Public-Key-Pins-Report-Only

HTTP response header

The HTTP Public-Key-Pins-Report-Only response header sends reports of pinning violation to the report-uri specified in the header but unlike Public-Key-Pins still allows browsers to connect to the server if the pinning is violated.

Header usage statistics

Public-Key-Pins-Report-Only response header information and usage statistics.

Websites using header Public-Key-Pins-Report-Only 505
Percentage of websites that use Public-Key-Pins-Report-Only header <0.1%
Total discovered header values 106
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

Public-Key-Pins-Report-Only Directives (4 total)

  • includesubdomains
  • max-age
  • pin-sha256
  • report-uri

Public-Key-Pins-Report-Only Directives

Public-Key-Pins-Report-Only directives value information and usage statistics

Directive Share Websites count Unique Values
pin-sha256 44.75% 226 17
max-age 41.98% 212 9
report-uri 34.46% 174 12
includesubdomains 14.06% 71 11

Distribution by websites popularity

Public-Key-Pins-Report-Only detection in the top websites by popularity

Top 10k sites 0 websites
Top 100k sites 34 websites
Top 1m sites 55 websites

Websites utilizing Public-Key-Pins-Report-Only

List of websites that use Public-Key-Pins-Report-Only header

Domain Country Rank Contacts
monashuni.okta.com United States of America 17,764
csumb.okta.com United States of America 18,223
groupon.okta.com United States of America 18,224
sjsu.okta.com United States of America 18,225
austincc.okta.com United States of America 18,475
newscorp.okta.com United States of America 18,476
See full domain list
Flat price per the report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Public-Key-Pins-Report-Only header values

Header value Value prevalence
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report- 38.02%
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=2592000; includeSubDomains 16.24%
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pi 3.96%
max-age=300;pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=";pin-sha256="IQBnNBEiFuhj+8x6X8XLgh01V9Ic5/V3IRQLNFFc7v4=";report-uri="https://reports.baidu.com/pkp-report/" 3.37%
pin-sha256="WloDwpTBQuUKWrrphq6sMjD+mD4OnXnq2vvUTvbjPT4="; pin-sha256="DuLismTIyqm0AqBBRSvhK04q/7F1/EYelT9HX/qEs+0="; report-uri="https://cp.liubit.lt/hpkp" 2.18%
pin-sha256="8joiNBdqaYiQpKskgtkJsqRxF7zN0C0aqfi8DacknnI="; pin-sha256="drtmcR2kFkM8qJClsuWgUzxgBkePfRCkRpqUesyDmeE="; report-uri="https://reports.protonmail.ch/reports/tls" 1.98%
max-age=2592000; pin-sha256="M6Rd5UO3qy5fvALRPUxNxi4lBeF2H3oLYg4YGKihPfw="; pin-sha256="S4AbJNGvyS57nzJwv8sPMUML8VHSqH1vbiBftdPcErI="; pin-sha256="7bAgdmNn2H+XADG/0chP8oko91bQz3ut965iA0giRKw=" 1.39%
max-age=2592000; includeSubdomains; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63 1.19%
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=60; report-uri="https://kvartus.report-uri.io/r/default/hpkp/reportOnly" 1.19%
pin-sha256="1UeprJ9h9qxsp8wLsHzaro/ikoTS/AieY2Eikb3Jz4M="; pin-sha256="pNVPNqc6wAQJLD9AGqxoZIUfOm5TE9qQPCgwngkx+CI="; pin-sha256="8lDSJN+U6Dh5Aex7H16VdOM7QZH1xgU2kCzi8foplGw="; pin-sha256="bf8XR/FlNtQkWPn5Gq2lxK59ETzRJ2p3zcF0SOlPY30="; max-age=60; report- 1.19%
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pi 0.99%
pin-sha256="cUPcTAZWKaASuYWhhneDttWpY3oBAkE3h2+soZS7sWs="; pin-sha256="M8HztCzM3elUxkcjR2S5P4hhyBNf6lHkmjAHKhpGPWE="; max-age=10000; includeSubDomains; report-uri /Security/HpkpReporting 0.99%
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report- 0.79%
report-uri="https://cosmb.report-uri.io/r/default/hpkp/reportOnly"; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256 0.79%
maxAge=604800; includeSubDomains; reportUri='https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler';sha256s='4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs=';sha256s='++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI=';sha256s='f0KW/FtqTjs 0.79%
max-age=3600; includeSubdomains; pin-sha256="6X0iNAQtPIjXKEVcqZBwyMcRwq1yW60549axatu3oDE="; pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="LCa0a2j/xo/5m0U8HTBBNBNCLXBkg7+g+YpeiGJm564="; report-uri="https://zapier.com/hooks/catch/3b 0.79%
max-age=5184000; pin-sha256="qXGp1NXsGZgWbwB2f/UClewswi0Vwx7EGIxRtZ1Agpo=";pin-sha256="qXGp1NXsGZgWbwB2f/UClewswi0Vwx7EGIxRtZ1Agpo=";pin-sha256="Hhp3zGGz3a4ZPtty5dgovolaxmWKpQuScR3ug537FIU=";pin-sha256="Hhp3zGGz3a4ZPtty5dgovolaxmWKpQuScR3ug537FIU=";report 0.79%
pin-sha256="S0pq65ld1aZcOTcrs8PFaRtJZirkeNUakD8TDp0bnmg="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; includeSubDomains; report-uri="https://smarttech.report-uri.io/r/default/hpkp/ 0.79%
max-age=1; pin-sha256="tfG6Fk1/LkxP8SZhtEghizfEN3D+7jvhzqfHvV8fBpo="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; report-uri="http://asac.casa/pkp.jsp" 0.59%
pin-sha256="is+u46N+/Auh1RQSMsE6vVLX00TLGjtoZubR4XqiFEs="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create" 0.59%