Postman.com is built with the following tech stack:
Document Encoding
UTF-8
UTF-8 (8-bit UCS/Unicode Transformation Format) is a variable-length character encoding for Unicode. It is the preferred encoding for web pages.
Mobile
Viewport Meta
This page uses the viewport meta tag which means the content may be optimized for mobile content.
Document Standards
Cascading Style Sheets
Cascading Style Sheets (CSS) is a stylesheet language used to describe the presentation of a document written in a markup language. Its most common application is to style web pages written in HTML
Javascript Defer
The defer attribute gives a hint to the browser that the script does not create any content so the browser can optionally defer interpreting the script. This can improve performance by delaying execution of scripts until after the body content is parsed and rendered.
Prefers Color Scheme
Defines how a page looks based on the color scheme choosen by the user for their desktop.
HTML5 DocType
The DOCTYPE is a required preamble for HTML5 websites.
HTML 5 Specific Tags
This page contains tags that are specific to an HTML 5 implementation.
Content Security Policy
Content Security Policy is a computer security concept, to prevent cross-site scripting XSS attacks.
Report URI CSP
Report-uri directive instructs the user agent to report attempts to violate the Content Security Policy.
X-XSS-Protection
X-XSS-Protection is a HTTP header set by Internet Explorer 8+. This header lets domains toggle on and off the "XSS Filter" of IE8, which prevents some categories of XSS attacks.
Content Type Options
Used to disable MIME-sniffing for a particular HTTP response.
Referrer Policy
Requests made from a document, and for navigations away from that document are associated with a Referrer header. This policy determines in the browser should send a referrer or not.
Strict Transport Security
The HTTP Strict-Transport-Security (HSTS) header instructs the browser to only use https.
SSL Certificates
HSTS
Forces browsers to only communicate with the site using HTTPS.