This table shows, in a readable format, the state of HSTS and HPKP domains stored by the browser.
A tool for improving the experience using HSTS and HPKP in Chrome. It shows this information in a human readable way, from your own browser or from any other. It is very easy to use and it can provide useful information about the HSTS and HPKP data stored by your browser or a different one. This is not just a Chrome extension, but a simple forensics tool for interpreting HPKP and HSTS data from any Chrome’s user.
Chrome stores HPKP and HSTS information hashing the domains in a standard format, so there is some “privacy” for the users. The extension also tries to “un-hash” the domains. If there is a domain in your HSTS and HPKP domains repository, it means you have visited it. So it should be in your History files. What this extension does is get to your history of domains visited and hash them. If this hash matches with some of the hashes in HSTS/HPKP, it “translates” it so it is un-hashed. There may be some domains that are not un-hashed? Some reasons:
* Your history has been deleted and the domain is not there, but still in the HSTS/HPKP repository.
* Some visits to some domains with HSTS and HPKP are done “in the background” of a webpage, as part of its APIs, advertising system, etc. And these may not stored in the History.
Chrome offers chrome://net-internals/#hsts but definitely it is not the best way to watch your domains.