https://portswigger.net/blog/practical-web-cache-poisoning
https://www.linkedin.com/pulse/host-header-injection-depth-utkarsh-tiwari/