HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
403
Total Requests
1
Total Time
181 ms

  • https://peatix.com/user/22869511

    Status
    403
    Message
    Forbidden
    Time
    181 ms
  • IP
    18.164.116.44
    View Map

  • Timing

    Wait

    0 ms

    DNS

    16 ms

    TCP

    7 ms

    Request

    0 ms

    First Byte

    152 ms

    Download

    1 ms

    Total

    181 ms

  • HTTP Headers

    Content-Type

    text/html

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    Content-Length

    520

    The length of the response body in octets (8-bit bytes).

    Connection

    keep-alive

    Control options for the current connection and list of hop-by-hop response fields.

    keep-alive - The client would like to keep the connection open.

    Server

    awselb/2.0

    A name for the server.

    • Server

      awselb

      Description of the server software.

    • Version

      2.0

      Version number.

    Date

    Wed, 25 Feb 2026 13:15:21 GMT

    The date and time that the message was sent.

    X-Cache

    Error from cloudfront

    Indicates whether a cache was used to server this response.

    Via

    1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)

    Added by proxies to track a request through proxies and to avoid loops.

    • Version

      1.1

      Protocol version.

    • Host

      Host name.

    X-Amz-Cf-Pop

    JFK50-P6

    Alt-Svc

    h3=":443"; ma=86400

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 86400 (1 day)

        Max age for the alternative (seconds).

    X-Amz-Cf-Id

    yCTFXN7tGVZcLuZlTN1pbyRydO5SQfS3X2TKcBoagyEnzj5yeiNPOA==

    X-Xss-Protection

    1; mode=block

    Cross-site scripting (XSS) filter.

    • 1

      Enable XSS filtering.

    • Mode

      Filtering mode.

      • block - Block page if XSS is detected.
    Referrer-Policy

    strict-origin-when-cross-origin

    Controls what referrer information is sent with requests.

    strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    Strict-Transport-Security

    max-age=31536000; includeSubDomains; preload

    A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

    • Max-Age

      31536000 (1 year)

      The time a browser should remember a site can only be accessed with https (seconds).

    • includesubdomains

      max-age applies to subdomains as well.

    • preload

      Use Google's preloading strict transport security.

    Content-Security-Policy-Report-Only

    img-src peatix.com *.peatix.com cdn.peatix.com peatix-api.com data:; report-uri https://o269841.ingest.us.sentry.io/api/1479144/security/?sentry_key=711e3a1b53e7bbbf26d836c624ee03e2&sentry_environment=production

    The content security policy, reporting only.

    Link

    <https://cdn.peatix.com>; rel="preconnect"; crossorigin

    Used to express a typed relationship with another resource.