public-key-pins-report-only HTTP response header

public-key-pins-report-only

The HTTP Public-Key-Pins-Report-Only response header sends reports of pinning violation to the report-uri specified in the header but unlike Public-Key-Pins still allows browsers to connect to the server if the pinning is violated.

Header usage statistics

public-key-pins-report-only response header information and usage statistics.


Websites using header public-key-pins-report-only	588
Percentage of websites that use public-key-pins-report-only header	<0.1%
Total discovered header values	97
Header uses directives	Yes
Header values are unique or random	No
Most popular in the country	United States

public-key-pins-report-only directives (4 total)

includesubdomains
max-age
pin-sha256
report-uri

Directive	Share	Websites count	Unique Values
pin-sha256	98.13%	577	16
max-age	94.22%	554	9
report-uri	57.31%	337	13
includesubdomains	49.83%	293	7

Directive

Websites count

Unique Values

pin-sha256

98.13%

577

max-age

94.22%

554

report-uri

57.31%

337

includesubdomains

49.83%

293

Domain	Country	Rank
www.appointy.com	United States	13,820
www.hao123.com	China	16,408
protonmail.com	Switzerland	16,611
datenschutz.ekd.de	Germany	29,562
freenetproject.org	United States	33,809
booking.appointy.com	United States	35,088

Domain

Country

Rank

Contacts

www.appointy.com

United States

13,820

www.hao123.com

China

16,408

protonmail.com

Switzerland

16,611

datenschutz.ekd.de

Germany

29,562

freenetproject.org

United States

33,809

booking.appointy.com

United States

35,088

Header value	Value prevalence
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=2592000; includeSubDomains	25.00%
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-	23.30%
max-age=300;pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=";pin-sha256="IQBnNBEiFuhj+8x6X8XLgh01V9Ic5/V3IRQLNFFc7v4=";report-uri="https://reports.baidu.com/pkp-report/"	5.44%
max-age=2592000; pin-sha256="qkzwP2bXSwL3kJmmQNCza4YX2aAuJ8l/g6ScpFOyMUI="; pin-sha256="51GveKNrpJjtGpXY5QDx03s3YTQwaQic6dWBqo3zX6s="; pin-sha256="S4AbJNGvyS57nzJwv8sPMUML8VHSqH1vbiBftdPcErI="	3.40%
pin-sha256="1UeprJ9h9qxsp8wLsHzaro/ikoTS/AieY2Eikb3Jz4M="; pin-sha256="pNVPNqc6wAQJLD9AGqxoZIUfOm5TE9qQPCgwngkx+CI="; pin-sha256="8lDSJN+U6Dh5Aex7H16VdOM7QZH1xgU2kCzi8foplGw="; pin-sha256="bf8XR/FlNtQkWPn5Gq2lxK59ETzRJ2p3zcF0SOlPY30="; max-age=60; report-	2.38%
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=60; report-uri="https://kvartus.report-uri.io/r/default/hpkp/reportOnly"	2.21%
pin-sha256="cUPcTAZWKaASuYWhhneDttWpY3oBAkE3h2+soZS7sWs="; pin-sha256="M8HztCzM3elUxkcjR2S5P4hhyBNf6lHkmjAHKhpGPWE="; max-age=10000; includeSubDomains; report-uri /Security/HpkpReporting	2.04%
max-age=2592000; includeSubdomains; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63	2.04%
pin-sha256='S3Jjr3lneLuXa+KZc0E2KUfRAzfgdZ3WXGjsFOHXb30='; includeSubdomains; max-age=2592000; report-uri='https://pellcomp.report-uri.io/r/default/hpkp/reportOnly'	1.70%
pin-sha256="8joiNBdqaYiQpKskgtkJsqRxF7zN0C0aqfi8DacknnI="; pin-sha256="drtmcR2kFkM8qJClsuWgUzxgBkePfRCkRpqUesyDmeE="; report-uri="https://reports.proton.me/reports/tls"	1.53%
pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; max-age=5184000; includeSubDomains	1.53%
pin-sha256="WloDwpTBQuUKWrrphq6sMjD+mD4OnXnq2vvUTvbjPT4="; pin-sha256="DuLismTIyqm0AqBBRSvhK04q/7F1/EYelT9HX/qEs+0="; report-uri="https://cp.liubit.lt/hpkp"	1.19%
pin-sha256="muKAKHD19oiTSoqiZ1lLaNSIx1pCGrSXv4KTXhNlaOI="; pin-sha256="sa8ppLAMTac20O+0ajL0r/FCtb0sgn+iSsxhZGdMtzo="; max-age=7776000; includeSubDomains; report-uri="https://transitfare.com"	1.19%
pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; max-age=25920000; includeSubDomains	1.02%
max-age=0	1.02%
pin-sha256="8651wEkMkH5ftiaLp57oqmx3KHTFzDgp7ZeJXR0ToBs="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; max-age=2592000; includeSubdomains;	1.02%
pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="4tk7UxKkoBMMnSMkGAvK0EBeOfxaU+gAtd7oNN0A39A="; max-age=2592000; includeSubDomains	1.02%
pin-sha256="nrmpk4ZI3wbRBmUZIT5aKAgP0LlKHRgfA2Snjzeg9iY=";max-age=2592000; report-uri="/hpkp-report"	1.02%
pin-sha256="kb6xLprt35abNnSn74my4Dkfya9arbk5zN5a60YzuqE="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=10; includeSubdomains; report-uri="https://report-uri.io/report/442640	0.85%
pin-sha256="BbbPivrmXbiQ4upZNefQzlPC6CPwsKRPW+c6SHX82CU="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create"	0.68%

Header value

Value prevalence

pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=2592000; includeSubDomains

25.00%

pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-

23.30%

max-age=300;pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=";pin-sha256="IQBnNBEiFuhj+8x6X8XLgh01V9Ic5/V3IRQLNFFc7v4=";report-uri="https://reports.baidu.com/pkp-report/"

5.44%

max-age=2592000; pin-sha256="qkzwP2bXSwL3kJmmQNCza4YX2aAuJ8l/g6ScpFOyMUI="; pin-sha256="51GveKNrpJjtGpXY5QDx03s3YTQwaQic6dWBqo3zX6s="; pin-sha256="S4AbJNGvyS57nzJwv8sPMUML8VHSqH1vbiBftdPcErI="

3.40%

pin-sha256="1UeprJ9h9qxsp8wLsHzaro/ikoTS/AieY2Eikb3Jz4M="; pin-sha256="pNVPNqc6wAQJLD9AGqxoZIUfOm5TE9qQPCgwngkx+CI="; pin-sha256="8lDSJN+U6Dh5Aex7H16VdOM7QZH1xgU2kCzi8foplGw="; pin-sha256="bf8XR/FlNtQkWPn5Gq2lxK59ETzRJ2p3zcF0SOlPY30="; max-age=60; report-

2.38%

pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=60; report-uri="https://kvartus.report-uri.io/r/default/hpkp/reportOnly"

2.21%

pin-sha256="cUPcTAZWKaASuYWhhneDttWpY3oBAkE3h2+soZS7sWs="; pin-sha256="M8HztCzM3elUxkcjR2S5P4hhyBNf6lHkmjAHKhpGPWE="; max-age=10000; includeSubDomains; report-uri /Security/HpkpReporting

2.04%

max-age=2592000; includeSubdomains; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63

2.04%

pin-sha256='S3Jjr3lneLuXa+KZc0E2KUfRAzfgdZ3WXGjsFOHXb30='; includeSubdomains; max-age=2592000; report-uri='https://pellcomp.report-uri.io/r/default/hpkp/reportOnly'

1.70%

pin-sha256="8joiNBdqaYiQpKskgtkJsqRxF7zN0C0aqfi8DacknnI="; pin-sha256="drtmcR2kFkM8qJClsuWgUzxgBkePfRCkRpqUesyDmeE="; report-uri="https://reports.proton.me/reports/tls"

1.53%

pin-sha256="++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI="; pin-sha256="f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE="; max-age=5184000; includeSubDomains

1.53%

pin-sha256="WloDwpTBQuUKWrrphq6sMjD+mD4OnXnq2vvUTvbjPT4="; pin-sha256="DuLismTIyqm0AqBBRSvhK04q/7F1/EYelT9HX/qEs+0="; report-uri="https://cp.liubit.lt/hpkp"

1.19%

pin-sha256="muKAKHD19oiTSoqiZ1lLaNSIx1pCGrSXv4KTXhNlaOI="; pin-sha256="sa8ppLAMTac20O+0ajL0r/FCtb0sgn+iSsxhZGdMtzo="; max-age=7776000; includeSubDomains; report-uri="https://transitfare.com"

1.19%

pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; max-age=25920000; includeSubDomains

1.02%

max-age=0

1.02%

pin-sha256="8651wEkMkH5ftiaLp57oqmx3KHTFzDgp7ZeJXR0ToBs="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; max-age=2592000; includeSubdomains;

1.02%

pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="4tk7UxKkoBMMnSMkGAvK0EBeOfxaU+gAtd7oNN0A39A="; max-age=2592000; includeSubDomains

1.02%

pin-sha256="nrmpk4ZI3wbRBmUZIT5aKAgP0LlKHRgfA2Snjzeg9iY=";max-age=2592000; report-uri="/hpkp-report"

1.02%

pin-sha256="kb6xLprt35abNnSn74my4Dkfya9arbk5zN5a60YzuqE="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=10; includeSubdomains; report-uri="https://report-uri.io/report/442640

0.85%

pin-sha256="BbbPivrmXbiQ4upZNefQzlPC6CPwsKRPW+c6SHX82CU="; pin-sha256="efRXWfSs2jsGspReg4wM6BZec+gy29/uyIFXlD2sg2c="; max-age=31536000; includeSubDomains; report-uri="https://traffstock.net/?mod=ticket_system&do=ticket_create"

0.68%