HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
1059 ms

  • https://jewelspostcards.com/

    Status
    200
    Message
    OK
    Time
    1059 ms
  • IP
    104.21.56.253
    View Map

  • Timing

    Wait

    0 ms

    DNS

    10 ms

    TCP

    8 ms

    Request

    1 ms

    First Byte

    1026 ms

    Download

    0 ms

    Total

    1059 ms

  • HTTP Headers

    Date

    Wed, 05 Feb 2025 16:03:22 GMT

    The date and time that the message was sent.

    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.

    Cache-Control

    no-cache, private

    Inform all caching mechanisms from server to client whether they may cache this object.

    • no-cache

      May be stored by any cache but must be validated by the server.

    • private

      May only be stored by a browser cache.

    Set-Cookie

    XSRF-TOKEN=eyJpdiI6InZUa3IzZXl2ZVozZlNMTFhZYllNeHc9PSIsInZhbHVlIjoiajZ1Z1FGUG1nUGlCTVVoYnFOTGRkZkFLTWZhcEp3MGRQVmJsOWRUaGZnMURWZGs5WGJ0MUt6ZFk4R1Btdk13RzRJQUJzNkFZVHllVFVhOTh2Q3NBQUZqZmtQaEVRZk82ekkwTEZhYy9VTmNWaE5nNHJXMjkzSWZJMWpPZnFlQ0ciLCJtYWMiOiJiMDczY2IzM2IzNDJlOTM0OTBiN2M2YjVlNjA1NGI5Y2RhYjViZDhhM2JlNTczZDVlY2MyZWRiOWFlNzZkOWQ5IiwidGFnIjoiIn0%3D; expires=Wed, 05-Feb-2025 18:03:22 GMT; Max-Age=7200; path=/; samesite=lax

    A cookie sent from the server to be set on the client

    • XSRF-TOKEN

      eyJpdiI6InZUa3IzZXl2ZVozZlNMTFhZYllNeHc9PSIsInZhbHVlIjoiajZ1Z1FGUG1nUGlCTVVoYnFOTGRkZkFLTWZhcEp3MGRQVmJsOWRUaGZnMURWZGs5WGJ0MUt6ZFk4R1Btdk13RzRJQUJzNkFZVHllVFVhOTh2Q3NBQUZqZmtQaEVRZk82ekkwTEZhYy9VTmNWaE5nNHJXMjkzSWZJMWpPZnFlQ0ciLCJtYWMiOiJiMDczY2IzM2IzNDJlOTM0OTBiN2M2YjVlNjA1NGI5Y2RhYjViZDhhM2JlNTczZDVlY2MyZWRiOWFlNzZkOWQ5IiwidGFnIjoiIn0%3D

      Cookie name and value.

    • Expires

      Wed, 05-Feb-2025 18:03:22 GMT

      When the cookie should expire.

    • Max-Age

      7200 (2 hours)

      Number of seconds until the cookie expires.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • Samesite

      lax

      Cookie is not sent on cross-site requests but is when following a link to the origin.

    Set-Cookie

    modal195=eyJpdiI6ImZvQ3BYSUl1dWxOb2pxV0lNaDZmYkE9PSIsInZhbHVlIjoiZ0JJR0t6dEtyY0ZpR0N5ZS9MVWJBMktVM3JlVEpOcHNNd1ExNzVQRFpBNTllVzBVVnRZVW90RFZQeHRKclEvUyIsIm1hYyI6ImE2MGJmOTM1M2E3MzVhMDk4MWQyNzE0YzVlNTA1MGM1YTZlZGE4YWRiNTliOWI4NGNmMGRiYWYxMzg5MGM1MTgiLCJ0YWciOiIifQ%3D%3D; expires=Wed, 05-Feb-2025 21:03:22 GMT; Max-Age=18000; path=/; httponly; samesite=lax

    A cookie sent from the server to be set on the client

    • modal195

      eyJpdiI6ImZvQ3BYSUl1dWxOb2pxV0lNaDZmYkE9PSIsInZhbHVlIjoiZ0JJR0t6dEtyY0ZpR0N5ZS9MVWJBMktVM3JlVEpOcHNNd1ExNzVQRFpBNTllVzBVVnRZVW90RFZQeHRKclEvUyIsIm1hYyI6ImE2MGJmOTM1M2E3MzVhMDk4MWQyNzE0YzVlNTA1MGM1YTZlZGE4YWRiNTliOWI4NGNmMGRiYWYxMzg5MGM1MTgiLCJ0YWciOiIifQ%3D%3D

      Cookie name and value.

    • Expires

      Wed, 05-Feb-2025 21:03:22 GMT

      When the cookie should expire.

    • Max-Age

      18000 (5 hours)

      Number of seconds until the cookie expires.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • httponly

      Prevents access to the cookie through JavaScript.

    • Samesite

      lax

      Cookie is not sent on cross-site requests but is when following a link to the origin.

    Set-Cookie

    mpoplay_frontend_session=zyagmri8reKNYTvSnNcCnmbgvBHO8bF807DH2w6h; expires=Wed, 05-Feb-2025 18:03:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax

    A cookie sent from the server to be set on the client

    • mpoplay_frontend_session

      zyagmri8reKNYTvSnNcCnmbgvBHO8bF807DH2w6h

      Cookie name and value.

    • Expires

      Wed, 05-Feb-2025 18:03:22 GMT

      When the cookie should expire.

    • Max-Age

      7200 (2 hours)

      Number of seconds until the cookie expires.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • httponly

      Prevents access to the cookie through JavaScript.

    • Samesite

      lax

      Cookie is not sent on cross-site requests but is when following a link to the origin.

    Content-Security-Policy

    default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'

    The content security policy allows the server to determine what resources the user is allowed to load.

    • Default-Src

      Fallback for all fetches.

      • 'self'
      • ws:
      • wss:
      • http:
      • https:
      • data:
      • blob:
      • 'unsafe-inline'
    X-Xss-Protection

    1;mode=block

    Cross-site scripting (XSS) filter.

    • 1

      Enable XSS filtering.

    • Mode

      Filtering mode.

      • block - Block page if XSS is detected.
    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    Referrer-Policy

    strict-origin-when-cross-origin

    Controls what referrer information is sent with requests.

    strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.

    Strict-Transport-Security

    max-age=15552000

    A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

    • Max-Age

      15552000 (180 days)

      The time a browser should remember a site can only be accessed with https (seconds).

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    Cf-Cache-Status

    DYNAMIC

    Encoded information about your request from Cloudflare.

    DYNAMIC - This is not cached by default.

    Report-To

    {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXhsLQI%2B30Be%2BSbL2sKg3T3WXQZLw28bQjmCP8XowFNrFktEMrJyXKxFdwmh6bEb3KYw1peNFTd%2B6Q52XwEDjyDZxZlUAODrplwPdRgV3EEoPE2p9WHJNGPYtC1gHGp2MsvQvsxd"}],"group":"cf-nel","max_age":604800}

    Report to.

    • Endpoints

      • {"url":"https://a.nel.cloudflare.com/report/v4?s=qXhsLQI%2B30Be%2BSbL2sKg3T3WXQZLw28bQjmCP8XowFNrFktEMrJyXKxFdwmh6bEb3KYw1peNFTd%2B6Q52XwEDjyDZxZlUAODrplwPdRgV3EEoPE2p9WHJNGPYtC1gHGp2MsvQvsxd"}

    • Group

      cf-nel

    • Max_age

      604800

    Nel

    {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

    Configure network request logging.

    • Success_fraction

      0

    • Report_to

      cf-nel

    • Max_age

      604800

    Server

    cloudflare

    A name for the server.

    cloudflare - Description of the server software.

    Cf-Ray

    90d4214cbe16c9b9-IAD

    Encoded information about your request from Cloudflare.

    Alt-Svc

    h3=":443"; ma=86400

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 86400 (1 day)

        Max age for the alternative (seconds).

    Server-Timing

    cfL4;desc="?proto=TCP&rtt=7236&min_rtt=6963&rtt_var=2806&sent=4&recv=5&lost=0&retrans=0&sent_bytes=2849&recv_bytes=699&delivery_rate=415912&cwnd=32&unsent_bytes=0&cid=3c48c0238f417d02&ts=1033&x=0"

    Server metrics for the request.

    • Cfl4