HSTS - Browser HTTPS Only for domain and subdomains

Download List of All Websites using HSTS - Browser HTTPS Only for domain and subdomains

   The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP for domain and subdomainsfor 31536000 seconds

X-Frame-Options Header

Download List of All Websites using X-Frame-Options Header

   The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

Public Cache-Control

Download List of All Websites using Public Cache-Control

   Indicates that the response may be cached by any cache, even if the response would normally be non-cacheable (e.g. if the response does not contain a max-age directive or the Expires header).

Cache-Control Header Max-Age

Download List of All Websites using Cache-Control Header Max-Age

   Specifies the maximum amount of time a resource will be considered fresh. Contrary to Expires, this directive is relative to the time of the request. this website is having max-age=86400 secs.

Vary Header Accept-Encoding

Download List of All Websites using Vary Header Accept-Encoding

   The Accept-Encoding request HTTP header advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.

Block Content Sniffing

Download List of All Websites using Block Content Sniffing

   The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. This allows to opt-out of MIME type sniffing, or, in other words, it is a way to say that the webmasters knew what they were doing.

XSS-Protection Header

Download List of All Websites using XSS-Protection Header

   The HTTP X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Although these protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy that disables the use of inline JavaScript (`unsafe-inline`), they can still provide protections for users of older web browsers that don`t yet support CSP.

Character Encoding :UTF-8

Download List of All Websites using Character Encoding :UTF-8

   This website is using UTF-8 character encoding in HTML , character encoding is used to represent a repertoire of characters by some kind of encoding system.

Gzip Content-Encoding

Download List of All Websites using Gzip Content-Encoding

   The Content-Encoding entity header is used to compress the media-type. When present, its value indicates which encodings were applied to the entity-body. It lets the client know how to decode in order to obtain the media-type referenced by the Content-Type header.

Chunked transfer encoding

Download List of All Websites using Chunked transfer encoding

   Chunked transfer encoding is a streaming data transfer mechanism available in version 1.1 of the Hypertext Transfer Protocol (HTTP). In chunked transfer encoding, the data stream is divided into a series of non-overlapping "chunks"

Server partial requests support

Download List of All Websites using Server partial requests support

   The Accept-Ranges response HTTP header is a marker used by the server to advertise its support of partial requests. The value of this field indicates the unit that can be used to define a range.