HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
763 ms
  • IP
    15.235.162.122
    View Map

  • Timing

    Wait

    0 ms

    DNS

    34 ms

    TCP

    236 ms

    Request

    1 ms

    First Byte

    238 ms

    Download

    1 ms

    Total

    763 ms

  • HTTP Headers

    Server

    nginx

    A name for the server.

    nginx - Description of the server software.

    Date

    Mon, 10 Nov 2025 03:54:17 GMT

    The date and time that the message was sent.

    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.

    Vary

    Accept-Encoding

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding
    Vary

    Accept-Encoding

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding

    Problems were detected with this header

    • Duplicate header. There is another header with this name and this may cause problems.
    Last-Modified

    Thu, 23 Oct 2025 11:33:15 GMT

    The last modified date for the requested object.

    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    X-Xss-Protection

    1; mode=block

    Cross-site scripting (XSS) filter.

    • 1

      Enable XSS filtering.

    • Mode

      Filtering mode.

      • block - Block page if XSS is detected.
    X-Permitted-Cross-Domain-Policies

    master-only

    Specifies if a cross-domain policy is allowed.

    • master-only

      Problems were found.

      • Option is not one of known values.
    Referrer-Policy

    same-origin

    Controls what referrer information is sent with requests.

    same-origin - Send the full referrer for same origin requests, and nothing for cross-origin.

    Alt-Svc

    h3=":443"; ma=86400

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 86400 (1 day)

        Max age for the alternative (seconds).