Public-Key-Pins directives (4 total)
- includesubdomains
- max-age
- pin-sha256
- report-uri
The HTTP Public-Key-Pins response header associates a specific cryptographic public key with a certain web server to decrease the risk of MITM attacks with forged certificates. If one or several keys are pinned and none of them are used by the server the browser will not accept the response as legitimate and will not display it.
Websites using header Public-Key-Pins | 12,199 |
Percentage of websites that use Public-Key-Pins header | <0.1% |
Total discovered header values | 2,179 |
Header uses directives | Yes |
Header values are unique or random | No |
Most popular in the country | United States |
Directive | Share | Websites count | Unique Values |
---|---|---|---|
pin-sha256 | 88.55% | 10,802 | 121 |
max-age | 87.92% | 10,725 | 26 |
includesubdomains | 78.57% | 9,585 | 24 |
report-uri | 5.83% | 711 | 13 |
Domain | Country | Rank | Contacts |
---|---|---|---|
validator.w3.org | United States | 265 | |
barnesandnoble.com | United States | 1,129 | |
bip.gov.pl | Poland | 3,390 | |
gsa.gov | United States | 4,641 | |
codeproject.com | Canada | 6,896 | |
comptia.org | United States | 10,017 |
Header value | Value prevalence |
---|---|
pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains | 13.85% |
pin-sha256="X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg=" max-age=15552000; includeSubDomains | 9.67% |
: pin-sha256="wGeuZWpwDHgQqGjow+N/PhsxUeTq+cS694SDmD0MVtA="; max-age=31536000; includeSubDomains | 6.84% |
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; pin-sha256='MHJYVThihUrJcxW6wcqyOISTXIsInsdj3xK8QrZbHec='; pin-sha256='isi41AizREkLvvft0IRW4u3XMFR2Yg7bvrF7padyCJg='; includeSubdomains; max-age=2592000 | 5.89% |
pin-sha256="wGeuZWpwDHgQqGjow+N/PhsxUeTq+cS694SDmD0MVtA="; max-age=31536000; includeSubDomains | 4.92% |
pin-sha256="<Subject Public Key Information (SPKI)>"; max-age=2592000; includeSubDomains | 4.11% |
: pin-sha256="nC/WIfAk/MVYCA+pbEP5A5F70YopIaoLs+mo1oMtcUo="; max-age=31536000; includeSubDomains | 1.99% |
pin-sha256=""; pin-sha256=""; max-age=31536000 | 1.95% |
pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; pin-sha256="633lt352PKRXbOwf4xSEa1M517scpD3l5f79xMD9r9Q="; max-age=2592000; includeSubDomains | 1.81% |
: pin-sha256="MtD92Za9TDpnj22uC18D8UriJamZTZdLacfiErn3mTo="; max-age=31536000; includeSubDomains | 1.11% |
pin-sha256='X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg='; | 0.98% |
pin-sha256="base64+info1="; max-age=31536000 | 0.91% |
pin-sha256="S1CQF4bfrfu+0NZpDAVgczOJu73tqMTakCcdDM6il1E="; pin-sha256="7V0k+NyeVRIXOmD+zCJpX6nsXdAFjX0MsIACD/NeTQg="; max-age=2592000; includeSubDomains | 0.83% |
pin-sha256="aR6DUqN8qK4HQGhBpcDLVnkRAvOHH1behpQUU1Xl7fE="; max-age=2592000; includeSubDomains | 0.75% |
pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; pin-sha256="diGVwiVYbubAI3RW4hB9xU8e/CH2GnkuvVFZE8zmgzI="; max-age=5184000; includeSubDomains | 0.70% |
pin-sha256="jDNPIoQdviZhELycQEXvXmBzJFLLM13xUlT8Jamgc0U="; pin-sha256="KVhT/NkSwnjmxDOvcy6MKwG9ak5RAgxEOV0QQBT94Bo="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; report-uri="https:/ | 0.53% |
pin-sha256="pin1"; pin-sha256="pin2"; max-age=2592000 | 0.53% |
pin-sha256=\"base64+primary==\"; pin-sha256=\"base64+backup==\"; max-age=5184000; includeSubDomains | 0.48% |
pin-sha256="PQfjTZ6Zwh1l5TpMkjOF85NBLH05yCD0Q4U6IuH17x0="; pin-sha256="vJ6JGRfCsYINcfiUwxxg4vmkhmQOTi3jksgxCavebo8="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; includeSubDomains; max-age=51840000; | 0.42% |
pin-sha256="4a6cPehI7OG6cuDZka5NDZ7FR8a60d3auda+sKfg4Ng=";pin-sha256="Zf/Ukxbl9z2WLfmehiHNZckHd2chX9T8TWT4vZUPv3I="; pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="X3pGTSOuJeEVw989IJ/cEtXUEmy52zs1TZQrU06KUKg="; pin-sha256="h6801m+z | 0.42% |