HTTP Headers

Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.

Summary

Response
200
Total Requests
1
Total Time
1148 ms
  • IP
    149.255.62.79
    View Map

  • Timing

    Wait

    0 ms

    DNS

    253 ms

    TCP

    87 ms

    Request

    0 ms

    First Byte

    720 ms

    Download

    0 ms

    Total

    1148 ms

  • HTTP Headers

    Server

    nginx

    A name for the server.

    nginx - Description of the server software.

    Date

    Sat, 02 May 2026 06:31:06 GMT

    The date and time that the message was sent.

    Content-Type

    text/html; charset=UTF-8

    The MIME type of this content.

    • Type

      text/html

    • Description

      HTML file

    • Charset

      UTF-8

    Connection

    keep-alive

    Control options for the current connection and list of hop-by-hop response fields.

    keep-alive - The client would like to keep the connection open.

    Vary

    Accept-Encoding

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding
    Vary

    Accept-Encoding

    Indicates that different content may be provided to different clients, depending on the vary header.

    • Headers

      • Accept-Encoding

    Problems were detected with this header

    • Duplicate header. There is another header with this name and this may cause problems.
    Expires

    Thu, 19 Nov 1981 08:52:00 GMT

    The time at which the response is considered stale.

    Cache-Control

    no-store, no-cache, must-revalidate

    Inform all caching mechanisms from server to client whether they may cache this object.

    • no-store

      May not be stored by any cache.

    • no-cache

      May be stored by any cache but must be validated by the server.

    • must-revalidate

      Stale caches must not be used.

    Pragma

    no-cache

    HTTP/1.0 backwards compatible cache handling.

    no-cache - Force requests to the origin server before releasing a cache.

    Link

    <https://www.reps-r-us.co.uk/wp-json/>; rel="https://api.w.org/", <https://www.reps-r-us.co.uk/wp-json/wp/v2/pages/4524>; rel="alternate"; title="JSON"; type="application/json", <https://www.reps-r-us.co.uk/?p=4524>; rel=shortlink

    Used to express a typed relationship with another resource.

    Set-Cookie

    PHPSESSID=d17c3e07bb740719d9a1a08126790409; path=/; HttpOnly; Secure; SameSite=Lax

    A cookie sent from the server to be set on the client

    • PHPSESSID

      d17c3e07bb740719d9a1a08126790409

      Cookie name and value.

    • Path

      /

      The client will only send the cookie when requesting this path, or subdirectories, from the server.

    • HttpOnly

      Prevents access to the cookie through JavaScript.

    • Secure

      The cookie is only sent when requesting from a https domain.

    • Samesite

      Lax

      Cookie is not sent on cross-site requests but is when following a link to the origin.

    Strict-Transport-Security

    max-age=15768000; includeSubDomains; preload

    A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

    • Max-Age

      15768000 (182 days 12 hours)

      The time a browser should remember a site can only be accessed with https (seconds).

    • includesubdomains

      max-age applies to subdomains as well.

    • preload

      Use Google's preloading strict transport security.

    X-Frame-Options

    SAMEORIGIN

    Clickjacking protection.

    SAMEORIGIN - No rendering if origin mismatch.

    X-Content-Type-Options

    nosniff

    Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.

    nosniff - Block requests if type 'style' or 'script'.

    Referrer-Policy

    strict-origin-when-cross-origin

    Controls what referrer information is sent with requests.

    strict-origin-when-cross-origin - Send the full referrer for a same origin request. Send the origin only for cross-domain requests where the protocol level is the same. Otherwise do not send the referrer.