HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 4494 ms
https://www.popsugar.com/profile/manxearth43- Status
- 403
- Message
- Bad Behavior
- Time
- 4494 ms
- IP
- 199.232.37.91
Timing
Wait
0 ms
DNS
4 ms
TCP
2 ms
Request
0 ms
First Byte
4481 ms
Download
1 ms
Total
4494 ms
HTTP Headers
- Connection
close
Control options for the current connection and list of hop-by-hop response fields.
close - The client or server would like to close the connection.
- Content-Type
text/html; charset=UTF-8
The MIME type of this content.
Type
text/html
Description
HTML file
Charset
UTF-8
- Set-Cookie
PHPSESSID=3anj9um5n14q4huvk22gmsovb3; expires=Mon, 26-May-2025 17:09:22 GMT; Max-Age=2000000; path=/; secure; SameSite=None
A cookie sent from the server to be set on the client
PHPSESSID
3anj9um5n14q4huvk22gmsovb3
Cookie name and value.
Expires
Mon, 26-May-2025 17:09:22 GMT
When the cookie should expire.
Max-Age
2000000 (23 days 3 hours 33 minutes 20 seconds)
Number of seconds until the cookie expires.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
secure
The cookie is only sent when requesting from a https domain.
Samesite
None
Cookie sent with both cross-site and same-site requests..
- Set-Cookie
client_locale=US; expires=Sun, 04-May-2025 13:36:02 GMT; Max-Age=86400; path=/; secure; SameSite=None
A cookie sent from the server to be set on the client
client_locale
US
Cookie name and value.
Expires
Sun, 04-May-2025 13:36:02 GMT
When the cookie should expire.
Max-Age
86400 (1 day)
Number of seconds until the cookie expires.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
secure
The cookie is only sent when requesting from a https domain.
Samesite
None
Cookie sent with both cross-site and same-site requests..
- Set-Cookie
ss1=0%7C1748279364%7CRaz33pi9i51IbPlFrqYAOMF%2BWwXwmi7vOE%2Ft4I21SSnHZO28xwuZrPLDga9EwqZqCY3i0ynUxBza3zQHwasZum5%2B0WzhAB%2FEcAsKyxseXPJjQjH4sgetJRcnCfBHieT0HR3XwmmLuR6OA%2B1rxCSa82HL6QxT0wVjm45NsCaucrZpMvvX%2Bb%2FPHTa9NqDmvFSoQO5aQKvLmy2%2Fc7yeUAkE4w%3D%3D%7C65bdcb9db48e5087aa04bd76ebb5a64a13b043b7; expires=Mon, 26-May-2025 17:09:24 GMT; Max-Age=2000000; path=/; secure; SameSite=None
A cookie sent from the server to be set on the client
ss1
0%7C1748279364%7CRaz33pi9i51IbPlFrqYAOMF%2BWwXwmi7vOE%2Ft4I21SSnHZO28xwuZrPLDga9EwqZqCY3i0ynUxBza3zQHwasZum5%2B0WzhAB%2FEcAsKyxseXPJjQjH4sgetJRcnCfBHieT0HR3XwmmLuR6OA%2B1rxCSa82HL6QxT0wVjm45NsCaucrZpMvvX%2Bb%2FPHTa9NqDmvFSoQO5aQKvLmy2%2Fc7yeUAkE4w%3D%3D%7C65bdcb9db48e5087aa04bd76ebb5a64a13b043b7
Cookie name and value.
Expires
Mon, 26-May-2025 17:09:24 GMT
When the cookie should expire.
Max-Age
2000000 (23 days 3 hours 33 minutes 20 seconds)
Number of seconds until the cookie expires.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
secure
The cookie is only sent when requesting from a https domain.
Samesite
None
Cookie sent with both cross-site and same-site requests..
- Server
nginx/1.27.5
A name for the server.
Server
nginx
Description of the server software.
Version
1.27.5
Version number.
- X-Powered-By
PHP/7.3.33
The software powering this site.
- Via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront), 1.1 varnish
Added by proxies to track a request through proxies and to avoid loops.
Version
1.1
Protocol version.
Host
Host name.
Version
1.1
Protocol version.
Host
Host name.
- X-Amz-Cf-Pop
JFK52-P1
- X-Amz-Cf-Id
bKtGg6SzOvs2IeGpMdxrYIy9KBWsL8lKPUlMQlsKQJXVhFVx2UX0Qw==
- Referrer-Policy
strict-origin-when-cross-origin
Controls what referrer information is sent with requests.
strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.
- Content-Security-Policy
frame-ancestors 'none'
The content security policy allows the server to determine what resources the user is allowed to load.
Frame-Ancestors
Define valid parents for frame, iframe, embed, object, and applet.
- 'none'
- Strict-Transport-Security
max-age=31536000
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Max-Age
31536000 (1 year)
The time a browser should remember a site can only be accessed with https (seconds).
- Fastly-Restarts
1
- Accept-Ranges
bytes
What partial content range types this server supports via byte serving.
bytes - Byte ranges are supported.
- Date
Sat, 03 May 2025 13:36:04 GMT
The date and time that the message was sent.
- X-Served-By
cache-lga21935-LGA
- X-Cache
Error from cloudfront, MISS
Indicates whether a cache was used to server this response.
- X-Cache-Hits
0
- X-Frame-Options
SAMEORIGIN
Clickjacking protection.
SAMEORIGIN - No rendering if origin mismatch.
- X-Xss-Protection
1; mode=block
Cross-site scripting (XSS) filter.
1
Enable XSS filtering.
Mode
Filtering mode.
- block - Block page if XSS is detected.
- X-Content-Type-Options
nosniff
Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
nosniff - Block requests if type 'style' or 'script'.