Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: HTTP Header Usage Statistics - Internet Security | DShield HTTP Header Usage Statistics


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

This is a continuation of work started by Brough Davis as part of his software security project for his Masters in Information Security Engineering. The main goal of this project is to find how many sites use security relevant headers, like for example the X-XSS-Protection or X-Frame-Options headers.

Below you will find a table/histogram showing how many times we found each header (security relevant or not). We access the index page of each site using a "head" request. The list of sites is derived from Alexa's Top 1 Million sites. We try to poll as many sites as possible each day.

As we collect more data, we will plot changes over time.



All Headers Active In The Past Month
Header Popularity
Date
Content-Type
Server
Set-Cookie
Connection
Cache-Control
Vary
X-Powered-By
Expires
Content-Length
Link
Last-Modified
Pragma
Accept-Ranges
ETag
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
Strict-Transport-Security
CF-RAY
Age
X-Cache
P3P
Expect-CT
Content-Language
X-AspNet-Version
X-Pingback
Via
X-UA-Compatible
Upgrade
Access-Control-Allow-Origin
Content-Security-Policy
X-Cacheable
X-Varnish
Referrer-Policy
X-Request-Id
X-Adblock-Key
X-Check
X-Generator
X-Xss-Protection
X-Type
WPE-Backend
X-Cache-Group
X-Pass-Why
X-Language
X-Template
X-Drupal-Cache
X-Buckets
X-Permitted-Cross-Domain-Policies
Alt-Svc
X-Download-Options
X-Wix-Server-Artifact-Id
X-Accel-Buffering
X-Ac
X-Hacker
X-Cache-Hits
Host-Header
X-ShopId
X-Sorting-Hat-FeatureSet
X-Sorting-Hat-PodId
X-Sorting-Hat-PrivacyLevel
X-Dc
X-ShardId
X-Sorting-Hat-PodId-Cached
X-Sorting-Hat-ShopId
X-Sorting-Hat-ShopId-Cached
X-Sorting-Hat-Section
X-Alternate-Cache-Key
X-AspNetMvc-Version
X-Via
X-Powered-By-Plesk
X-Served-By
X-Runtime
X-Contextid
X-PC-Key
X-PC-Hit
X-PC-AppVer
X-ServedBy
X-Amz-Cf-Id
X-UA-Device
X-PC-Host
X-PC-Date
MS-Author-Via
Content-Location
Access-Control-Allow-Headers
X-IPLB-Instance
Access-Control-Allow-Methods
X-Timer
X-Powered-CMS
X-Seen-By
X-Wix-Request-Id
X-TEC-API-VERSION
X-TEC-API-ROOT
X-TEC-API-ORIGIN
X-Rid
Status
X-Tumblr-Pixel-0
X-Tumblr-User
X-Tumblr-Pixel
X-Ua-Compatible
X-Shopify-Stage
CF-Cache-Status
X-Tumblr-Pixel-1
X-FRAME-OPTIONS
Cartoon
X-Iinfo
X-Tumblr-Pixel-2
X-Backend
Access-Control-Allow-Credentials
X-Cache-Status
X-CST
X-Host
X-WPE-Loopback-Upstream-Addr
Content-Encoding
Powered-By
X-Endurance-Cache-Level
X-Cache-Enabled
X-Cache-Hit
X-Mod-Pagespeed
X-Port
X-CDN
X-Tumblr-Pixel-3
X-Logged-In
X-Server
X-Drupal-Dynamic-Cache
X-Server-Powered-By
Keep-Alive
X-DIS-Request-ID
X-Request-ID
X-Nginx-Cache-Status
X-Robots-Tag
X-Accel-Version
X-Proxy-Cache
X-Turbo-Charged-By
X-Pantheon-Styx-Hostname
X-Styx-Req-Id
X-LiteSpeed-Cache
X-Page-Speed
P3p
X-Content-Digest
X-Content-Powered-By
Content-Security-Policy-Report-Only
X-GitHub-Request-Id
Request-Context
X-FW-Hash
X-AH-Environment
X-FW-Server
X-Rack-Cache
X-FW-Serve
X-FW-Type
X-FW-Static
X-Tumblr-Pixel-4
X-Pad
X-Varnish-Cache
X-Hits
X-Webcom-Cache-Status
X-XRDS-Location
Access-Control-Expose-Headers
X-BC-Stapler
Edge-Control
SPRequestGuid
X-Newrelic-App-Data
X-Trace
X-MS-InvokeApp
X-SharePointHealthScore
X-Node
MicrosoftSharePointTeamServices
WP-Super-Cache
Edge-Cache-Tag
X-Request-Country
Cf-Railgun
X-HS-Cache-Config
X-Amz-Request-Id
X-Amz-Id-2
X-HS-Content-Id
X-CF-Powered-By
Timing-Allow-Origin
X-Died
Charset
X-Content-Security-Policy
X-FullPageCaching
X-Cache-Lookup
X-INKT-URI
X-INKT-SITE
X-PHP-Backend
Request-Id
X-Fastly-Request-ID
Allow
Access-Control-Max-Age
X-HS-Combine-CSS
X-Cnection
X-Backend-Server
SPIisLatency
SPRequestDuration
X-Edge-Cache-Key
X-Edge-Cache
X-Swift-CacheTime
Ali-Swift-Global-Savetime
X-Swift-SaveTime
MicrosoftOfficeWebServer
EagleId
Composed-By
X-CDN-Pop
X-CDN-Pop-IP
Rating
Grace
X-Server-Name
X-Safe-Firewall
X-Device
X-Tumblr-Pixel-5
X-DDC-Arch-Trace
Served-By
X-NF-Request-ID
X-SS-Conf
X-SS-Location
X-Spip-Cache
X-Tumblr-Content-Rating
X-SERVER
X-Dw-Request-Base-Id
Liferay-Portal
X-VCache
Front-End-Https
X-Hyper-Cache
X-HeyJason
Permitted-Cross-Domain-Policies
X-Do-Not-Hack
P-LB
P-WS
X-Cloud-Trace-Context
X-LiteSpeed-Cache-Control
X-OneAgent-JS-Injection
X-Cluster-Node
Surrogate-Control
X-Firenze-Processing-Times
X-Loop
X-TNCMS
X-Original-Date
X-Kinsta-Cache
Display
X-Sol
X-Middleton-Display
Response
X-Middleton-Response
X-Clacks-Overhead
X-Acc-Exp
X-RateLimit-Reset
X-RateLimit-Remaining
X-RateLimit-Limit
X-StackifyID
X-FB-Debug
X-Vtex-Processado-Em
Public-Key-Pins
X-Jimdo-Instance
X-Jimdo-Wid
Content-Style-Type
X-HOST
Feature-Policy
X-Debug-Info
Content-Script-Type
X-Amz-Version-Id
X-Magento-Tags
Refresh
X-Servedby
X-Age
X-Ruxit-JS-Agent
X-WebKit-CSP
X-XN-XNHTML
Xkey
X-XN-Trace-Token
X-Frame-Option
Fpc-Cache-Id
X-LW-Cache
X-Tumblr-Pixel-6
X-Webserver
X-Cached
X-Goog-Hash
X-N-OperationId
X-Zen-Fury
X-PhApp
X-DNS-Prefetch-Control
X-Px
X-Hostname
X-User-Agent
X-DynaTrace-JS-Agent
PageSpeed
Retry-After
X-ARC
X-Version
X-Url
X-Cache-Config
X-Generated-By
X-Upstream
X-Handled-By
X-Edge-Location
X-Topify-Platform
WPX
X-Dns-Prefetch-Control
X-Goog-Stored-Content-Encoding
X-Goog-Stored-Content-Length
X-Goog-Storage-Class
X-Goog-Generation
X-Goog-Metageneration
Access-Control-Request-Method
X-Whom
TCN
X-Loopia-Node
X-Source
X-MiniProfiler-Ids
X-Magento-Cache-Debug
Rt-Fastcgi-Cache
X-B-Cache
X-EdgeConnect-Origin-MEX-Latency
X-CMS-Version
X-FORWARDED-FOR
X-Cached-By
X-ET-API-ROOT
X-ET-API-VERSION
X-ET-API-ORIGIN
Fastcgi-Cache
Powered
X-RESOURCE
X-EdgeConnect-MidMile-RTT
X-Accel-Expires
ServedBy
X-URLSCHEME
X-Outils-CS
X-Content-Options
Last-Published
X-SRCache-Fetch-Status
X-SRCache-Store-Status
X-Request-Time
X-VTEX-Janus-Router-Backend-App
X-Vtex-Processed-At
X-Vtex-Remote-Cache
X-Platform-Server
X-CacheServer
X-VTEX-Cache-Status-Janus-ApiCache
No
X-Powered-By-VTEX-Janus-ApiCache
X-Engine
X-Microcache
X-Developer
Pagespeed
X-Fastcgi-Cache
Product
X-Application-Context
Fhost
X-Varnish-HitMiss
X-Varnish-Count
X-LBLID
X-Varnish-Cache-Hits
Warning
X-Signature
X-AspNetWebPages-Version
X-DynaTrace
X-Shop-Id
X-Defender
Host
Cache-Key
X-S
X-Platform-Router
X-Platform-Cluster
X-From
X-Platform-Processor
X-Location-Id
X-F-Cache
X-PERF
X-ApacheServer
Dmn
X-Actual-URL
X-Cache-Key
X-Varnish-Beresp-Ttl
X-Varnish-Beresp-Grace
X-Passed-To
X-Passed-To-DLL
X-Original-Request
X-Returned-From-DLL
X-Varnish-Beresp-Status
Generator
X-Returned-From
X-Varnish-Host
Public-Key-Pins-Report-Only
X-Stale
X-Ezoic-Cdn
Imagetoolbar
X-Forwarded-For
X-Microcachable
X-Cache-Info
X-Returned-From-BeforeDispatch
X-Passed-To-PostProcessResponse
X-Returned-From-PostProcessResponse
X-Passed-To-BeforeDispatch
X-Acquia-Application-UUID
X-Acquia-Application-Trace
X-NWS-LOG-UUID
X-Cache-Age
X-Magento-Cache-Control
X-Response-Time
X-Platform
X-Device-Type
X-URL
X-Umbraco-Version
Cache-Provider
X-Micro-Cache
X-HS-Content-Campaign-Id
X-SSLUpstream
X-Hosted-By
X-SSLProxy
Arr-Disable-Session-Affinity
Alternate-Protocol
X-Gateway-Cache-Status
X-Gateway-Skip-Cache
X-GUploader-UploadID
X-Gateway-Cache-Key
Origin
X-Translation
X-Microcache-Status
X-Msg-2-Log
Version
X-Environment
X-Svr-Proxy
X-SVR-IIS
X-Powered-By-360WZB
Content-Hash
Surrogate-Key
X-Lambda-Id
SSPAppContext
X-Varnish-TTL
X-Rnd
X-Via-JSL
X-Cache-Rule
X-Platform-Cache
X-Akam-SW-Version
X-Sapient
X-Cache-Namespace
DynaTrace
X-SO
X-Cache-TTL
X-Supported-By
X-BS
X-I-Sp
X-Dealeron-Backend
X-DealerOn
MIME-Version
X-Dealeron-Original-Url
X-Guploader-Uploadid
X-Cache-Tags
X-Instart-Request-ID
USPLoggingUUID
X-Duration
X-Abgroup
X-Track
S-Cnection
Content-Disposition
X-App-Status
X-SSL-Cipher
X-NetCat-Version
X-Server-ID
X-TransIP-Balancer
X-Expires-Orig
X-Server-Upstream
X-Dispatcher
X-Matrix-Proxy
WZWS-RAY
X-Matrix-Server
X-ORACLE-DMS-ECID
X-Correlation-ID
X-SSL-Protocol
X-CSRF-Protection
X-Art-Request-Id
X-TransIP-Backend
X-Generated
X-Front
X-VARITI-CCR
X-Sucuri-ID
X-App-Hosting
X-Cache-Control-Orig
X-Gamma-Serve
X-Client-IP
X-Varnish-RemainingTTL
X-Powered-By-VTEX-Janus-Edge
X-Varnish-Seen-By
X-Varnish-ObjectSource
X-Varnish-GracePeriod
X-Varnish-RemainingLife
SN
Cache
Node
X-Hypernode
X-Drupal-Cache-Tags
X-Debug
X-Vcap-Request-Id
Content-Encoding-Handler
X-ServerName
Pool
X-NewRelic-App-Data
X-Page-Cache
FAI-W-FLOW
X-Sucuri-Cache
X-Grace
X-Daa-Tunnel
RTSS
Powered-By-ChinaCache
Accept-Encoding
X-Amz-Meta-S3cmd-Attrs
X-Revision
X-Flow-Powered
X-Helper-Autoassign-All
Req-Id
X-Edge-IP
X-Storage
X-Route-Server
X-Powered-By-VelaWeb
X-Varnish-Cacheable
X-Director
X-Env
X-Rocket-Nginx-Bypass
X-TTFB
Smug-CDN
X-NoCache
X-SmugMug-Values
X-SmugMug-Hiring
X-TTFB-L
X-Github-Request-Id
Update-Time
Src-Update
X-Cache-Lifetime
X-SV-Nginx-Duration
X-SV-FromDBCache
X-SV-Duration
X-SV-Pid
X-SV-Edge
X-Cache-Engine
X-Correlation-Id
Cache-Tags
Contao-Page-Layout
X-SV-CreatedAt
X-I
X-Cache-Debug
X-FTR-Request-ID
X-UD-Method
X-Firenze-Processing-Time
X-Varnish-Url
X-Forwarded-Proto
X-Cache-Server
X-Locale
X-Geo-Country
X-SV-Cacheable
X-SV-CacheTags
Service-Worker-Allowed
X-Discourse-Route
X-SV-Expires
CF-Worker-Version
X-Rocket-Nginx-Serving-Static
X-ATG-Version
X-Cache-Handler
X-Country-Code
X-Content-Type-Option
Wsr-Cache
X-Esi
X-Now-Id
X-GeoIP-Country-Code
X-IsCacheURL
X-Varnish-Age
X-Content-Encoded-By
X-Nginx-Cache
X-Recruiting
X-Last-Modified
X-LB-Server
X-Cache-Level
X-Server-Instance
X-Server-Id
ServerID
X-SRV
Lsrequestid
SiteSpeed
X-Unbounce-PageId
X-Unbounce-VisitorID
CF-Worker-Script
Cneonction
X-Unbounce-Variant
Author
X-Drupal-Cache-Contexts
X-Pressidium-NinukisWP-Ver
Strikingly-Cache-Region
Strikingly-Cached
X-CJ-Soft
X-TransIP-Reserved
X-Ttl
X-UPSTREAM
X-Middleware-Start
Strikingly-Cached-Version
X-GeoIP-Country-Name
X-Vhost
Backend
X-PwB-Node
X-Dispatch
X-ORACLE-DMS-RID
Server-Timing
X-Trace-Id
X-Cache-Control
X-Url-Base
Server-Name
Edge-Control-Message
Use-Proxy
X-Hiawatha-Cache
Akamai-IP
X-Cache-Only-Varnish
X-N
X-TTL
X-NA-CachePolicy
X-LB
X-Cache-Type
If-Modified-Since
PICS-Label
Section-Io-Id
Srv
X-Transaction
X-Twitter-Response-Tags
Dtk-Cache-Check-0
X-Connection-Hash
X-Rq
X-Akamai-Device-Characteristics
Pv
X-Akamai-Device-Model
X-Speed-Cache
W
X-Cache-Expires
SEOMOZ
X-Speed-Cache-Key
MJ12bot
X-Time
X-Varnish-Backend
X-SDS
X-Empowered-By
X-FIRSTBase
X-High-Performance
X-Fastly-Request-Id
Proxy-Connection
X-CF-Passed-Proto
X-Varnish-Retries
X-Cache-Fix
X-Cache-PageType
X-Dynatrace-Js-Agent
X-Storage-Cache-Date
X-NginX-Cache
X-BKSrc
X-Storage-Cache-Expires
X-Storage-Cache
S
Custom-Header
NnCoection
X-Cookie-Domain
AMF-Ver
X-Processing-Time
X-Cache-Operation
X-Service-Id
Edit
X-CDN-Forward
X-Config-Blacklist-Version
X-RequestId
FindLaw
X-Cache-Device-Type
ServerName
Qs-Cache
X-Litespeed-Cache-Control
X-Varnish-IP
X-Worker
Nodo
Accept-Charset
Xc-Version
Content-MD5
Https
X-HW
X-Content-Age
X-Now-Cache
X-CacheFROM
Ohc-File-Size
Page-Completion-Status
X-Dynamic-Cache
X-Amz-Storage-Class
X-Real-Server
X-Amz-Rid
X-Analytics
Local-Info
Backend-Timing
X-PF-Uncompressing
X-Wikidot-Static-Cache
MC
Location
X-Wikidot-Backend
X-Frontend
X-Symfony-Cache
Content-Transfer-Encoding
Ramp
X-WR-MODIFICATION
X-Magnolia-Registration
X-Stage
X-ServerID
IBM-Web2-Location
Prama
X-SRCache-Key
NetMindSessionID
Ram
X-Key
Noq
X-FW
X-ID
From-Origin
X-GoCache-CacheStatus
X-Content-Security-Policy-Report-Only
X-BackendServer
X-CB-Server
X-TB-M
X-Browser
X-SP-UniqueName
X-Runtime-Memory
X-SP-Farm
X-Ruxit-Js-Agent
Pf.Web.Request.Id
Cm-Server
Proxy-Agent
X-WEBSERVER
X-Varnish-Server
X-Proxy-Backend
Frame-Options
X-Amz-Meta-Content-Md5
X-WR-Flags
X-Processed-By
X-JG-Page-Cache
Accept-CH
X-Nitro-Cache
X-Shard
IM-Version
X-Cache-TTL-Remaining
Cached
X-App-Server
X-LW-Web-Server
X-WPL-DATA
X-Yadis-Location
X-Webstats-RespID
X-Srv
SRV
X-Redman-Final-Url
X-Remote-Addr
Accept-Language
X-Yottaa-Optimizations
X-4ormat-Cacheable
X-AVG-Country-Code
RequestId
X-Yottaa-Metrics
X-Client-Image-Vid
X-Redman-Backend
X-Avg-Cookie-Expires
Web-App-Origin-Name
Swift-Performance
X-Client-Vid
Adm-Server
X-Akamai-Edgescape
X-EPiphany-Vid
X-Varnish-Hostname
X-FireWall-Port
X-HydroSheep
X-Pantheon-Site
X-RealServer
X-Pagename
Nopic
Front
X-CLOUD-TRACE-CONTEXT
X-UnsetCookies
X-Sedo-Request-Id
Pics-Label
X-Cache-2
X-CacheDebug
X-Cache-Miss-From
X-Cache-Ttl
Surrogate-Key-Raw
X-Hit-Cache
X-Pantheon-Phpreq
X-Pantheon-Environment
X-Pantheon-Az
X-Webkit-CSP
X-Server-IP
X-Hstore
X-PRAM
X-Hrouter
HAVer
HCVer
X-Source-ID
Report-To
X-Debug-Token
X-Force
Access-Control-Allow-Method
X-Request-Uri
X-Origin
Server-Info
X-Session-ID
X-CAPServer
IISExport
X-HTML-Minification-Powered-By
X-AEM
X-Ratelimit-Remaining
X-Nbs
Tracecode
X-Sys-Req-ID
Environment
X-Culture
Request-EU
Request-Country
X-Ratelimit-Limit
AsisCache
X-Path-Route
X-Plat
Lb
X-LP
Referer
X-Varnish-Hits
X-Cache-CFC
X-Role
X-ACMCache
X-VCS-Cacheable
X-Backend-Status
X-Span
X-GeoIP
X-Varnish-Id
X-Appmachine-Environment
X-Nginx-Dummy
X-VCS-Ttl
X-Generated-Timestamp
X-NginX-Server
X-Forwarded-Host
Url
SHInfo
X-Varnish-Ttl
X-ServerIndex
X-Shield-Request-Id
Drupal-Pagecache-Memcache
A-Powered-By
Lookup-Cache-Hit
X-Oneagent-Js-Injection
X-ClientSide-Caching
X-A
Hummingbird-Cache
X-App-Runtime
X-Runtime-Affili
Dispatcher
Beyond-Iis
X-Location
NODE
CacheControlHeader
X-Disney-Akamai-Rule
X-Varnish-Backend-Beresp-Backend
X-Jphone-Copyright
X-Unique-Id
Content_type
X-VC-Enabled
X-Detected-Device
X-Akamai-ERRuleID
X-Adobe-Loc
X-Adobe-Content
Home
X-SERVER-ID
Max-Age
X-Akamai-ERPolicy
X-Origin-Date
X-Cache-Dispatchercachecontrol
X-Cache-Dispatcherpragma
X-Purge-Host
X-Purge-URL
X-Proxy-Cache-Key
ScoreTracker
DNNOutputCache
X-Envoy-Upstream-Service-Time
X-Akamai-Transformed
RN-Server
Eomportal-Instance
X-V
X-AOL-HN
X-Real-IP
Server-ID
X-Framework
CDN-Cache
Disablevcache
X-NWS-UUID-VERIFY
WWW-Authenticate
X-Unique-ID
X-MCB-Server
X-Distributor
Copyright
X-Cache-Doesi
X-Goog-Meta-Policy
X-Atraveo-From-Varnish-Cache
X-Goog-Meta-Replace
X-Atraveo-Expires
X-Atraveo-Set-Cookie
X-Atraveo-TTL
X-Nginx-Host
X-Atraveo-Zone
X-Atraveo-Varnish-Server-Id
X-Atraveo-ETag
X-Atraveo-Cache-Control
X-FastCGI-Cache
X-Cacheable-TTL
X-Distil-CS
X-Consent-Required
X-HeBS-Cache-Status
Machine
X-NginX-Upstream
X-Vcache
X-Atraveo-Param-Rm
Identity
Upgrade-Insecure-Requests
X-SAPP
CS-SERVER
WP-FROM-CACHE
X-Flex-Community
X-Flex-Evstart
Access-Control-Allow-Header
X-Flex-Evend
X-ETag
*
X-PBY
X-Cache-Varnish
CDN-PullZone
CDN-RequestId
MageStack-Cache-Status
X-Flex-Lang
X-ZSITES-DNS
CDN-Uid
X-Server-Addr
X-Flex-Lastmod
X-Via-S
X-Soro
X-Req-Head-Response
X-E
X-CRA-DC
X-Fedora-School-Id
CLMOB
Access-Control
X-M-Log
X-M-Reqid
X-Flex-Tag
X-Rebelmouse-Cache-Control
X-Response
X-Qnm-Cache
X-Flex-Tags
X-Proxy-Cache-Control
X-Varnish-Grace
X-Map-Context
X-FPC
CDN-CachedAt
X-Varnish-Debug-TTL
Firespring-Website-Id
X-Hosting-Env
Filters
X-Varnish-Debug-Age
XX
Myheader
X-Amz-Meta-S3b-Last-Modified
X-SDE-Name
X-Timestamp
SVR
X-Resolver-IP
X-Proxy
X-AF-Userserver
TC-S-Cache-M
TC-S-Cache
Resin-Trace
X-ARRServer
X-Route
X-SmartBan-URL
X-SmartBan-Host
Locale
X-Adnet
X-Actindo-Thread-Id
Arrnode
BALANCEDTO
X-Highwire-RequestId
X-Highwire-SessionId
X-App
X-Via-NSCOPI
X-Instance
TC-Cache-IC
VServer
TC-Cache-U
VANITY-HOST
X-Actindo-Request-Id
X-Refresh
TC-Cache
X-Actindo-Rs
X-ACCELERATE
X-Cache-On
X-TKP-SRV-ID
X-HashTwo
X-Orig-Vary
XDomainRequestAllowed
MageStack-Area
X-Amcomm-Site
X-Data-Request
X-SE-Debug
X-Varnish-Cache-Local
Load-Balancer
Num
X-JSESSIONID
X-HA-Frontend
X-HA-Backend
MageStack-Cache
X-Dev
MageStack-Magento-Version
MageStack-PageSpeed
MageStack-Loadbalancer
MageStack-Debug
MageStack-Cacheable
MageStack-Config
MageStack-Tag
MageStack-Web-Node
X-Cms-Mode
MageStack-Cache-Hits
MageStack-Cache-Lifetime
AC-ELC
Worker
IES-Server
Traffic-Origin
X-Aramark-CSID
Play-Detected-UserAgent
X-Aramark-SID
X-B2f-Not-Route
Cmsid
AMP-Redirect-To
Play-Detected-Device
YF-ID
COMMERCE-SERVER-SOFTWARE
Cteonnt-Length
Il-Cl
Cmstype
Proxy-Cache
Dis-Env
X-ESI
X-Provisioner-Version
Prot
X-Balanceador
Cleartype
X-Drectory-Script
X-Xml-Http-Blocked
X-Cocoon-Version
X-Id
MICROSOFTOFFICEWEBSERVER
X-LB-Node
X-Bip
Serverid
X-WP
Bios
X-Domain-Checked
Magicmarker
NLCacheNote
X-Fstrz
X-Smartcache-Timeout
X-IIJ-Cache
X-Smartcache-Keys
GranicusServer
DrivedBy
Edgecast
X-DSMX-Render-MS
X-WebServer
X-Lb
X-Origin-Cache
NGX
X-Served-Server
Pragrma
X-WEBMGR-CACHE
Nitro-Cache
Srv-Name
Yoncu-Errno
X-Dw-Trace-Id
Hosted-By
Fastly-Debug-Digest
Fastly-Backend-Name
X-WebNode
X-FastCGI-Cache-Status
X-Frames-Options
X-DN-Cache-Control
X-Upstream-Backend
X-Upstream-Status
X-Access-Control-Allow-Origin
X-Cache-Date
X-Rack-CORS
X-Upgrade-Enabled
X-Gyrobase-Publication
X-Custom-Name
X-GeoIP-Country
Thanks
X-Status
X-SH-Cache-Status
X-Mobilized-By
X-Info
X-Webcelerate
X-RiS-PX
X-Middleton-PageSpeed
X-Generated-Time
X-Client-Id
X-Amz-Id-1
X-Test
X-DSMX-Rewrite-MS
X-Secret
X-Amzn-RequestId
X-Amzn-Trace-Id
X-Amz-Apigw-Id
N365rili
X-Compress-Hint
X-Desc
X-Autoru-App-Id
X-Autoru-Host
X-Varnish-Action
X-Batcache
Xc
X-UA-Bot
X-PHP-Response-Code
X-Session-Reinit
X-Cdn-Forward
X-7d-Trace-Id
X-Resource
PServer
X-Cache-Me-Harder
X-OpenCart-Lightning
X-LBPoolMember
X-Appversion
Cf-Ipcountry
Aurora-Node
Pramga
X-7d-Instance-Id
Paypal-Debug-Id
OracleCommerceCloud-Version
CommercePlatform-Version
OracleCommerceCloud-Sandiego
X-Captured
X-MAT-GEO
X-Garden-Version
X-Hit
X-Geo
X-Rule
X-Streams-Distribution
Viewport
X-Cache-Extended
X-Serverid
X-UUID
X-We-Are-Hiring
Device
X-Cache-Detail
X-Nginx
X-ReqId
AMP-Access-Control-Allow-Source-Origin
X-Middleton-Pagespeed
X-Appid
Nginx-Cache
X-Gateway-Rate-Limit-Delayed
Provider
X-Ms-Request-Id
X-HostName
X-CACHE-TTL
X-Varnish-ID
NZSpeedy
X-IP
X-DevSrv-CMS
Description
X-Proto
Keywords
X-Directory-Script
Og
MSThemeCompatible
Content
X-Varnish-Cached
FRONT-END-SECUREBROWSER
X-Shopware-Cache-Id
D
CF-Cache-Key
Ttl
MSSmartTagsPreventParsing
X-Domino-CacheValidationWithETagResult
X-Wodby-Node
X-Domino-CacheValidationWithETagReason
X-Beatles
X-Served-From
X-NoIndex
X-Shopware-Allow-Nocache
X-Mobile-Rewrite
X-Box
X-Cache-Action
Now
X-Instance-Name
PBS
PB-RID
StatusCode
X-ENV
X-Optimization
X-Mighty-Proxy
X-PM-ID
X-Podname
X-Src-Webcache
X-HS-Status
REFRESH
X-Backside-Transport
X-Now-Trace
Server-Ip
X-Origin-Upstream-Status
X-UPServer
X-Vol-Correlation
X-Vary-Options
X-Varnish-Cached-TTL
ServerIP
X-FromPodPressCache
X-Firefox-Spdy
X-Global-Transaction-ID
X-Grid-Server
Session-From
X-Vol-Mrp
Ews
X-Static
X-Goog-Meta-Goog-Reserved-File-Mtime
X-Confluence-Request-Time
X-RiS-UFDI
X-WA-Info
AETN-City
AETN-Area-Code
X-WN-ClientGroup
X-V-Cache
WN
MageStack-Last-Modified
Id
Httpd-Identifier
X-UT-Cache
X-Time-Spent
AETN-Continent-Code
AETN-Country-Code
X-Instance-Id
Apachenode
X-GSL-Server
X-DynamicCache
X-CacheID
X-Node-App
AKA-DEVICE
AETN-State-Code
AETN-DEVICE
AETN-Country-Name
AETN-EU
AETN-Latitude
AETN-Postal-Code
AETN-Longitude
MageStack-Cache-Warning
MageStack-Cache-Lifetime-Sent
X-Expires
X-DB-Content-Length
X-CSRF-Token
X-RunCloud-Cache
X-Tag-Playlist
MS-CV
HTTPS
X-Cache-Time
X-Cache-ID
EQ-Cache
X-Varnish-Ip
X-Phpwcms-Page-Processed-In
ID
X-Application
NS-VaryByCustom-Key
Tempo
Tesla.Performance
X-Processed
X-Pj-Cache-Status
X-Resty-Request-Id
X-Served
Generate-Time
X-This-Proto
X-Oferteo-Domain
X-HA
X-Az
X-Activity-Id
X-Cache-LB
X-Cname-TryFiles
X-Deity
X-Debug-Message
X-TLS-Version
PB-PID
X-Server-Generated
X-Protected-By
X-Render-Time
X-Rewritten-By
X-EC2-Instance-Id
TYPO3-Pid
SS
ModuleCacheType
X-NodeID
X-Cache-Via
X-Serv
Server-Id
X-Zendesk-User-Id
X-ProcessESI
Access-Control-Request-Headers
Section-Io-Origin-Time-Seconds
X-AppServer-Status
X-Title
X-Page
X-RemovedCookies
X-Proxy-Server
X-Netrix-ID
X-ManagedFusion-Rewriter-Version
X-Nx-All
X-Server-Hostname
X-Proxy-Id
X-Airee-Node
X-Cache-TTL-Current
Content-Sn
From
X-Zendesk-Origin-Server
HitType
X-Firewall
X-Policy
X-Blog
X-Nx
X-Depends
X-Gannett-Site-Version
X-Layout
X-Cache-TTL-Age
X-Country
X-BPool-Back
X-BServer
X-Built-By
X-Origin-Server
X-AppServer-Cache-Rule
SBSS
X-VC-TTL
ViewMode
VSID
X-Phpwcms-Release
Ssl-Proxy-Server
UrlWatchModule-Time
IP-Addr
TYPO3-Sitename
X-SilverStripe-Cache
X-Cdn-Origin
X-MCF-ID
Section-Io-Origin-Status
X-SV
X-Highwire-Smart-Code
X-Meta-Imagetoolbar
X-Nginx-Request-Processing-Time
X-Meta-MSThemeCompatible
X-Meta-MSSmartTagsPreventParsing
X-Cache-HT
X-Highwire-Sitecode
X-Sid
X-Amzn-Remapped-Date
Actual-Object-TTL
X-Batcache-Reason
MachineName
X-AppServer-Cache-Exception
X-W3TC-Minify
MwpReleaseVersion
X-Clara-ASAP
X-Always-Cache
X-UA
X-Rack-Cors
X-GZip
Response-Time
Webserver
X-Scheme
X-ASAP-Age
X-SSL-Host
X-ASAP-Cache
X-MSU-SOURCE
TP-Cache
X-Cache-Warmer
X-Sorting-Hat-Expire-Cache
X-Ms-Version
X-VTEX-Cache-Status-Janus-Edge
X-Reflector-Cache
Z
X-WHO
X-Reflector
X-Clx-Request
X-VERSION
TP-L2-Cache
X-Author
Powered-By-115
HSTS
X-SSLTerm-Server
X-HS-Content-Group-Id
X-Cache-Id
X-Artvisual-Server
X-HEAD
X-Hostinger-Datacenter
Content-Generator
X-Varnish-Cache-Control
X-OCTOPOD
X-MyName
X-Hostinger-Node
X-FORWARDED-PROTO
X-Hosting
X-Cache-FS-Status
X-Catalyst
X-DataDome
X-Amz-Meta-Version-Id
X-Dispatcher-Number
X-PBS-Appsvrip
X-UD-METHOD
129prxHost
X-BIT-Node
135prxHost
196prxHost
262prline
259pxline
X-UPSTREAM-Address
X-Stiffia-Cache
X-PBS-Appsvrname
X-PageCache
X-PBS-Fwsrvname
X-Flash-Messages
X-Cache-Node
Yola-ID
316pxxline
X-Request-Processing-Time
X-Amz-Meta-Cb-Modifiedtime
Requested-Host
X-DDM-SERVER
X-DDM-SERVER-UPDATED
X-Newrelic-Synthetics
Page-Template
X-Czt
X-Enhanced-By
AR-CACHE
AR-ATIME
X-LAKANA-AB
AR-PoweredBy
AR-SID
X-SuperCache
X-TNCMS-Bot-Tier
Progma
No-Cache
X-Avvio-Cms-Cacheload
X-AWS
X-Croise-Owner
AddDefaultCharset
X-VG-WebCache
X-Thanos
X-Built-With
NtCoent-Length
X-Itkg-Cache-Tags
Apple-Itunes-App
X-Beluga-Cache-Status
X-Accel-Cache-Control
Www.Aujourdhui.Com
X-Cjtype
Language
HitInfo
X-Request-Received
X-InstanceId
X-Pool
X-VC-Hash
CINC-Endpoint
X-VC-Debug
X-VC-Cacheable
X-VC-Cache
Prototype-RootPath
X-Cluster
X-Beluga-Response-Time-X
Xxline
X-Beluga-Response-Time
X-Beluga-Record
X-Beluga-Node
X-Proxy-Skip
X-Beluga-Status
SWS-Security
X-ServiceProvider
X-Compressed-By
X-Beluga-Trace
X-Container
NEL
TestCC
DB-Nickname
X-User-Agent-Tier
Backend-Powered-By
CDCHOST
Ohc-Response-Time
HA-Status
X-SATserver
X-RequesterIP
X-Nginx-VM-RT
X-Machine
X-Obvious-Info
X-Obvious-Tid
X-Page-Cacheable
X-Abuse
X-Dck
X-Varnish-Cache-Ttl
X-Test-Debug
X-WebKit-CSP-Report-Only
X-XHTML-Minification-Powered-By
Fastly-Restarts
X-SCM-Server-Number
X-Rocket-Nginx-Reason
X-Node-Id
X-NMT-Proxy
X-Pass-Through
X-Powered-By-ADS
X-Rocket-Nginx-File
X-Client-Ip
X-Agent
X-LB-Frontend
X-LB-Backend
X-Old-Content-Length
X-CacheLoc
X-Block-RuleID
X-DODN-Region
X-DODN-Id
X-Cache-Bypass
Expiries
X-Sn-Servicetimems
Web
X-Fpc
X-Block-Rule
Origin-Cache-Control
Tk
X-B3-Sampled
TTL
X-AMAZEEIO
X-Apache2-RT-MicroSec
ServerTokens
ServerSignature
SB-Cache-Life
Origin-Edge-Control
SB-Cache-Remaining
SB-Site-Device
SB-Site-IE-VERSION
Hit-Count
Purge-Cache-Tags
X-CH-Device
X-Beresp-Ttl
X-Fastly-Backend-Reqs
X-Ghost-Cache-Status
X-Header
X-B
Provided-Host
X-ZORequestID
X-Requestid
Amfplus-Ver
CommunityServer
Origin-Vm
X-Pageid
X-RAMCache
ProxiaInstanceId
NB-Cache
Session-Id
SINA-LB
SINA-TS
Gzip
F5-IpCliente
X-T
X-Req-Counter
X-Transaction-Name
X-Vid
ClientIP
X-ProBase-Server
X-Beget-Proxy
X-ROUTING
X-PressLabs-Stats
X-Search-Id
X-Varnish-Debug-Hits
Cache-Ctrol
X-ORIKEY
X-Max-Age
X-APIAUTH-VAL
Value-Of-Url
X-APIVERSION
X-ENDPOINT
Ibf5scheme
PROGMA
Sl-Pgid
Debug-Status
X-Varnish-URL
VAR-Cache
X-Custom-Header
X-Nws-Log-Uuid
X-Telligent-Evolution
X-Router
X-InDy-Memory
X-From-Cache
X-InDy-Query
X-InDy-Time
X-Reqid
VC-NoCache