Varnish
Varnish is a high-performance HTTP reverse-proxy and caching server placed in front of web applications to accelerate delivery. ScanMalware detects it from the Via and X-Varnish response headers.
Varnish sits ahead of the origin, so it confirms a caching layer but reveals nothing about the application behind it — that is what the rest of the scan analyses.
Commonly deployed alongside Varnish
Of the 3,583 public scans where Varnish was detected, these are the technologies most often present on the same site. The share is the percentage of Varnish sites that also ran each one.
| Technology | Category | Share of Varnish sites |
|---|---|---|
| HSTS | wappalyzer | 61.02% |
| Open-Graph-Protocol | miscellaneous | 56.16% |
| X-UA-Compatible | miscellaneous | 43.7% |
| MetaGenerator | miscellaneous | 28.53% |
| Script | miscellaneous | 24.07% |
| Google Analytics | wappalyzer | 18.32% |
| jQuery | wappalyzer | 17.29% |
| Google Tag Manager | wappalyzer | 16.45% |
| PHP | wappalyzer | 16.45% |
| PoweredBy | miscellaneous | 13.97% |
| Cloudflare | wappalyzer | 12.86% |
| Google-Analytics | miscellaneous | 10.74% |
| WordPress | cms | 9.59% |
| JQuery | miscellaneous | 9.26% |
How ScanMalware detects Varnish
Varnish is detected by analysing the response headers, HTML markup, JavaScript runtime and asset URLs captured when ScanMalware loads the site in a real headless browser.
From any scan you can pivot into related signals — JARM TLS fingerprints, ASN ownership and BGP routing, certificate history, JavaScript analysis and the overall security verdict — to understand not just that Varnish is present, but how it is being used. Open the full search interface for Varnish →
Recent public scans featuring Varnish
A rolling sample of recent public scans where Varnish was detected. Listing a site here is not a safety judgement — open a scan to see its full verdict.
| Site | Scanned |
|---|---|
| Comune di Campora https://www.comune.campora.sa.it | 2026-06-16 |
| Comune di Fai della Paganella https://www.comune.faidellapaganella.tn.it | 2026-06-16 |
| Home page | Comune di Temù https://www.comune.temu.bs.it | 2026-06-16 |
| Comune di Berlingo https://www.comune.berlingo.bs.it | 2026-06-16 |
| Comune di Levico Terme https://www.comune.levico-terme.tn.it | 2026-06-16 |
| Home page | Comune di Esine https://comune.esine.bs.it | 2026-06-16 |
| дekoder | DEKODER | Wissen, Journalismus und Medienkompetenz zu Osteuropa. https://www.dekoder.org | 2026-06-16 |
| Comunità della Paganella - Comunità della Paganella https://www.comunita.paganella.tn.it | 2026-06-16 |
Frequently asked questions about Varnish
- Does using Varnish mean a website is unsafe?
- No. Varnish is a stack component, not a verdict. ScanMalware scores the whole page — its scripts, redirects, certificates, threat-intelligence matches and behaviour — so a site using Varnish can be perfectly safe or actively malicious.
- How many sites using Varnish has ScanMalware scanned?
- Varnish has been detected in 3,583 public scans on ScanMalware.com. Each scan is a real headless-browser visit, and the figure updates as new URLs are submitted.
- What technologies are commonly used with Varnish?
- Across scanned sites, Varnish is most often seen alongside HSTS, Open-Graph-Protocol and X-UA-Compatible. The full co-occurrence breakdown is listed on this page.
Browse all profiled technologies on the technology index, or scan a URL to see its full stack.