HSTS - Browser HTTPS Only

Download List of All Websites using HSTS - Browser HTTPS Only

   The HTTP Strict-Transport-Security response header (often abbreviated as HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP for 31536000 seconds

X-Frame-Options Header

Download List of All Websites using X-Frame-Options Header

   The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

Pragma Header - backwards compatibility with HTTP/1.0

Download List of All Websites using Pragma Header - backwards compatibility with HTTP/1.0

   The Pragma HTTP/1.0 general header is an implementation-specific header that may have various effects along the request-response chain. It is used for backwards compatibility with HTTP/1.0 caches where the Cache-Control HTTP/1.1 header is not yet present.

No Cache Content

Download List of All Websites using No Cache Content

   Forces caches to submit the request to the origin server for validation before releasing a cached copy.

NO Store HTTP Cache-Control

Download List of All Websites using NO Store HTTP Cache-Control

   The cache should not store anything about the client request or server response.

Cache-Control Header Max-Age

Download List of All Websites using Cache-Control Header Max-Age

   Specifies the maximum amount of time a resource will be considered fresh. Contrary to Expires, this directive is relative to the time of the request. this website is having max-age=0 secs.

XSS-Protection Header

Download List of All Websites using XSS-Protection Header

   The HTTP X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Although these protections are largely unnecessary in modern browsers when sites implement a strong Content-Security-Policy that disables the use of inline JavaScript (`unsafe-inline`), they can still provide protections for users of older web browsers that don`t yet support CSP.

SPF

Download List of All Websites using SPF

   The Sender Policy Framework (SPF) is an email-authentication technique which is used to prevent spammers from sending messages on behalf of your domain. With SPF an organisation can publish authorized mail servers.

Server partial requests support

Download List of All Websites using Server partial requests support

   The Accept-Ranges response HTTP header is a marker used by the server to advertise its support of partial requests. The value of this field indicates the unit that can be used to define a range.