HTTP response header

Policy informing a client how long to cache the HTTPS policy and whether this applies to subdomains.

Header usage statistics

Strict-Transport-Security response header information and usage statistics.

Websites using header Strict-Transport-Security 1,606,042
Percentage of websites that use Strict-Transport-Security header 14.05%
Total discovered header values 2,669
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

Strict-Transport-Security Directives (3 total)

  • includesubdomains
  • max-age
  • preload

Strict-Transport-Security Directives

Strict-Transport-Security directives value information and usage statistics

Directive Share Websites count Unique Values
max-age 70.10% 1,125,826 859
includesubdomains 22.89% 367,630 571
preload 10.22% 164,081 350

Distribution by websites popularity

Strict-Transport-Security detection in the top websites by popularity

Top 10k sites 4,286 websites
Top 100k sites 22,574 websites
Top 1m sites 167,620 websites

Websites utilizing Strict-Transport-Security

List of websites that use Strict-Transport-Security header

Domain Country Rank Contacts Ireland 2 United States of America 3 United States of America 4 United States of America 14,442 United States of America 22,750 United States of America 23,353
See full domain list

Geographical Distribution

Header usage distribution by websites across the globe.

Common header values

List of top common Strict-Transport-Security header values

Header value Value prevalence
max-age=0 20.07%
max-age=31536000 16.42%
max-age=31536000; includeSubdomains 10.05%
max-age=7889238 6.22%
max-age=31536000; includeSubDomains; preload 4.81%
max-age=15768000 3.94%
max-age=63072000; includeSubDomains 3.12%
max-age=300 3.05%
max-age=63072000; includeSubDomains; preload 2.74%
max-age=43200 2.28%
max-age=31536000; preload 1.98%
max-age=31536000; 1.85%
max-age=63072000 1.21%
max-age=604800 1.17%
max-age=31536000 ; includeSubDomains 1.10%
max-age=15552000 0.96%
max-age=86400 0.88%
max-age=15552000; includeSubDomains 0.84%
max-age=31556926 0.78%
max-age=15768000; includeSubDomains 0.78%