HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
961 ms
  • IP
    103.227.176.6
    View Map

  • Timing

    Wait

    0 ms

    DNS

    12 ms

    TCP

    229 ms

    Request

    0 ms

    First Byte

    489 ms

    Download

    1 ms

    Total

    961 ms

  • HTTP Headers

    Date

    Thu, 13 Nov 2025 05:49:26 GMT

    The date and time that the message was sent.

    Server

    Apache

    A name for the server.

    Apache - Description of the server software.

    X-Powered-By

    PHP/8.2.29

    The software powering this site.

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    Content-Language

    en

    The natural language or languages of the intended audience for the enclosed content.

    en - English

    Vary

    Accept-Encoding,Cookie

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding
      • Cookie
    Expires

    Thu, 01 Jan 1970 00:00:00 GMT

    The time at which the response is considered stale.

    Cache-Control

    private, must-revalidate, max-age=0

    Inform all caching mechanisms from server to client whether they may cache this object.

    • private

      May only be stored by a browser cache.

    • must-revalidate

      Stale caches must not be used.

    • Max-Age

      0

      The time a browser should remember a site can only be accessed with https (seconds).

    X-Request-Id

    aRVxZhs2xfl5T1puy8AIWgAAAMs

    Strict-Transport-Security

    max-age=63072000; includeSubDomains

    A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

    • Max-Age

      63072000 (2 years)

      The time a browser should remember a site can only be accessed with https (seconds).

    • includesubdomains

      max-age applies to subdomains as well.

    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    Last-Modified

    Sat, 01 Nov 2025 23:23:54 GMT

    The last modified date for the requested object.

    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.

    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8