationId
X-Amz-Version-Id
PageSpeed
X-Goog-Hash
X-Tumblr-Pixel-6
X-Hostname
X-Zen-Fury
X-Generated-By
Xkey
X-Shopid
X-Sorting-Hat-Podid
Retry-After
X-Sorting-Hat-Shopid
X-Sorting-Hat-Featureset
X-Sorting-Hat-Privacylevel
X-Sorting-Hat-Podid-Cached
X-Shardid
X-Sorting-Hat-Shopid-Cached
X-Topify-Platform
X-DynaTrace-JS-Agent
X-Handled-By
X-LW-Cache
X-Frame-Option
Rt-Fastcgi-Cache
X-Url
X-MiniProfiler-Ids
X-From
X-Loopia-Node
X-Outils-CS
X-Version
X-Goog-Storage-Class
X-Goog-Generation
Access-Control-Request-Method
X-Goog-Metageneration
X-Goog-Stored-Content-Encoding
X-Goog-Stored-Content-Length
X-Edge-Location
X-URL
TCN
X-Upstream
X-B-Cache
X-Source
X-Request-Time
X-CMS-Version
X-FORWARDED-FOR
Fastcgi-Cache
Feature-Policy
Edge-Control-Message
X-Cached-By
X-Platform-Cluster
X-Platform-Processor
X-Platform-Router
X-EdgeConnect-Origin-MEX-Latency
X-AspNetWebPages-Version
X-Varnish-TTL
X-Servedby
X-Whom
ServedBy
X-Engine
Public-Key-Pins-Report-Only
Allow
X-EdgeConnect-MidMile-RTT
Powered
Last-Published
Imagetoolbar
X-LBLID
X-DynaTrace
X-Content-Options
X-Accel-Expires
X-Recruiting
X-Msg-2-Log
Fhost
X-URLSCHEME
X-RESOURCE
X-Cdn
Dmn
X-SRCache-Store-Status
X-SRCache-Fetch-Status
X-Actual-URL
X-Varnish-Count
X-Varnish-HitMiss
X-NWS-LOG-UUID
X-Varnish-Cache-Hits
Product
X-Cache-Info
X-VTEX-Janus-Router-Backend-App
X-Powered-By-VTEX-Janus-ApiCache
X-Passed-To-DLL
X-Returned-From-DLL
X-Magento-Cache-Debug
X-Location-Id
X-Returned-From
X-VTEX-Cache-Status-Janus-ApiCache
X-CacheServer
X-Original-Request
X-Vtex-Processed-At
X-Passed-To
No
X-Vtex-Remote-Cache
X-Varnish-Host
X-Varnish-Beresp-Status
X-Varnish-Beresp-Grace
X-Varnish-Beresp-Ttl
X-ET-API-VERSION
X-Returned-From-PostProcessResponse
X-ET-API-ROOT
X-Passed-To-BeforeDispatch
X-Passed-To-PostProcessResponse
X-Stale
X-ET-API-ORIGIN
X-Returned-From-BeforeDispatch
X-Cache-Key
X-Umbraco-Version
Host
X-Application-Context
Warning
X-Response-Time
DynaTrace
X-Signature
X-Microcachable
X-Developer
X-Cache-Rule
X-Guploader-Uploadid
X-Forwarded-For
Arr-Disable-Session-Affinity
X-Device-Type
Generator
X-Platform-Server
X-UD-Method
Origin
X-ApacheServer
X-PERF
X-S
X-Platform
X-Gateway-Cache-Status
X-Powered-By-360WZB
X-Gateway-Skip-Cache
X-Gateway-Cache-Key
Alternate-Protocol
X-Defender
X-F-Cache
X-Fastcgi-Cache
X-Shop-Id
X-Platform-Cache
Version
X-Rnd
X-HS-Content-Campaign-Id
X-Via-JSL
X-Cache-Tags
X-Hosted-By
X-Micro-Cache
X-Instart-Request-ID
X-Ezoic-Cdn
X-Correlation-Id
WZWS-RAY
X-TransIP-Balancer
Surrogate-Key
X-App-Status
X-Correlation-ID
X-Supported-By
X-Cache-Namespace
X-Microcache-Status
X-Translation
USPLoggingUUID
Cache-Provider
X-HOST
X-TransIP-Backend
X-Environment
X-SO
Content-Hash
X-I-Sp
X-BS
X-Dispatcher
X-Sapient
X-Cache-Age
X-LB-Node
X-Ttl
X-Director
X-Powered-By-VelaWeb
X-Lambda-Id
X-SSL-Cipher
X-Daa-Tunnel
X-Server-Upstream
Cache-Key
X-Expires-Orig
MIME-Version
X-Dns-Prefetch-Control
Pagespeed
Content-Disposition
X-Magento-Cache-Control
X-Art-Request-Id
X-SSL-Protocol
X-Duration
X-Server-ID
X-Matrix-Server
X-CSRF-Protection
X-Matrix-Proxy
X-Debug
X-Varnish-GracePeriod
X-Varnish-ObjectSource
X-Varnish-Seen-By
X-NoCache
X-Varnish-RemainingTTL
X-Varnish-RemainingLife
X-Cache-Control-Orig
RTSS
X-DealerOn
X-Dealeron-Backend
X-Dealeron-Original-Url
X-App-Hosting
S-Cnection
X-ORACLE-DMS-ECID
X-Hypernode
X-Akam-SW-Version
Pool
X-Track
SSPAppContext
X-Last-Modified
SN
X-Edge-IP
Wsr-Cache
X-NetCat-Version
X-SSLUpstream
X-I
X-SSLProxy
X-Grace
X-Rocket-Nginx-Bypass
Cneonction
X-Cache-Debug
X-Drupal-Cache-Tags
X-Abgroup
Akamai-IP
X-Gamma-Serve
X-Front
X-Vcap-Request-Id
X-Cache-TTL
X-Storage
Node
X-Forwarded-Proto
X-Generated
ServerID
X-Powered-By-VTEX-Janus-Edge
X-Server-Id
X-Cf-Powered-By
Powered-By-ChinaCache
X-SVR-IIS
X-Svr-Proxy
X-Pressidium-NinukisWP-Ver
X-Cache-Level
X-Client-IP
X-Rocket-Nginx-Serving-Static
X-ATG-Version
X-Route-Server
X-Magnolia-Registration
X-Flow-Powered
X-Page-Cache
X-Litespeed-Cache
If-Modified-Since
X-Revision
X-Cache-Engine
X-Cache-Lifetime
X-Varnish-Cacheable
X-VARITI-CCR
X-ServerName
X-Amz-Meta-S3cmd-Attrs
X-Cache-Type
X-GUploader-UploadID
X-Drupal-Cache-Contexts
X-Hiawatha-Cache
X-Cache-Handler
X-SV-CacheTags
X-SV-Expires
X-SV-CreatedAt
Accept-Encoding
X-SV-Cacheable
X-SV-FromDBCache
X-Url-Base
X-SV-Duration
X-Cache-Server
X-SV-Nginx-Duration
X-SV-Pid
X-SV-Edge
AMF-Ver
X-GeoIP-Country-Code
Lsrequestid
X-SDS
Req-Id
PICS-Label
X-CJ-Soft
X-Geo-Country
X-PwB-Node
X-Country-Code
X-SRV
X-LB
X-Firenze-Processing-Time
FAI-W-FLOW
X-Sucuri-ID
X-UPSTREAM
X-Cache-Expires
X-Cache-Operation
X-Vhost
X-ARC
Contao-Page-Layout
X-ServerID
X-TransIP-Reserved
X-Content-Encoded-By
X-Processing-Time
X-IsCacheURL
Author
X-Pantheon-Phpreq
X-Discourse-Route
Surrogate-Key-Raw
X-Pantheon-Site
X-Pantheon-Environment
X-Esi
Page-Completion-Status
Update-Time
X-Litespeed-Cache-Control
X-Time
X-Trace-Id
Nodo
ServerName
Src-Update
X-LB-Server
X-Origin
NnCoection
X-Dispatch
X-Runtime-Rack
Qs-Cache
X-Cache-Device-Type
Section-Io-Id
X-ORACLE-DMS-RID
SiteSpeed
X-N
X-Speed-Cache-Key
Content-Encoding-Handler
X-Frontend
X-Varnish-Url
Backend
Proxy-Connection
X-Speed-Cache
X-Varnish-Ttl
X-Service-Id
X-Env
X-Content-Age
Smug-CDN
X-Akamai-Device-Characteristics
X-TTFB-L
X-Locale
X-TTFB
Srv
X-SmugMug-Values
X-SmugMug-Hiring
X-Akamai-Device-Model
X-Sucuri-Cache
X-Cookie-Domain
X-GeoIP-Country-Name
X-Varnish-IP
X-Varnish-Backend
X-Real-Server
Service-Worker-Allowed
Tracecode
X-FTR-Request-ID
Strikingly-Cache-Region
X-Dynamic-Cache
X-Cache-Only-Varnish
W
X-ACMCache
Strikingly-Cached
Cache
Strikingly-Cached-Version
X-FW
X-Unbounce-Variant
X-Unbounce-VisitorID
X-Always-Cache
Cache-Tags
X-Server-Instance
X-SRCache-Key
MC
X-HW
X-Unbounce-PageId
X-Content-Type-Option
Custom-Header
X-Id
X-Nbs
X-Config-Blacklist-Version
From-Origin
X-CacheFROM
Pv
Https
S
Server-Name
X-Webkit-CSP
CacheControlHeader
X-Middleware-Start
X-Nginx-Cache
X-Empowered-By
Content-Transfer-Encoding
X-Srv
X-Varnish-Retries
X-Drectory-Script
X-PF-Uncompressing
X-Symfony-Cache
X-High-Performance
X-Browser
Location
X-ID
IBM-Web2-Location
X-RequestId
Local-Info
X-CF-Passed-Proto
X-Varnish-Age
X-Wikidot-Backend
X-Varnish-Server
X-Cache-Control
Use-Proxy
X-Wikidot-Static-Cache
Ohc-File-Size
NetMindSessionID
IM-Version
X-BackendServer
X-Worker
X-FIRSTBase
X-Connection-Hash
MJ12bot
X-Akamai-Edgescape
HCVer
X-Transaction
X-Amz-Storage-Class
X-BKSrc
X-ARRServer
X-VC-Enabled
X-WR-Flags
Edit
HAVer
X-Twitter-Response-Tags
X-Cache-Fix
Content_type
FindLaw
X-Cache-PageType
Accept-Charset
X-Pool
X-Orig-Vary
X-Shield-Request-Id
X-Sys-Req-ID
X-Varnish-Hits
Nginx-Cache
SEOMOZ
X-AF-Userserver
X-Rq
X-Unique-ID
X-Proxy
X-Analytics
Backend-Timing
Fw-Via
Content-MD5
Hummingbird-Cache
X-LP
X-Storage-Cache-Date
X-Storage-Cache
X-TTL
X-Key
X-Storage-Cache-Expires
X-RealServer
X-Content-Security-Policy-Report-Only
X-NginX-Server
Cm-Server
X-AVG-Country-Code
X-NginX-Cache
X-Redman-Backend
X-Redman-Final-Url
Front
X-LW-Web-Server
X-TB-M
X-Purge-URL
Adm-Server
X-Avg-Cookie-Expires
Cached
Proxy-Agent
Xc-Version
X-Vip
X-Nitro-Cache
X-SP-UniqueName
X-Cache-CFC
X-Now-Id
X-SP-Farm
X-Adobe-Loc
Server-Info
Eomportal-Instance
X-Webstats-RespID
Dtk-Cache-Check-0
X-CB-Server
Swift-Performance
X-Framework
RequestId
X-App-Server
X-Cache-Ttl
X-Adobe-Content
X-Amz-Meta-Content-Md5
X-Stage
X-WP
X-SE-Debug
X-Source-ID
X-Disney-Akamai-Rule
X-Role
SVR
X-Purge-Host
X-RiS-UFDI
X-Fedora-School-Id
X-Amz-Rid
X-Generated-Time
WWW-Authenticate
X-FastCGI-Cache
X-Location
Access-Control-Allow-Method
Pf.Web.Request.Id
Pics-Label
X-AEM
X-4ormat-Cacheable
SRV
X-Varnish-Debug-Age
X-Runtime-Memory
X-Span
Frame-Options
X-JG-Page-Cache
X-Varnish-Debug-TTL
X-SERVER-NAME
Environment
X-Remote-Addr
X-Yadis-Location
X-Balanceador
X-WPL-DATA
X-Captured
X-Amzn-Trace-Id
X-Amzn-RequestId
X-Consent-Required
X-VCS-Cacheable
X-Server-IP
X-Amz-Apigw-Id
X-HeBS-Cache-Status
X-VCS-Ttl
SHInfo
X-Origin-Id
X-Processed-By
X-Sedo-Request-Id
Url
X-Cache-Miss-From
X-Resty-Request-Id
EN-User
Max-Age
X-App
X-SH-Cache-Status
X-Runtime-Affili
X-CDN-Forward
X-Smartcache-Keys
X-Varnish-ID
X-CAPServer
X-CacheDebug
X-Smartcache-Timeout
X-Detected-Device
XDomainRequestAllowed
Device
Copyright
X-HostName
X-App-Runtime
X-Force
X-Atraveo-Zone
X-Atraveo-TTL
X-Atraveo-Varnish-Server-Id
Upgrade-Insecure-Requests
X-Hrouter
X-FireWall-Port
X-Application
Access-Control-Request-Headers
X-ClientSide-Caching
A-Powered-By
X-IIJ-Cache
F5-Trid-Name
X-Provisioner-Version
X-Jphone-Copyright
X-PRAM
X-Atraveo-Set-Cookie
X-Atraveo-Param-Rm
RN-Server
X-Domain-Checked
X-Rack-Cors
X-Debug-Token
F5-Trid-Value
X-HydroSheep
X-GeoIP
X-Hstore
X-Lw-Cache
Disablevcache
X-Atraveo-Cache-Control
X-Atraveo-Expires
From
X-Atraveo-From-Varnish-Cache
X-A
X-Atraveo-ETag
AETN-Postal-Code
AETN-State-Code
AKA-DEVICE
CS-SERVER
X-VC-TTL
X-Webcelerate
X-Rule
X-GSL-Server
X-Distributor
Request-Country
X-Depends
Cteonnt-Length
X-SayCDN-TTL
X-Plat
X-Real-IP
X-Say-Cacheable
X-Say-TTL
X-Confluence-Request-Time
X-VNode
BackendServer
X-Culture
X-Amz-Id-1
X-Appmachine-Environment
WP-FROM-CACHE
AETN-Country-Name
AETN-DEVICE
AETN-EU
AETN-Latitude
AETN-Country-Code
AETN-Continent-Code
EagleEye-TraceId
AETN-Area-Code
AETN-City
AETN-Longitude
X-Desc
X-Hit-Cache
X-Pagename
Machine
X-Response
Resin-Trace
X-CRA-DC
Identity
N365rili
NtCoent-Length
X-Cache-On
X-Varnish-Action
X-Resolver-IP
Ufe-Result
Arrnode
BALANCEDTO
X-GoCache-CacheStatus
Lb
X-SAPP
Filters
X-Agent
Pragrma
Id
Ibf5scheme
X-Dynatrace-Js-Agent
Myheader
X-MAT-GEO
AMP-Redirect-To
X-PBY
X-Custom-Name
Paypal-Debug-Id
IISExport
ScoreTracker
NODE
Edgecast
VServer
X-Adnet
X-ProcessESI
VANITY-HOST
X-RemovedCookies
Access-Control-Allow-Header
X-MidCOM-Meta-Cache
X-Resource
X-Forwarded-Host
X-Actindo-Thread-Id
X-Actindo-Rs
X-Actindo-Request-Id
X-HTML-Minification-Powered-By
Request-EU
Load-Balancer
X-Garden-Version
X-Request-Uri
AsisCache
X-Now-Cache
IES-Server
X-CACHE-TTL
X-Cocoon-Version
X-Cache-Doesi
X-Reflector-Cache
X-Reflector
X-Proxy-Backend
Fastly-Backend-Name
X-Proxy-Skip
Magicmarker
X-HS-Status
Noq
X-Timestamp
X-Nginx-Host
X-Compress-Hint
X-Dev
X-ENV
X-OpenCart-Lightning
X-Generated-Timestamp
X-Beget-Proxy
Web-App-Origin-Name
SERVER-ID
Dispatcher
X-Cms-Mode
ServerNode
CLMOB
Beyond-Iis
Accept-Language
Referer
Worker
Aurora-Node
Report-To
Ramp
DNNOutputCache
X-Hosting-Env
X-Backend-Status
X-Cache-2
X-Akamai-Transformed
X-Cacheable-TTL
X-SDE-Name
Ram
X-Flex-Lang
X-Flex-Lastmod
X-Flex-Tags
X-Flex-Evstart
X-Flex-Tag
AR-ATIME
X-Flex-Evend
AR-CACHE
X-Client-Vid
X-EPiphany-Vid
X-ENDPOINT
X-Map-Context
Thanks
X-UnsetCookies
X-Proxy-Cache-Control
X-Req-Head-Response
MageStack-Web-Node
X-AOL-HN
X-DataDome
X-APIVERSION
X-APIAUTH-VAL
Prama
X-DynamicCache
X-Flex-Community
X-WebNode
Accept-CH
X-Yottaa-Optimizations
X-ROUTING
X-ORIKEY
X-Varnish-Debug-Hits
X-Yottaa-Metrics
HitType
X-ServerIndex
X-Path-Route
X-WEBMGR-CACHE
Cmsid
Web
X-Varnish-Hostname
AC-ELC
X-Ser
X-Svr
X-Rebelmouse-Cache-Control
X-MCB-Server
Cmstype
AR-SID
X-Abuse
AR-PoweredBy
X-Client-Image-Vid
X-Soro
X-Server-Addr
X-Session-Reinit
X-UA-Bot
X-Test
X-Refresh
X-Cache-Detail
X-Goog-Meta-Policy
MageStack-Config
NLCacheNote
MageStack-Cacheable
X-Middleton-PageSpeed
MageStack-Cache-Status
X-Goog-Meta-Replace
X-Info
X-Fstrz
X-IP
X-Page
X-Upgrade-Enabled
MageStack-Cache-Lifetime
X-Secret
XX
MageStack-Cache-Hits
X-Ghost-Cache-Status
MageStack-Debug
X-AutoRu-App-Id
X-ESI
X-E
X-Autoru-Host
MageStack-Area
Firespring-Website-Id
X-Hosting
COMMERCE-SERVER-SOFTWARE
Bios
MageStack-Tag
MageStack-PageSpeed
X-Bip
MageStack-Cache
MageStack-Magento-Version
X-Goog-Meta-Goog-Reserved-File-Mtime
MageStack-Loadbalancer
X-Box
*
X-Via-S
X-Origin-Server
X-Amcomm-Site
X-Cache-Varnish
X-Gannett-Site-Version
X-Origin-Cache
X-Ratelimit-Remaining
X-Proto
X-Session-ID
NZSpeedy
X-Ratelimit-Limit
Cache-Status
SS
X-SilverStripe-Cache
Fastly-Debug-Digest
MageStack-Cache-Warning
X-CACHE-KEY
CommunityServer
X-Varnish-URL
Server-Id
WP-AdvCache-MemCached
Prot
X-Directory-Script
X-Cdn-Forward
Pramga
X-RAMCache
X-Mobile-Rewrite
X-DSMX-Rewrite-MS
X-Cache-TTL-Age
X-Cache-TTL-Current
X-Varnish-Cache-Local
DrivedBy
Il-Cl
X-V
X-CacheLoc
Home
X-Cache-Warmer
X-DSMX-Render-MS
X-MrHost
X-JSESSIONID
X-Enabled3
X-ReqId
X-Render-Time
X-NWS-UUID-VERIFY
X-Node-Id
X-B2f-Not-Route
PB-RID
PB-PID
X-Scheme
Proxy-Cache
TC-Cache
TC-Cache-IC
TC-Cache-U
TC-S-Cache
X-HA-Backend
Server-Ip
X-ManagedFusion-Rewriter-Version
MS-CV
X-HA-Frontend
X-Built-By
TC-S-Cache-M
X-Frames-Options
ServerTokens
X-Node-App
ServerSignature
X-Protected-By
Traffic-Origin
X-Aramark-SID
X-ETag
X-Domino-CacheValidationWithETagResult
X-Domino-CacheValidationWithETagReason
X-Cache-Time
X-Enabled2
X-Serv
X-Max-Age
Arrow-RequestId
Lookup-Cache-Hit
X-Data-Request
X-NodeID
X-Pass-Through
X-Proxy-Cache-Key
X-RequesterIP
X-PressLabs-Stats
X-PM-ID
X-HashTwo
X-Ms-Request-Id
CDCHOST
X-Blog
VSID
ViewMode
X-WN-ClientGroup
X-Oferteo-Domain
X-WA-Info
X-Zendesk-Origin-Server
X-DevSrv-CMS
X-Zendesk-User-Id
X-Search-Id
X-Block-Rule
X-Block-RuleID
Provider
X-XHTML-Minification-Powered-By
X-Cache-Via
X-Test-Debug
X-FPC
X-Enabled1
Access-Control
X-Status
X-Rewritten-By
Apachenode
X-WebKit-CSP-Report-Only
X-ASAP-Cache
X-Nginx-Request-Processing-Time
X-Clara-ASAP
X-Src-Webcache
WN
Num
X-W3TC-Minify
X-Highwire-Sitecode
X-Highwire-Smart-Code
Cf-Ipcountry
X-Batcache
X-Cache-Dispatchercachecontrol
X-Cache-Dispatcherpragma
X-DDM-SERVER
X-DDM-SERVER-UPDATED
TP-L2-Cache
X-ZORequestID
Content
X-Container
SBSS
X-Distributed-By
X-PHP-Response-Code
Xc
X-Upstream-Addr
FRONT-END-SECUREBROWSER
X-PBS-Appsvrname
Powered-By-115
TP-Cache
X-Proxy-Id
X-Rack-CORS
X-SuperCache
X-Instart-Cache-Id
X-Via-NSCOPI
Tempo
X-7d-Instance-Id
X-7d-Trace-Id
X-Amz-Meta-Cb-Modifiedtime
Server-ID
D
X-Title
Hamster
HitInfo
Yoncu-Errno
X-Cache-Action
X-Qiniu-Zone
X-Reqid
X-KoobooCMS-Version
X-Log
X-Mobilized-By
X-Cache-Extended
X-Olaf
X-SSLTerm-Server
X-PBS-Appsvrip
X-PBS-Fwsrvname
X-Accel-Cache-Control
X-SmartBan-URL
X-Build-Id
X-Streams-Distribution
SINA-TS
X-Cache-FS-Status
MageStack-Last-Modified
X-Unique-Id
X-ServiceProvider
X-SmartBan-Host
SINA-LB
X-Layout
CDN-Cache
X-FastCGI-Cache-Status
X-Czt
Provided-Host
X-CH-Device
Dis-Env
Session-Id
X-XHR-Current-Location
AMP-Access-Control-Allow-Source-Origin
X-Nginx-Request-Time
X-CacheID
Yola-ID
Backend-IP-Port
X-Batcache-Reason
Amfplus-Ver
X-B3-Sampled
X-MyName
X-WR-Trace
X-Built-With
MageStack-Cache-Lifetime-Sent
X-Highwire-RequestId
X-EC2-Instance-Id
Backend-Name
X-HAProxy
X-Highwire-SessionId
X-Instance-Id
Play-Detected-Device
X-Now-Trace
X-Shard
X-Now-Instance
Play-Detected-UserAgent
VC-NoCache
X-Appid
X-FromPodPressCache
X-DB-Content-Length
X-FORWARDED-PROTO
PBS
X-Bcwwwid
X-Pj-Cache-Status
Ali-Swift-Global-Savetime
Cleartype
X-Dw-Trace-Id
Now
X-Appversion
PServer
X-RunCloud-Cache
X-SSL
X-HEAD
X-TLS-Version
GranicusServer
X-LBPoolMember
X-From-Varnish-Deploy
Key
X-From-Varnish
X-Cache-ID
X-Boot
X-Beatles
X-CSRF-Token
X-Cache-Me-Harder
X-Cachable
X-Custom-Header
Viewport
Request-Filtered-By
X-Tag-Playlist
X-This-Proto
X-UA
X-Cname-TryFiles
X-Served
X-Az
X-Processed
X-SCProxy
X-ASAP-Age
X-Web-Node
X-Deity
X-HA
X-Cache-LB
X-Debug-Message
X-M
X-Amz-Meta-Version-Id
X-Activity-Id
Prototype-RootPath
X-MainProfileName
SB-Site-Device
SB-Cache-Remaining
SB-Cache-Life
SB-Site-IE-VERSION
X-AMAZEEIO
X-Proxy-Server
X-Ms-Version
X-Server-Generated
X-Enhanced-By
X-S-Misc
X-Generation-Time
X-Envoy-Upstream-Service-Time
X-Origin-Date
Page-Template
StatusCode
X-Who
FastCGI-Cache
Hit-Count
X-Varnish-Cache-Ttl
Purge-Cache-Tags
Response-Time
X-Mighty-Proxy
Ssl-Proxy-Server
X-Upstream-Status
X-Upstream-Backend
X-BPool-Back
X-Airee-Node
X-BServer
X-Dck
X-SCM-Server-Number
X-Powered-By-ADS
X-D-Time
Progma
X-HP-CAM-COLOR
X-Avvio-Cms-Cacheload
Nitro-Cache
X-Len
X-MainProfileCategory
X-CPU-Time
X-MainProfileID
X-Tradeindia-SMgmt
X-Tradeindia-Request-GUID
X-Amzn-Remapped-Content-Length
RSL-Trace-ID
X-BeResp-Ttl
X-Content-Type
X-Stiffia-Cache
X-Front-Cache
X-MainProfileURL
X-NewsFlow-Sitename
X-Newrelic-Synthetics
X-MSU-SOURCE
X-SID
X-VG-WebCache
End-User-Country
Backend-Powered-By
X-GEO
X-Clx-Request
X-Geo-IP
X-Compressed-By
X-Origin-Upstream-Status
X-Skip-Cache
Requested-Host
X-Trans-Id
X-ProBase-Server
X-Vary-Options
X-VTEX-Cache-Status-Janus-Edge
DbServerName
Nd
X-Sid
X-Lb
X-Dynamic
X-Geo
UrlWatchModule-Time
Webserver
X-Route
Content-Sn
MachineName
MwpReleaseVersion
X-AppServer-Cache-Rule
X-Server-Hostname
X-Brought-To-You-By
X-Backend-Host
X-CD
X-ACCELERATE
X-Cjtype
X-Csrf-Token
HSTS
X-Device-Item
Www.Aujourdhui.Com
VAR-Cache
X-Varnish-Grace
RM-Cache-Control
X-Sorting-Hat-Expire-Cache
ORIGIN-SERVER
V-TTL
ORIGIN-SITE
DB-Nickname
Description
X-UPServer
X-Varnish-Cached
X-Sn-Servicetimems
X-AISO-Cache
X-AISO-Server
X-AISO-Cacheable
X-Varnish-Cached-TTL
OracleCommerceCloud-Version
CommercePlatform-Version
CDN-Uid
Ctx
CDN-PullZone
OracleCommerceCloud-Sandiego
CDN-CachedAt
X-Ruby-Cluster-ID
X-MCF-ID
Request-Time
Session-From
Og
ModuleCacheType
Keywords
X-Distil-CS
ServerIP
X-B3-Spanid
X-Nginx-Page-Cache
X-Hit
X-Fpc
Debug-Status
Expiries
X-B3-Traceid
X-UPSTREAM-Address
X-Netrix-ID
X-InDy-Time
X-InDy-Query
X-M-Log
X-M-Reqid
X-Qnm-Cache
X-M-V
X-InDy-Memory
X-Grid-Server
X-S-C
LB
Realaction
X-Q-S
X-Mw-Workerstats
X-OPNET-Transaction-Trace
X-Served-Server
X-Server-Ip
NGX
ID
Plateforme
X-I-V
X-Header
RSB-LINK
Hosted-By
X-M-P
X-Varnish-Cache-Control
X-SV
X-M-T
X-Wodby-Node
Ews
Content-Generator
Actioncode
CDN-RequestId
X-VC-Debug
X-Time-Microsecs
X-We-Are-Hiring
REFRESH
X-Appmachine-CreatedOn
Sl-Pgid
NS-VaryByCustom-Key
ProxiaInstanceId
X-Gate-Blk
X-Gate
X-Middleton-Pagespeed
X-Machine
X-Catalyst
X-Nginx
X-Appmachine-Duration
X-Appmachine-Name
X-Global-Transaction-ID
X-Gateway-Rate-Limit-Delayed
X-S-V
X-Pagely-Cache
X-SiteDistrict-Cache
X-Server-Response-Time
X-From-Cache
X-Firefox-Spdy
X-CloudBurst-Backend
X-Backside-Transport
X-CloudBurst-Cache
X-CloudBurst-Frontend
X-Transaction-Name
X-CloudBurst-WordPress
Ttl