HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
624 ms

  • https://shamrock-arrow.com/

    Status
    200
    Message
    OK
    Time
    624 ms
  • IP
    45.194.53.52
    View Map

  • Timing

    Wait

    0 ms

    DNS

    9 ms

    TCP

    2 ms

    Request

    0 ms

    First Byte

    601 ms

    Download

    0 ms

    Total

    624 ms

  • HTTP Headers

    Date

    Fri, 09 May 2025 18:27:18 GMT

    The date and time that the message was sent.

    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.

    Server

    cloudflare

    A name for the server.

    cloudflare - Description of the server software.

    Strict-Transport-Security

    max-age=31536000; includeSubDomains; preload

    A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

    • Max-Age

      31536000 (1 year)

      The time a browser should remember a site can only be accessed with https (seconds).

    • includesubdomains

      max-age applies to subdomains as well.

    • preload

      Use Google's preloading strict transport security.

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    X-Frame-Options

    SAMEORIGIN, SAMEORIGIN

    Clickjacking protection.

    • SAMEORIGIN,

      Problems were found.

      • Option is not one of known values.

    • Sameorigin

      SAMEORIGIN, SAMEORIGIN

      No rendering if origin mismatch.

    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    Problems were detected with this header

    • Duplicate header. There is another header with this name and this may cause problems.
    Referrer-Policy

    strict-origin-when-cross-origin

    Controls what referrer information is sent with requests.

    strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.

    Cache-Control

    no-store, no-cache, must-revalidate, max-age=0

    Inform all caching mechanisms from server to client whether they may cache this object.

    • no-store

      May not be stored by any cache.

    • no-cache

      May be stored by any cache but must be validated by the server.

    • must-revalidate

      Stale caches must not be used.

    • Max-Age

      0

      The time a browser should remember a site can only be accessed with https (seconds).

    X-Xss-Protection

    1; mode=block

    Cross-site scripting (XSS) filter.

    • 1

      Enable XSS filtering.

    • Mode

      Filtering mode.

      • block - Block page if XSS is detected.
    Cf-Cache-Status

    DYNAMIC

    Encoded information about your request from Cloudflare.

    DYNAMIC - This is not cached by default.

    Report-To

    {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BWZ68Wx82rfsbOiwlJJwLy8AwYXqNOxiL1BnozjNS7Shka1BwGBlBe6rWyNp56UfVGjFukLNopjrBLzGhepXsOh0wtwNZO2v%2Bt4siG4v3vk95TG2HkNFnAP1b9wnxl%2BSNsunfNE%3D"}]}

    Report to.

    • Group

      cf-nel

    • Max_age

      604800

    • Endpoints

      • {"url":"https://a.nel.cloudflare.com/report/v4?s=%2BWZ68Wx82rfsbOiwlJJwLy8AwYXqNOxiL1BnozjNS7Shka1BwGBlBe6rWyNp56UfVGjFukLNopjrBLzGhepXsOh0wtwNZO2v%2Bt4siG4v3vk95TG2HkNFnAP1b9wnxl%2BSNsunfNE%3D"}
    Nel

    {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}

    Configure network request logging.

    • Report_to

      cf-nel

    • Success_fraction

      0

    • Max_age

      604800

    Set-Cookie

    XSRF-TOKEN=eyJpdiI6Ik94RXc5MHZOYlNwdVgvTmRqOTI4R0E9PSIsInZhbHVlIjoiNW91QjEvRVIrOGdwRDlXMmdKVjhYdldkUTNoQXg3K3QyNTNsNlJBWFNZVlVnOW53bmpQWUxTQnhhNDJKYlZNRzMzT2ZxZHpUaU9WOHNnMjYrQ290V1VUS2RiSmUyOTZZa0JuTmhUM3cya21oRWhKRVRuMTU1LzR1U3R3T0R2aXgiLCJtYWMiOiIzNmZiNzQ1ZmRkYTdlN2ViNzIyNmFmY2JjNjc0ZDNjNDYzNWE1NjE3NzdjNmYzZmIxYjQ3NWQwN2Q0NzFkNzY5IiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=28800; Expires=Sat, 10 May 2025 02:27:18 GMT

    A cookie sent from the server to be set on the client

    • XSRF-TOKEN

      eyJpdiI6Ik94RXc5MHZOYlNwdVgvTmRqOTI4R0E9PSIsInZhbHVlIjoiNW91QjEvRVIrOGdwRDlXMmdKVjhYdldkUTNoQXg3K3QyNTNsNlJBWFNZVlVnOW53bmpQWUxTQnhhNDJKYlZNRzMzT2ZxZHpUaU9WOHNnMjYrQ290V1VUS2RiSmUyOTZZa0JuTmhUM3cya21oRWhKRVRuMTU1LzR1U3R3T0R2aXgiLCJtYWMiOiIzNmZiNzQ1ZmRkYTdlN2ViNzIyNmFmY2JjNjc0ZDNjNDYzNWE1NjE3NzdjNmYzZmIxYjQ3NWQwN2Q0NzFkNzY5IiwidGFnIjoiIn0%3D

      Cookie name and value.

    • HttpOnly

      Prevents access to the cookie through JavaScript.

    • Samesite

      None

      Cookie sent with both cross-site and same-site requests..

    • Secure

      The cookie is only sent when requesting from a https domain.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • Max-Age

      28800 (8 hours)

      Number of seconds until the cookie expires.

    • Expires

      Sat, 10 May 2025 02:27:18 GMT

      When the cookie should expire.

    Set-Cookie

    gigagaming=eyJpdiI6Iks1aEFpcUVQSWxkRS84cnFJeDBiNUE9PSIsInZhbHVlIjoiTkR0cjE1aWc3OUNRZzVzOVRSVTY3VEIvdGpGUFdnbUFSeFB4R2E3SmtBcEMxcXVUWGl0TWVXUitndkFIdStDeGpNNytXdmFlT1RYTkpFR0VXRnRkWG1XZmlza1ZhOXB0U2lDQ0ovZXhySFl4YVZ1S1FyMXdrSlNtVld1a1hpVUkiLCJtYWMiOiJmNzRlNjc2MDA5NzY2OWY3M2NjMGQxNDJjZjgzNjE4NjJlNmYyNjRjNzYwYjlmMzdkMzc3MTFkZDc4NDAxYzRkIiwidGFnIjoiIn0%3D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=28800; Expires=Sat, 10 May 2025 02:27:18 GMT

    A cookie sent from the server to be set on the client

    • gigagaming

      eyJpdiI6Iks1aEFpcUVQSWxkRS84cnFJeDBiNUE9PSIsInZhbHVlIjoiTkR0cjE1aWc3OUNRZzVzOVRSVTY3VEIvdGpGUFdnbUFSeFB4R2E3SmtBcEMxcXVUWGl0TWVXUitndkFIdStDeGpNNytXdmFlT1RYTkpFR0VXRnRkWG1XZmlza1ZhOXB0U2lDQ0ovZXhySFl4YVZ1S1FyMXdrSlNtVld1a1hpVUkiLCJtYWMiOiJmNzRlNjc2MDA5NzY2OWY3M2NjMGQxNDJjZjgzNjE4NjJlNmYyNjRjNzYwYjlmMzdkMzc3MTFkZDc4NDAxYzRkIiwidGFnIjoiIn0%3D

      Cookie name and value.

    • HttpOnly

      Prevents access to the cookie through JavaScript.

    • Samesite

      None

      Cookie sent with both cross-site and same-site requests..

    • Secure

      The cookie is only sent when requesting from a https domain.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • Max-Age

      28800 (8 hours)

      Number of seconds until the cookie expires.

    • Expires

      Sat, 10 May 2025 02:27:18 GMT

      When the cookie should expire.

    Set-Cookie

    ROUTEID=.1; HttpOnly; Secure; Path=/

    A cookie sent from the server to be set on the client

    • ROUTEID

      .1

      Cookie name and value.

    • HttpOnly

      Prevents access to the cookie through JavaScript.

    • Secure

      The cookie is only sent when requesting from a https domain.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    Cf-Ray

    93d34007ba05238e-EWR

    Encoded information about your request from Cloudflare.

    Alt-Svc

    h3=":443"; ma=86400

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 86400 (1 day)

        Max age for the alternative (seconds).