Strict-Transport-Security

HTTP response header

Policy informing a client how long to cache the HTTPS policy and whether this applies to subdomains.

Header usage statistics

Strict-Transport-Security response header information and usage statistics.

Websites using header Strict-Transport-Security 2,012,692
Percentage of websites that use Strict-Transport-Security header 18.52%
Total discovered header values 2,771
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

Strict-Transport-Security Directives (3 total)

  • includesubdomains
  • max-age
  • preload

Strict-Transport-Security Directives

Strict-Transport-Security directives value information and usage statistics

Directive Share Websites count Unique Values
max-age 81.28% 1,635,892 924
includesubdomains 25.56% 514,536 637
preload 10.74% 216,128 379

Distribution by websites popularity

Strict-Transport-Security detection in the top websites by popularity

Top 10k sites 4,815 websites
Top 100k sites 27,667 websites
Top 1m sites 206,871 websites

Websites utilizing Strict-Transport-Security

List of websites that use Strict-Transport-Security header

Domain Country Rank Contacts
facebook.com Ireland 2
www.facebook.com Ireland 2
twitter.com United States of America 3
youtube.com United States of America 4
www.youtube.com United States of America 4
www.google.com United States of America 5
See full domain list
Flat price per report, subscription is not required.

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Strict-Transport-Security header values

Header value Value prevalence
max-age=0 16.51%
max-age=120 14.44%
max-age=31536000 13.10%
max-age=31536000; includeSubdomains 8.89%
max-age=7889238 5.18%
max-age=31536000; includeSubDomains; preload 4.77%
max-age=15768000 3.00%
max-age=300 2.58%
max-age=63072000; includeSubdomains; preload 2.44%
max-age=63072000; includeSubDomains 2.14%
max-age=31536000 ; includeSubDomains 2.04%
max-age=43200 1.99%
max-age=31536000; preload 1.65%
max-age=31536000; 1.60%
max-age=63072000 1.36%
max-age=604800 1.04%
max-age=15552000 0.81%
max-age=15768000; includeSubDomains 0.76%
max-age=15552000; includeSubDomains 0.69%
max-age=15724800; includeSubDomains 0.68%