Must Revalidate HTTP Cache-Control

   Indicates that once a resource has become stale (e.g. max-age has expired), a cache must not use the response to satisfy subsequent requests for this resource without successful validation on the origin server.

NO Store HTTP Cache-Control

   The cache should not store anything about the client request or server response.

No Cache Content

   Forces caches to submit the request to the origin server for validation before releasing a cached copy.

Pragma Header - backwards compatibility with HTTP/1.0

   The Pragma HTTP/1.0 general header is an implementation-specific header that may have various effects along the request-response chain. It is used for backwards compatibility with HTTP/1.0 caches where the Cache-Control HTTP/1.1 header is not yet present.

Vary Header check for User-Agent

   When using the Vary: User-Agent header, caching servers should consider the user agent when deciding whether to serve the page from cache

Vary Header Accept-Encoding

   The Accept-Encoding request HTTP header advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.

X-Frame-Options Header

   The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

Cloudflare

   Cloudflare, Inc. is an American web infrastructure and website security company, providing content delivery network services, DDoS mitigation, Internet security, and distributed domain name server services