HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
80 ms
  • IP
    142.250.31.132
    View Map

  • Timing

    Wait

    0 ms

    DNS

    12 ms

    TCP

    9 ms

    Request

    0 ms

    First Byte

    49 ms

    Download

    0 ms

    Total

    80 ms

  • HTTP Headers

    Content-Security-Policy

    upgrade-insecure-requests

    The content security policy allows the server to determine what resources the user is allowed to load.

    upgrade-insecure-requests - Treat insecure URLs as though they are secure.

    Content-Security-Policy-Report-Only

    default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport

    The content security policy, reporting only.

    • Default-Src

      Fallback for all fetches.

      • https:
      • blob:
      • data:
      • 'unsafe-inline'
      • 'unsafe-eval'

    • Report-To

      Fire a SecurityPolicyViolationEvent.

      • blogspot

    • Report-URI

      https://www.blogger.com/cspreport

      URI for violation reports.

    Report-To

    {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}

    Report to.

    • Group

      blogspot

    • Max_age

      2592000

    • Endpoints

      • {"url":"https://www.blogger.com/cspreport"}
    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Expires

    Fri, 13 Mar 2026 10:07:14 GMT

    The time at which the response is considered stale.

    Date

    Fri, 13 Mar 2026 10:07:14 GMT

    The date and time that the message was sent.

    Cache-Control

    private, max-age=0

    Inform all caching mechanisms from server to client whether they may cache this object.

    • private

      May only be stored by a browser cache.

    • Max-Age

      0

      The time a browser should remember a site can only be accessed with https (seconds).

    Last-Modified

    Wed, 20 Aug 2025 02:35:27 GMT

    The last modified date for the requested object.

    Etag

    "f2def133-7041-413f-9924-5a61e3911ee0"

    An identifier for a specific version of a resource.

    • Validator

      strong

      A weak tag is easier to generate and prevents byte range caching.

    • Tag

      f2def133-7041-413f-9924-5a61e3911ee0

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    X-Xss-Protection

    1; mode=block

    Cross-site scripting (XSS) filter.

    • 1

      Enable XSS filtering.

    • Mode

      Filtering mode.

      • block - Block page if XSS is detected.
    Content-Length

    0

    The length of the response body in octets (8-bit bytes).

    Server

    GSE

    A name for the server.

    GSE - Description of the server software.

    Alt-Svc

    h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 2592000 (30 days)

        Max age for the alternative (seconds).

      • h3-29 - :443

        HTTP/3 (draft 29)

    • Service

      • ma - 2592000 (30 days)

        Max age for the alternative (seconds).