HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
41 ms
  • IP
    142.250.65.206
    View Map

  • Timing

    Wait

    0 ms

    DNS

    17 ms

    TCP

    2 ms

    Request

    0 ms

    First Byte

    13 ms

    Download

    0 ms

    Total

    41 ms

  • HTTP Headers

    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Content-Security-Policy

    object-src 'none';base-uri 'self';script-src 'nonce-o6R_3wi0kHSxHJjEluQTFg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other

    The content security policy allows the server to determine what resources the user is allowed to load.

    • Object-Src

      Define sources for object, embed, and applet elements.

      • 'none'

    • Base-URI

      Define what can be used in the base element.

      • 'self'

    • Script-Src

      Define sources for JavaScript.

      • 'nonce-o6R_3wi0kHSxHJjEluQTFg'
      • 'strict-dynamic'
      • 'report-sample'
      • 'unsafe-eval'
      • 'unsafe-inline'
      • https:
      • http:

    • Report-URI

      https://csp.withgoogle.com/csp/gws/other

      URI for violation reports.

    Permissions-Policy

    unload=()

    Enable and disable browser features.

    • unload

      Problems were found.

      • Unknown option
      • () - Feature is disabled.
    P3p

    CP="This is not a P3P policy! See g.co/p3phelp for more info."

    P3P policy.

    Date

    Sun, 07 Jul 2024 12:48:37 GMT

    The date and time that the message was sent.

    Server

    gws

    A name for the server.

    gws - Description of the server software.

    X-Xss-Protection

    0

    Cross-site scripting (XSS) filter.

    0 - Disable XSS filtering.

    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    Transfer-Encoding

    chunked

    Expires

    Sun, 07 Jul 2024 12:48:37 GMT

    The time at which the response is considered stale.

    Cache-Control

    private

    Inform all caching mechanisms from server to client whether they may cache this object.

    private - May only be stored by a browser cache.

    Set-Cookie

    NID=515=bcWP9uJ7lRAO0Dz1EIBNL89OsgJTqRgZ-KFlWpTjy4lshMHgXwAjFbb4R4nPXhGjzP6hKnG7v14rMLwHbwYcnp-BhIBL3ykh6x4EjAD7QHXJV49wEO_MnTR89iyCyNTMENc6SVPGFz5rZ6xOovjcNnvEnPfUrKNY0MOrIHIjgg0; expires=Mon, 06-Jan-2025 12:48:37 GMT; path=/; domain=.google.co.za; Secure; HttpOnly

    A cookie sent from the server to be set on the client

    • NID

      515

      Cookie name and value.

    • Expires

      Mon, 06-Jan-2025 12:48:37 GMT

      When the cookie should expire.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • Domain

      .google.co.za

      The client will only send the cookie when requesting from this domain.

    • Secure

      The cookie is only sent when requesting from a https domain.

    • HttpOnly

      Prevents access to the cookie through JavaScript.

    Alt-Svc

    h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 2592000 (30 days)

        Max age for the alternative (seconds).

      • h3-29 - :443

        HTTP/3 (draft 29)

    • Service

      • ma - 2592000 (30 days)

        Max age for the alternative (seconds).

    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.