Strict-Transport-Security

HTTP response header

Policy informing a client how long to cache the HTTPS policy and whether this applies to subdomains.

Header usage statistics

Strict-Transport-Security response header information and usage statistics.

Websites using header Strict-Transport-Security 1,948,043
Percentage of websites that use Strict-Transport-Security header 16.72%
Total discovered header values 2,737
Header uses directives Yes
Header values are unique or random No
Most popular in the country United States of America

Strict-Transport-Security Directives (3 total)

  • includesubdomains
  • max-age
  • preload

Strict-Transport-Security Directives

Strict-Transport-Security directives value information and usage statistics

Directive Share Websites count Unique Values
max-age 79.70% 1,552,603 915
includesubdomains 24.29% 473,084 608
preload 10.62% 206,864 372

Distribution by websites popularity

Strict-Transport-Security detection in the top websites by popularity

Top 10k sites 4,658 websites
Top 100k sites 26,728 websites
Top 1m sites 197,658 websites

Websites utilizing Strict-Transport-Security

List of websites that use Strict-Transport-Security header

Domain Country Rank Contacts
facebook.com United States of America 2
www.facebook.com United States of America 2
twitter.com United States of America 3
youtube.com United States of America 4
www.youtube.com United States of America 4
www.google.com United States of America 5
See full domain list

Geographical Distribution

Header usage distribution by websites across the globe.






Common header values

List of top common Strict-Transport-Security header values

Header value Value prevalence
max-age=0 17.19%
max-age=31536000 14.14%
max-age=120 13.03%
max-age=31536000; includeSubdomains 8.89%
max-age=7889238 5.32%
max-age=31536000; includeSubDomains; preload 4.85%
max-age=15768000 3.26%
max-age=300 2.63%
max-age=63072000; includeSubdomains; preload 2.45%
max-age=63072000; includeSubDomains 2.18%
max-age=43200 2.01%
max-age=31536000; preload 1.69%
max-age=31536000; 1.61%
max-age=63072000 1.21%
max-age=604800 0.96%
max-age=31536000 ; includeSubDomains 0.93%
max-age=15552000 0.84%
max-age=15768000; includeSubDomains 0.73%
max-age=15552000; includeSubDomains 0.70%
max-age=31556926 0.65%