HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 936 ms
https://thebestaz.com/- Status
- 200
- Message
- OK
- Time
- 936 ms
- IP
- 172.67.144.48
Timing
Wait
0 ms
DNS
9 ms
TCP
2 ms
Request
0 ms
First Byte
918 ms
Download
0 ms
Total
936 ms
HTTP Headers
- Date
Fri, 04 Apr 2025 20:46:18 GMT
The date and time that the message was sent.
- Content-Type
text/html; charset=UTF-8
The MIME type of this content.
Type
text/html
Description
HTML file
Charset
UTF-8
- Connection
close
Control options for the current connection and list of hop-by-hop response fields.
close - The client or server would like to close the connection.
- Cache-Control
no-cache, private
Inform all caching mechanisms from server to client whether they may cache this object.
no-cache
May be stored by any cache but must be validated by the server.
private
May only be stored by a browser cache.
- Content-Security-Policy
default-src 'self' ws: wss: http: https: data: blob: 'unsafe-inline'
The content security policy allows the server to determine what resources the user is allowed to load.
Default-Src
Fallback for all fetches.
- 'self'
- ws:
- wss:
- http:
- https:
- data:
- blob:
- 'unsafe-inline'
- X-Xss-Protection
1;mode=block
Cross-site scripting (XSS) filter.
1
Enable XSS filtering.
Mode
Filtering mode.
- block - Block page if XSS is detected.
- X-Frame-Options
SAMEORIGIN
Clickjacking protection.
SAMEORIGIN - No rendering if origin mismatch.
- Referrer-Policy
strict-origin-when-cross-origin
Controls what referrer information is sent with requests.
strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.
- Strict-Transport-Security
max-age=15552000
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Max-Age
15552000 (180 days)
The time a browser should remember a site can only be accessed with https (seconds).
- X-Content-Type-Options
nosniff
Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
nosniff - Block requests if type 'style' or 'script'.
- Cf-Cache-Status
DYNAMIC
Encoded information about your request from Cloudflare.
DYNAMIC - This is not cached by default.
- Server
cloudflare
A name for the server.
cloudflare - Description of the server software.
- Set-Cookie
XSRF-TOKEN=eyJpdiI6InBrUkptQW52WXBqMVMydUY3TWFVMnc9PSIsInZhbHVlIjoiZHJxd3RJd055RytSbU4rWS91N1J6Q0ZyaEg4TXpEenhiTllKaXgzTTdCMFZXZC9CYmdES3ZzTmJGdDZSV1hqZjA3R2JpYXhJNlVlZFVWT2QyalBoMFQ1OE13Qm5PVVJ1cFU2RnczR1BWTmF3NmFLOW1QSHpHd0xBSlBnNi9xdlUiLCJtYWMiOiI5MDY1OTc1N2ZhZDRmMTNmODE2NDI5MzJhMmM0NzhlNTdiYjM0NWI0NGQ4Zjg4NzY2YzQ1OGZmMDQ5NjZkYjExIiwidGFnIjoiIn0%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Fri, 04 Apr 2025 22:46:18 GMT
A cookie sent from the server to be set on the client
XSRF-TOKEN
eyJpdiI6InBrUkptQW52WXBqMVMydUY3TWFVMnc9PSIsInZhbHVlIjoiZHJxd3RJd055RytSbU4rWS91N1J6Q0ZyaEg4TXpEenhiTllKaXgzTTdCMFZXZC9CYmdES3ZzTmJGdDZSV1hqZjA3R2JpYXhJNlVlZFVWT2QyalBoMFQ1OE13Qm5PVVJ1cFU2RnczR1BWTmF3NmFLOW1QSHpHd0xBSlBnNi9xdlUiLCJtYWMiOiI5MDY1OTc1N2ZhZDRmMTNmODE2NDI5MzJhMmM0NzhlNTdiYjM0NWI0NGQ4Zjg4NzY2YzQ1OGZmMDQ5NjZkYjExIiwidGFnIjoiIn0%3D
Cookie name and value.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Max-Age
7200 (2 hours)
Number of seconds until the cookie expires.
Expires
Fri, 04 Apr 2025 22:46:18 GMT
When the cookie should expire.
- Set-Cookie
modal814=eyJpdiI6IjNYbDBBTnhvejhvaGJGZHFQTjNoMnc9PSIsInZhbHVlIjoiV2hndzhvQ20rQjExdWNaVHRUb0dmZDNFTHBqSkxGdmxoT2VtWSt5MnBZNk9TU2pNRE5sQWZJNDFJam13NDdTOCIsIm1hYyI6IjFjOTg2MGVlNjU5OWYzNzkzNjllYmIzMzJjNWQyYTIwZDg4NjIzZWYyMWQzMjM2NjAzYTBjYThjOTY0NmE4OTciLCJ0YWciOiIifQ%3D%3D; HttpOnly; SameSite=Lax; Path=/; Max-Age=18000; Expires=Sat, 05 Apr 2025 01:46:18 GMT
A cookie sent from the server to be set on the client
modal814
eyJpdiI6IjNYbDBBTnhvejhvaGJGZHFQTjNoMnc9PSIsInZhbHVlIjoiV2hndzhvQ20rQjExdWNaVHRUb0dmZDNFTHBqSkxGdmxoT2VtWSt5MnBZNk9TU2pNRE5sQWZJNDFJam13NDdTOCIsIm1hYyI6IjFjOTg2MGVlNjU5OWYzNzkzNjllYmIzMzJjNWQyYTIwZDg4NjIzZWYyMWQzMjM2NjAzYTBjYThjOTY0NmE4OTciLCJ0YWciOiIifQ%3D%3D
Cookie name and value.
HttpOnly
Prevents access to the cookie through JavaScript.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Max-Age
18000 (5 hours)
Number of seconds until the cookie expires.
Expires
Sat, 05 Apr 2025 01:46:18 GMT
When the cookie should expire.
- Set-Cookie
mpoplay_frontend_session=AiMeyUl6H932Qp9MrtHTFVZU1ypKfnHKmZrBm7GU; HttpOnly; SameSite=Lax; Path=/; Max-Age=7200; Expires=Fri, 04 Apr 2025 22:46:18 GMT
A cookie sent from the server to be set on the client
mpoplay_frontend_session
AiMeyUl6H932Qp9MrtHTFVZU1ypKfnHKmZrBm7GU
Cookie name and value.
HttpOnly
Prevents access to the cookie through JavaScript.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Max-Age
7200 (2 hours)
Number of seconds until the cookie expires.
Expires
Fri, 04 Apr 2025 22:46:18 GMT
When the cookie should expire.
- Cf-Ray
92b3a77dbed5f791-EWR
Encoded information about your request from Cloudflare.
- Alt-Svc
h3=":443"; ma=86400
Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.
Service
- h3 - :443
Service
- ma - 86400 (1 day)
Max age for the alternative (seconds).
- ma - 86400 (1 day)