HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 377 ms
https://www.credly.com/users/beatblow19/badges- Status
- 200
- Message
- OK
- Time
- 377 ms
- IP
- 18.216.127.211
Timing
Wait
0 ms
DNS
77 ms
TCP
24 ms
Request
0 ms
First Byte
244 ms
Download
1 ms
Total
377 ms
HTTP Headers
- Date
Sun, 08 Sep 2024 02:13:12 GMT
The date and time that the message was sent.
- Content-Type
text/html; charset=utf-8
The MIME type of this content.
Type
text/html
Description
HTML file
Charset
utf-8
- Connection
close
Control options for the current connection and list of hop-by-hop response fields.
close - The client or server would like to close the connection.
- X-Frame-Options
SAMEORIGIN
Clickjacking protection.
SAMEORIGIN - No rendering if origin mismatch.
- X-Xss-Protection
0
Cross-site scripting (XSS) filter.
0 - Disable XSS filtering.
- X-Content-Type-Options
nosniff
Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
nosniff - Block requests if type 'style' or 'script'.
- X-Download-Options
noopen
- X-Permitted-Cross-Domain-Policies
none
Specifies if a cross-domain policy is allowed.
none - No policy is allowed.
- Referrer-Policy
strict-origin-when-cross-origin
Controls what referrer information is sent with requests.
strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.
- Link
<//fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700>; rel=preload; as=style; nopush,<//use.typekit.net/bcc0eop.css>; rel=preload; as=style; nopush,<https://cdn.credly.com/assets/transitional-77168a2fe1d4bebcc860ef4ecbe16637defc7c27710e5ffb8dda025fa71c1c69.css>; rel=preload; as=style; nopush,<https://cdn.credly.com/assets/application-6a07c816539fdbd60e3001972e1b3c864680bce9abc2b47bd21de7cb69c66ebc.css>; rel=preload; as=style; nopush,<https://cdn.credly.com/assets/ie_polyfills.legacy-browser-19f8e03888197c91592c12b27330a2469145e9c2704aacb53a996c27be0e046c.js>; rel=preload; as=script; crossorigin=anonymous; nopush,<https://cdn.credly.com/assets/utilities/set_time_zone_cookie-aca1fcb79ea4e90d8e963d7850b867a9bbeb077b05a6cad141c1ce7d945fd20d.js>; rel=preload; as=script; crossorigin=anonymous; nopush,<https://cdn.credly.com/assets/application.legacy-browser-5737b981e62779fba842bdb15d4ab48d04c283bce2dc71fe3d7e16dc99c16855.js>; rel=preload; as=script; crossorigin=anonymous; nopush
Used to express a typed relationship with another resource.
Link
//fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700
- as - style
- nopush
Link
//use.typekit.net/bcc0eop.css
- as - style
- nopush
Link
- as - script
- crossorigin - anonymous
- nopush
Link
- as - script
- crossorigin - anonymous
- nopush
Link
- rel - preload
- as - script
- crossorigin - anonymous
- nopush
- Cache-Control
no-store
Inform all caching mechanisms from server to client whether they may cache this object.
no-store - May not be stored by any cache.
- Vary
Accept-Encoding
Indicates that different content may be provided to different clients, depending on the vary header.
Headers
- Accept-Encoding
- Etag
W/"59e46b7b6de2344911b3fdc11b2766ba"
An identifier for a specific version of a resource.
Validator
weak
A weak tag is easier to generate and prevents byte range caching.
Tag
59e46b7b6de2344911b3fdc11b2766ba
- Set-Cookie
ga_ab_slice=51; path=/; expires=Wed, 11 Sep 2024 21:30:00 GMT; SameSite=Lax; secure
A cookie sent from the server to be set on the client
ga_ab_slice
51
Cookie name and value.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Expires
Wed, 11 Sep 2024 21:30:00 GMT
When the cookie should expire.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
secure
The cookie is only sent when requesting from a https domain.
- Set-Cookie
_credly_perm_session=e8bdf4b4-4427-4329-a9c1-e8083e223984; path=/; expires=Thu, 08 Sep 2044 02:13:12 GMT; SameSite=Lax; secure
A cookie sent from the server to be set on the client
_credly_perm_session
e8bdf4b4-4427-4329-a9c1-e8083e223984
Cookie name and value.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Expires
Thu, 08 Sep 2044 02:13:12 GMT
When the cookie should expire.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
secure
The cookie is only sent when requesting from a https domain.
- Set-Cookie
_jefferson_session=7ae03ffc5a318dae224a880946d2f24b; path=/; expires=Sun, 08 Sep 2024 02:43:12 GMT; secure; HttpOnly; SameSite=Lax
A cookie sent from the server to be set on the client
_jefferson_session
7ae03ffc5a318dae224a880946d2f24b
Cookie name and value.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Expires
Sun, 08 Sep 2024 02:43:12 GMT
When the cookie should expire.
secure
The cookie is only sent when requesting from a https domain.
HttpOnly
Prevents access to the cookie through JavaScript.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
- X-Request-Id
Root1-66dd0838-1af6ddd6324de8ea3c8d3058
- X-Runtime
0.216236
- Strict-Transport-Security
max-age=63072000; includeSubDomains
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Max-Age
63072000 (2 years)
The time a browser should remember a site can only be accessed with https (seconds).
includesubdomains
max-age applies to subdomains as well.
- Content-Security-Policy
frame-ancestors none;
The content security policy allows the server to determine what resources the user is allowed to load.
Frame-Ancestors
Define valid parents for frame, iframe, embed, object, and applet.
- none
- X-Dns-Prefetch-Control
off