HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 1071 ms
https://site905905333.fo.team/- Status
- 200
- Message
- OK
- Time
- 1071 ms
- IP
- 91.200.28.220
Timing
Wait
0 ms
DNS
351 ms
TCP
134 ms
Request
0 ms
First Byte
313 ms
Download
0 ms
Total
1071 ms
HTTP Headers
- Server
openresty/1.21.4.1
A name for the server.
Server
openresty
Description of the server software.
Version
1.21.4.1
Version number.
- Date
Wed, 10 Dec 2025 05:19:56 GMT
The date and time that the message was sent.
- Content-Type
text/html; charset=utf-8
The MIME type of this content.
Type
text/html
Description
HTML file
Charset
utf-8
- Connection
keep-alive
Control options for the current connection and list of hop-by-hop response fields.
keep-alive - The client would like to keep the connection open.
- Vary
Accept-Encoding
Indicates that different content may be provided to different clients, depending on the vary header.
Headers
- Accept-Encoding
- Vary
Origin
Indicates that different content may be provided to different clients, depending on the vary header.
Headers
- Origin
Problems were detected with this header
- Duplicate header. There is another header with this name and this may cause problems.
- X-Frame-Options
ALLOW-FROM https://editor.fo.ru/
Clickjacking protection.
ALLOW-FROM
Allow from specified location.
Problems were found.
- Header is deprecated and should be removed.
- Access-Control-Allow-Origin
Indicate whether the response can be shared with the given origin.
https://editor.fo.ru/
Problems were found.
- Option is not one of known values.
- Access-Control-Allow-Credentials
true
Allow credentials to be sent in CORS requests.
- Content-Security-Policy
frame-ancestors 'self' localhost fo.ru editor.fo.ru yep.com fosite.ru localhost:3000 172.16.55.208:3000 localhost:9222 betaeditor.fo.ru metrika.yandex.ru metrika.yandex.by metrica.yandex.com metrica.yandex.com.tr webvisor.com fo.vin editor.fo.vin mc.yandex.ru *.yandex.tld *.yandex.net webvisor.com mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.uz mc.webvisor.com mc.webvisor.org yastatic.net;
The content security policy allows the server to determine what resources the user is allowed to load.
frame-ancestors
Define valid parents for frame, iframe, embed, object, and applet.
Problems were found.
- Duplicate value detected.
- 'self'
- localhost
- fo.ru
- editor.fo.ru
- yep.com
- fosite.ru
- localhost:3000
- 172.16.55.208:3000
- localhost:9222
- betaeditor.fo.ru
- metrika.yandex.ru
- metrika.yandex.by
- metrica.yandex.com
- metrica.yandex.com.tr
- webvisor.com
Duplicated value.
- fo.vin
- editor.fo.vin
- mc.yandex.ru
Duplicated value.
- *.yandex.tld
- *.yandex.net
- webvisor.com
Duplicated value.
- mc.yandex.ru
Duplicated value.
- mc.yandex.az
- mc.yandex.by
- mc.yandex.co.il
- mc.yandex.com
- mc.yandex.com.am
- mc.yandex.com.ge
- mc.yandex.com.tr
- mc.yandex.ee
- mc.yandex.fr
- mc.yandex.kg
- mc.yandex.kz
- mc.yandex.lt
- mc.yandex.lv
- mc.yandex.md
- mc.yandex.tj
- mc.yandex.tm
- mc.yandex.uz
- mc.webvisor.com
- mc.webvisor.org
- yastatic.net
- Etag
W/"bf26f73ce074d8d8a6c3ee38f65ae520"
An identifier for a specific version of a resource.
Validator
weak
A weak tag is easier to generate and prevents byte range caching.
Tag
bf26f73ce074d8d8a6c3ee38f65ae520
- Cache-Control
max-age=0, private, must-revalidate
Inform all caching mechanisms from server to client whether they may cache this object.
Max-Age
0
The time a browser should remember a site can only be accessed with https (seconds).
private
May only be stored by a browser cache.
must-revalidate
Stale caches must not be used.
- Set-Cookie
XSRF-TOKEN=QlQeg0OjonesKIFAoluqodfSsGjgkCGZtAQnnlvpRI1YsI9SnS%2B%2FLYsZYL2LQHqe6wUzUzOa8WjBc5XRRUXNmA%3D%3D; path=/; Secure; SameSite=None
A cookie sent from the server to be set on the client
XSRF-TOKEN
QlQeg0OjonesKIFAoluqodfSsGjgkCGZtAQnnlvpRI1YsI9SnS%2B%2FLYsZYL2LQHqe6wUzUzOa8WjBc5XRRUXNmA%3D%3D
Cookie name and value.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Secure
The cookie is only sent when requesting from a https domain.
Samesite
None
Cookie sent with both cross-site and same-site requests..
- Set-Cookie
foru_session=SnJUMnBSTjZ2NGlMRnZteVlJajRsdUZqWDlFL3h3SzdRcGpvOG1UZisvMFZ4Q2phWnBHbTY0Y1phZ0QvMC9FVFRtK0Y5OEZtc04yb25kZ2hjZmR6aDhnRVFhUVlVM0dmeCtNMHJjUUtLazdtbDhqTlM3Q0FRYzIwdjREVmQvWVZSeVBFZEhSRHNETkh4L3FYMDRNNHRnPT0tLW5CYUIyN2Ixa2NkWCtpZzdsc2RGOFE9PQ%3D%3D--873c211329becbf77d27b214617d745ef693980f; domain=.site905905333.fo.team; path=/; expires=Wed, 24 Dec 2025 05:19:56 GMT; secure; SameSite=None
A cookie sent from the server to be set on the client
foru_session
SnJUMnBSTjZ2NGlMRnZteVlJajRsdUZqWDlFL3h3SzdRcGpvOG1UZisvMFZ4Q2phWnBHbTY0Y1phZ0QvMC9FVFRtK0Y5OEZtc04yb25kZ2hjZmR6aDhnRVFhUVlVM0dmeCtNMHJjUUtLazdtbDhqTlM3Q0FRYzIwdjREVmQvWVZSeVBFZEhSRHNETkh4L3FYMDRNNHRnPT0tLW5CYUIyN2Ixa2NkWCtpZzdsc2RGOFE9PQ%3D%3D--873c211329becbf77d27b214617d745ef693980f
Cookie name and value.
Domain
.site905905333.fo.team
The client will only send the cookie when requesting from this domain.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Expires
Wed, 24 Dec 2025 05:19:56 GMT
When the cookie should expire.
secure
The cookie is only sent when requesting from a https domain.
Samesite
None
Cookie sent with both cross-site and same-site requests..
- X-Request-Id
0a278207-12b2-414b-bd5c-e5c3b2a60230
- X-Runtime
0.173271