Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
$> curl --head https://www.hsts-header-enabled.com
HTTP/2 200
strict-transport-security: max-age=15552000; preload
---
$> nmap -p 443 --script http-security-headers hsts-header-enabled.com
....
PORT STATE SERVICE
443/tcp open https
| http-security-headers:
| Strict_Transport_Security:
| Header: Strict-Transport-Security: max-age=15552000; preload
| X_XSS_Protection:
| Header: X-XSS-Protection: 0
| Description: The XSS filter is disabled.
|_
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment