HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
404
Total Requests
1
Total Time
105 ms
  • IP
    142.251.40.161
    View Map

  • Timing

    Wait

    1 ms

    DNS

    9 ms

    TCP

    1 ms

    Request

    0 ms

    First Byte

    84 ms

    Download

    0 ms

    Total

    105 ms

  • HTTP Headers

    Content-Security-Policy

    upgrade-insecure-requests

    The content security policy allows the server to determine what resources the user is allowed to load.

    upgrade-insecure-requests - Treat insecure URLs as though they are secure.

    Content-Security-Policy-Report-Only

    default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-to blogspot; report-uri https://www.blogger.com/cspreport

    The content security policy, reporting only.

    • Default-Src

      Fallback for all fetches.

      • https:
      • blob:
      • data:
      • 'unsafe-inline'
      • 'unsafe-eval'

    • Report-To

      Fire a SecurityPolicyViolationEvent.

      • blogspot

    • Report-URI

      https://www.blogger.com/cspreport

      URI for violation reports.

    Report-To

    {"group":"blogspot","max_age":2592000,"endpoints":[{"url":"https://www.blogger.com/cspreport"}]}

    Report to.

    • Group

      blogspot

    • Max_age

      2592000

    • Endpoints

      • {"url":"https://www.blogger.com/cspreport"}
    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Date

    Mon, 31 Mar 2025 02:33:57 GMT

    The date and time that the message was sent.

    Expires

    Mon, 31 Mar 2025 02:33:57 GMT

    The time at which the response is considered stale.

    Cache-Control

    private, max-age=0

    Inform all caching mechanisms from server to client whether they may cache this object.

    • private

      May only be stored by a browser cache.

    • Max-Age

      0

      The time a browser should remember a site can only be accessed with https (seconds).

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    X-Xss-Protection

    1; mode=block

    Cross-site scripting (XSS) filter.

    • 1

      Enable XSS filtering.

    • Mode

      Filtering mode.

      • block - Block page if XSS is detected.
    Server

    GSE

    A name for the server.

    GSE - Description of the server software.

    Transfer-Encoding

    chunked

    Alt-Svc

    h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 2592000 (30 days)

        Max age for the alternative (seconds).

      • h3-29 - :443

        HTTP/3 (draft 29)

    • Service

      • ma - 2592000 (30 days)

        Max age for the alternative (seconds).

    Accept-Ranges

    none

    What partial content range types this server supports via byte serving.

    none - No range is supported.

    Vary

    Accept-Encoding

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding
    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.