Public-Key-Pins-Report-Only

HTTP response header

The HTTP Public-Key-Pins-Report-Only response header sends reports of pinning violation to the report-uri specified in the header but unlike Public-Key-Pins still allows browsers to connect to the server if the pinning is violated.

Header usage statistics

Public-Key-Pins-Report-Only response header information and usage statistics.

Websites using header Public-Key-Pins-Report-Only 830
Percentage of websites that use Public-Key-Pins-Report-Only header <0.1%
Total discovered header values 90
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

Public-Key-Pins-Report-Only Directives (4 total)

  • includesubdomains
  • max-age
  • pin-sha256
  • report-uri

Public-Key-Pins-Report-Only Directives

Public-Key-Pins-Report-Only directives value information and usage statistics

Directive Share Websites count Unique Values
pin-sha256 79.76% 662 65
max-age 78.19% 649 18
report-uri 76.99% 639 94
includesubdomains 64.22% 533 22

Distribution by websites popularity

Public-Key-Pins-Report-Only detection in the top websites by popularity

Top 10k sites 0 websites
Top 100k sites 38 websites
Top 1m sites 87 websites

Websites utilizing Public-Key-Pins-Report-Only

List of websites that use Public-Key-Pins-Report-Only header

Domain Country Rank Contacts
monashuni.okta.com United States of America 17,764
csumb.okta.com United States of America 18,223
groupon.okta.com United States of America 18,224
sjsu.okta.com United States of America 18,225
austincc.okta.com United States of America 18,475
newscorp.okta.com United States of America 18,476
See full domain list

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Public-Key-Pins-Report-Only header values

Header value Value prevalence
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hp 69.28%
pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report- 9.04%
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pi 3.25%
pin-sha256="8joiNBdqaYiQpKskgtkJsqRxF7zN0C0aqfi8DacknnI="; pin-sha256="drtmcR2kFkM8qJClsuWgUzxgBkePfRCkRpqUesyDmeE="; report-uri="https://reports.protonmail.ch/reports/tls" 0.96%
max-age=2592000; pin-sha256="M6Rd5UO3qy5fvALRPUxNxi4lBeF2H3oLYg4YGKihPfw="; pin-sha256="S4AbJNGvyS57nzJwv8sPMUML8VHSqH1vbiBftdPcErI="; pin-sha256="7bAgdmNn2H+XADG/0chP8oko91bQz3ut965iA0giRKw=" 0.84%
includeSubDomains; max-age=2592000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="I/Lt/z7ekCWan 0.72%
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pi 0.48%
pin-sha256="Fbr/5aSOo4KRal8YE49t4lc76IOnK/oto9NWV1cSKWM="; pin-sha256="klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY="; report-uri="https://portofrotterdam.report-uri.io/r/default/hpkp/reportOnly" 0.48%
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; max-age=2592000; includeSubDomains 0.48%
max-age=300;pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=";pin-sha256="IQBnNBEiFuhj+8x6X8XLgh01V9Ic5/V3IRQLNFFc7v4=";report-uri="https://reports.baidu.com/pkp-report/" 0.48%
pin-sha256="S0pq65ld1aZcOTcrs8PFaRtJZirkeNUakD8TDp0bnmg="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; includeSubDomains; report-uri="https://smarttech.report-uri.io/r/default/hpkp/ 0.48%
max-age=3600; includeSubdomains; pin-sha256="6X0iNAQtPIjXKEVcqZBwyMcRwq1yW60549axatu3oDE="; pin-sha256="Slt48iBVTjuRQJTjbzopminRrHSGtndY0/sj0lFf9Qk="; pin-sha256="LCa0a2j/xo/5m0U8HTBBNBNCLXBkg7+g+YpeiGJm564="; report-uri="https://zapier.com/hooks/catch/3b 0.48%
pin-sha256="EuTDHW3QYn0W96qm0ej0QapipRlAQj8dkTrtBFnaMNc="; pin-sha256="fqymiND3/Uw5v6gfzLvV+Je5Ct4QW0ctYVbbQsX1O3U="; pin-sha256="jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0="; pin-sha256="sK2MzrcEaAS6CuUGLLZOJaUIwKN5xO4QDaO85IWgqpA="; pin-sha256="uwQVWtW 0.48%
max-age=5184000; report-uri="https://donately.report-uri.io/r/default/hpkp/reportOnly"; includeSubDomains 0.48%
maxAge=604800; includeSubDomains; reportUri='https://ucfqrfp5ol.execute-api.us-east-1.amazonaws.com/prod/hpkp-error-handler';sha256s='4VDy9+1PipnvvZRuI0i4OTeOfy2nBvy/rVcA/NR7mcs=';sha256s='++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI=';sha256s='f0KW/FtqTjs 0.48%
pin-sha256="lVRYtcrXh5YXmP9xIvjlrWJhcVigYgPq0/bjGiEXUTE="; pin-sha256="FoBSWoj/GhkMJC4c3MYuz52AyQAuZqCMXHjNiPVFy+A="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; max-age=5184000; in 0.36%
pin-sha256=X3pGTSOuJeEVw989U/cEtXUEmy52zs1TZQrU06KUI 0.36%
pin-sha256="MAvrW46Pk2CL6OQ5fVttumEDiYjT+yWzuzGh4i9nbx0="; pin-sha256="OZPOHEJlvNwhOtrspxw0DF3diTXo+DhEJWbF6hMfjxE="; pin-sha256="cVfulXVlwi6guqLq1tTO+IKZtCg/ddJRJ6jr0iV1S9Q="; pin-sha256="jQJTbIh0grw0/1TkHSumWb+Fs0Ggogr621gT3PvPKG0="; pin-sha256="tUCfNBu 0.36%
pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report- 0.36%
pin-sha256="cUPcTAZWKaASuYWhhneDttWpY3oBAkE3h2+soZS7sWs="; pin-sha256="M8HztCzM3elUxkcjR2S5P4hhyBNf6lHkmjAHKhpGPWE="; max-age=10000; includeSubDomains; report-uri /Security/HpkpReporting 0.36%