HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 66 ms
https://whatweather.today/
- Status
- 200
- Message
- OK
- Time
- 66 ms
- IP
- 172.67.192.201
Timing
Wait
0 ms
DNS
18 ms
TCP
2 ms
Request
0 ms
First Byte
40 ms
Download
0 ms
Total
66 ms
HTTP Headers
- Date
Sun, 16 Mar 2025 05:33:49 GMT
The date and time that the message was sent.
- Content-Type
text/html
The MIME type of this content.
Type
text/html
Description
HTML file
- Connection
close
Control options for the current connection and list of hop-by-hop response fields.
close - The client or server would like to close the connection.
- Cache-Control
public, max-age=0
Inform all caching mechanisms from server to client whether they may cache this object.
public
May be stored by any cache.
Max-Age
0
The time a browser should remember a site can only be accessed with https (seconds).
- Expires
Sun, 16 Mar 2025 05:33:48 GMT
The time at which the response is considered stale.
- Last-Modified
Sat, 15 Mar 2025 19:55:19 GMT
The last modified date for the requested object.
- Vary
Accept-Encoding,User-Agent,Accept-Encoding
Indicates that different content may be provided to different clients, depending on the vary header.
Headers
- Accept-Encoding
- User-Agent
- Accept-Encoding
Problems were detected with this header
- Duplicates
- Platform
hostinger
- Panel
hpanel
- Content-Security-Policy
upgrade-insecure-requests
The content security policy allows the server to determine what resources the user is allowed to load.
upgrade-insecure-requests - Treat insecure URLs as though they are secure.
- Referrer-Policy
strict-origin-when-cross-origin
Controls what referrer information is sent with requests.
strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.
- X-Frame-Options
sameorigin
Clickjacking protection.
sameorigin - No rendering if origin mismatch.
- X-Xss-Protection
1; mode=block
Cross-site scripting (XSS) filter.
1
Enable XSS filtering.
Mode
Filtering mode.
- block - Block page if XSS is detected.
- X-Content-Type-Options
nosniff
Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
nosniff - Block requests if type 'style' or 'script'.
- Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Max-Age
15552000 (180 days)
The time a browser should remember a site can only be accessed with https (seconds).
includesubdomains
max-age applies to subdomains as well.
preload
Use Google's preloading strict transport security.
- Permissions-Policy
midi=(),sync-xhr=(),accelerometer=(), gyroscope=(), magnetometer=(), camera=()
Enable and disable browser features.
midi
Control access to MIDI API.
- () - Feature is disabled.
sync-xhr
Control access to XMLHttpRequests.
- () - Feature is disabled.
accelerometer
Control access to accelerometer.
- () - Feature is disabled.
gyroscope
Control access to gyroscope API.
- () - Feature is disabled.
magnetometer
Control access to magnetometer API.
- () - Feature is disabled.
camera
Control access to camera.
- () - Feature is disabled.
- Alt-Svc
h3=":443"; ma=86400
Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.
Service
- h3 - :443
Service
- ma - 86400 (1 day)
Max age for the alternative (seconds).
- ma - 86400 (1 day)
- X-Turbo-Charged-By
LiteSpeed
- Cf-Cache-Status
DYNAMIC
Encoded information about your request from Cloudflare.
DYNAMIC - This is not cached by default.
- Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnrE4Iwwmb3gwA%2FtzoRpuOijshjqRqrdcDCbSCY%2FvVV3TOa3xnsl%2BiF2J7Z6KaljC0Lh9%2BkU0rJZ2r4Ni6FqQvRyhkt0Mr%2BdMhSHhXkL2SwZ4Cn0nnB1q4zO5PJNrdsgiyGmfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Report to.
Endpoints
- {"url":"https://a.nel.cloudflare.com/report/v4?s=cnrE4Iwwmb3gwA%2FtzoRpuOijshjqRqrdcDCbSCY%2FvVV3TOa3xnsl%2BiF2J7Z6KaljC0Lh9%2BkU0rJZ2r4Ni6FqQvRyhkt0Mr%2BdMhSHhXkL2SwZ4Cn0nnB1q4zO5PJNrdsgiyGmfQ%3D%3D"}
Group
cf-nel
Max_age
604800
- Nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Configure network request logging.
Success_fraction
0Report_to
cf-nel
Max_age
604800
- Speculation-Rules
"/cdn-cgi/speculation"
- Server
cloudflare
A name for the server.
cloudflare - Description of the server software.
- Cf-Ray
9211e0bd1de4b29e-EWR
Encoded information about your request from Cloudflare.
- Server-Timing
cfL4;desc="?proto=TCP&rtt=1710&min_rtt=1355&rtt_var=762&sent=3&recv=5&lost=0&retrans=0&sent_bytes=2840&recv_bytes=695&delivery_rate=2137269&cwnd=252&unsent_bytes=0&cid=4b997782df153f82&ts=44&x=0"
Server metrics for the request.
Cfl4