Request headers are sent by your browser to the server when making a request.
Response headers are returned from the server after your browser makes a request.
|Header||Example||Recommendation and Description|
|Strict-Transport-Security||max-age=47474747; includeSubDomains; preload|
|This shoould be set to SAMEORIGIN or set to Deny if you'll never need to embed iframes of your site, on your site. This will prevent clickjacking.|
|X-Powered-By||ASP.NET||Disable. It is a security risk to expose the type of server you're using.|
|Disable. It is a security risk to expose the type of server you're using.|
|Last-Modified||The page's last modified date|
No. Header names are not case sensitive. https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2