Must Revalidate HTTP Cache-Control

Download List of All Websites using Must Revalidate HTTP Cache-Control

   Indicates that once a resource has become stale (e.g. max-age has expired), a cache must not use the response to satisfy subsequent requests for this resource without successful validation on the origin server.

Cache-Control Header Max-Age

Download List of All Websites using Cache-Control Header Max-Age

   Specifies the maximum amount of time a resource will be considered fresh. Contrary to Expires, this directive is relative to the time of the request. this website is having max-age=0 secs.

HSTS - Browser HTTPS Only for domain and subdomains

Download List of All Websites using HSTS - Browser HTTPS Only for domain and subdomains

   The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP for domain and subdomains browsers will never connect to your domain using an insecure connection. While the service is hosted by Googlefor 63072000 seconds

Vary Header Accept-Encoding

Download List of All Websites using Vary Header Accept-Encoding

   The Accept-Encoding request HTTP header advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.

Block Content Sniffing

Download List of All Websites using Block Content Sniffing

   The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. This allows to opt-out of MIME type sniffing, or, in other words, it is a way to say that the webmasters knew what they were doing.

XSS-Protection Header

Download List of All Websites using XSS-Protection Header

   The HTTP X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Although these protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy that disables the use of inline JavaScript (`unsafe-inline`), they can still provide protections for users of older web browsers that don`t yet support CSP.

SPF

Download List of All Websites using SPF

   The Sender Policy Framework (SPF) is an email-authentication technique which is used to prevent spammers from sending messages on behalf of your domain. With SPF an organisation can publish authorized mail servers.

English - Language

Download List of All Websites using English - Language

   this website is using English as a language parameter

Twitter Cards

Download List of All Websites using Twitter Cards

   With Twitter Cards, you can attach rich photos, videos and media experiences to Tweets, helping to drive traffic to your website.