HSTS - Browser HTTPS Only
Download List of All Websites using HSTS - Browser HTTPS Only
The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP for 31536000 seconds
Vary Header Accept-Encoding
Download List of All Websites using Vary Header Accept-Encoding
The Accept-Encoding request HTTP header advertises which content encoding, usually a compression algorithm, the client is able to understand. Using content negotiation, the server selects one of the proposals, uses it and informs the client of its choice with the Content-Encoding response header.
Tags:
Block Content Sniffing
Download List of All Websites using Block Content Sniffing
The X-Content-Type-Options response HTTP header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. This allows to opt-out of MIME type sniffing, or, in other words, it is a way to say that the webmasters knew what they were doing.
Tags:
Must Revalidate HTTP Cache-Control
Download List of All Websites using Must Revalidate HTTP Cache-Control
Indicates that once a resource has become stale (e.g. max-age has expired), a cache must not use the response to satisfy subsequent requests for this resource without successful validation on the origin server.
Tags:
Public Cache-Control
Download List of All Websites using Public Cache-Control
Indicates that the response may be cached by any cache, even if the response would normally be non-cacheable (e.g. if the response does not contain a max-age directive or the Expires header).
Tags:
Cache-Control Header Max-Age
Download List of All Websites using Cache-Control Header Max-Age
Specifies the maximum amount of time a resource will be considered fresh. Contrary to Expires, this directive is relative to the time of the request. this website is having max-age=0 secs.
Tags: