server

Control options for the current connection and list of hop-by-hop response fields.

The client would like to keep the connection open.

connection

keep-alive

A cookie sent from the server to be set on the client

__ddg8_

The client will only send the cookie when requesting from this domain.

Domain

The client will only send the cookie when requesting this path, or subdirectories, from the server.

Path

Expires

set-cookie

__ddg10_

__ddg9_

__ddg1_

Prevents access to the cookie through JavaScript.

The date and time that the message was sent.

date

type

description

charset

content-type

The length of the response body in octets (8-bit bytes).

content-length

x-powered-by

Indicate whether the response can be shared with the given origin.

The browser is allowed to request resources from the origin.

access-control-allow-origin

Allow credentials to be sent in CORS requests.

access-control-allow-credentials

location

Indicates that different content may be provided to different clients, depending on the vary header.

headers

vary

SAMEORIGIN

x-frame-options

Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

Block requests if type 'style' or 'script'.

x-content-type-options

mode

x-xss-protection

The resource has temporarily been moved to another location. This is superseded by 303 and 307.

Encoded information about your request from Cloudflare.

cf-ray

cf-cache-status

What partial content range types this server supports via byte serving.

accept-ranges

The age the object has been in a proxy cache in seconds.

Inform all caching mechanisms from server to client whether they may cache this object.

May be stored by any cache but must be validated by the server.

post-check

pre-check

cache-control

The time at which the response is considered stale.

expires

A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

The time a browser should remember a site can only be accessed with https (seconds).

max-age

Use Google's preloading strict transport security.

strict-transport-security

Added by proxies to track a request through proxies and to avoid loops.

version

host

The content security policy, reporting only.

default-src

connect-src

font-src

frame-src

img-src

Define sources for audio, video, and track elements.

media-src

Define sources for object, embed, and applet elements.

object-src

script-src

style-src

Define sources for Worker, SharedWork, and ServiceWorker scripts.

worker-src

report-to

report-uri

content-security-policy-report-only

x-backend-proxy

x-bapp-server

Indicates whether a cache was used to server this response.

x-cache

x-cache-hits

x-enforced

sameorigin

x-link-match

x-served-by

x-timer

x-varnish-cache

x-vserver

__cf_bm

path

domain

The cookie is only sent when requesting from a https domain.

Cookie sent with both cross-site and same-site requests..

SameSite

_cfuvid

The resource could not be found, but may be available in the future.

HTTP Headers

Summary

Details

`https://u.to/OuGwIA`

`https://vimeo.com/703525373`