HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
458 ms
  • IP
    18.160.78.36
    View Map

  • Timing

    Wait

    0 ms

    DNS

    24 ms

    TCP

    26 ms

    Request

    0 ms

    First Byte

    380 ms

    Download

    0 ms

    Total

    458 ms

  • HTTP Headers

    Content-Type

    text/html; charset=utf-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      utf-8

    Connection

    close

    Control options for the current connection and list of hop-by-hop response fields.

    close - The client or server would like to close the connection.

    Date

    Thu, 13 Mar 2025 17:57:36 GMT

    The date and time that the message was sent.

    Content-Security-Policy

    default-src *; script-src * 'unsafe-eval' 'unsafe-inline'; style-src * 'unsafe-inline'; font-src *; img-src * data:

    The content security policy allows the server to determine what resources the user is allowed to load.

    • Default-Src

      Fallback for all fetches.

      • *

    • Script-Src

      Define sources for JavaScript.

      • *
      • 'unsafe-eval'
      • 'unsafe-inline'

    • Style-Src

      Define sources for stylesheets.

      • *
      • 'unsafe-inline'

    • Font-Src

      Define sources for fonts.

      • *

    • Img-Src

      Define sources for images and favicons.

      • *
      • data:
    X-Frame-Options

    deny

    Clickjacking protection.

    deny - No rendering within frame.

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    Referrer-Policy

    origin-when-cross-origin

    Controls what referrer information is sent with requests.

    origin-when-cross-origin - Send the full referrer when performing a same origin request, and the origin when not.

    Permissions-Policy

    Enable and disable browser features.

    • Problems were found.

      • Unknown option
    Cache-Control

    s-maxage=120, stale-while-revalidate

    Inform all caching mechanisms from server to client whether they may cache this object.

    • S-Maxage

      120 (2 minutes)

      Override max-age for shared caches, ignored by private caches.

    • stale-while-revalidate

      Problems were found.

      • Option expected, none found
    X-Powered-By

    Next.js

    The software powering this site.

    Etag

    "11iq9k01y5816uj"

    An identifier for a specific version of a resource.

    • Validator

      strong

      A weak tag is easier to generate and prevents byte range caching.

    • Tag

      11iq9k01y5816uj

    Vary

    Accept-Encoding

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding
    X-Cache

    Miss from cloudfront

    Indicates whether a cache was used to server this response.

    Via

    1.1 1b0fae92623728841ddc8494230b1c98.cloudfront.net (CloudFront)

    Added by proxies to track a request through proxies and to avoid loops.

    • Version

      1.1

      Protocol version.

    • Host

      Host name.

    X-Amz-Cf-Pop

    ATL59-P2

    Alt-Svc

    h3=":443"; ma=86400

    Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.

    • Service

      • h3 - :443

    • Service

      • ma - 86400 (1 day)

        Max age for the alternative (seconds).

    X-Amz-Cf-Id

    z8_m5TeNUhDc_etwBKkzgMWJNO6dcUGudJDG8VgVf7jUYlXr2YA3JA==