HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 853 ms
https://z9n.net/mv4tnv- Status
- 500
- Message
- Internal Server Error
- Time
- 853 ms
- IP
- 172.67.165.20
Timing
Wait
0 ms
DNS
11 ms
TCP
2 ms
Request
0 ms
First Byte
830 ms
Download
1 ms
Total
853 ms
HTTP Headers
- Date
Fri, 26 Dec 2025 22:32:10 GMT
The date and time that the message was sent.
- Content-Type
text/html; charset=UTF-8
The MIME type of this content.
Type
text/html
Description
HTML file
Charset
UTF-8
- Connection
keep-alive
Control options for the current connection and list of hop-by-hop response fields.
keep-alive - The client would like to keep the connection open.
- Server
cloudflare
A name for the server.
cloudflare - Description of the server software.
- X-Powered-By
PHP/8.4.15
The software powering this site.
- X-Xss-Protection
1; mode=block
Cross-site scripting (XSS) filter.
1
Enable XSS filtering.
Mode
Filtering mode.
- block - Block page if XSS is detected.
- X-Content-Type-Options
nosniff
Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
nosniff - Block requests if type 'style' or 'script'.
- Referrer-Policy
no-referrer-when-downgrade
Controls what referrer information is sent with requests.
no-referrer-when-downgrade - Send the full referrer when the protocol security stays the same, or improves.
- Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';
The content security policy allows the server to determine what resources the user is allowed to load.
Default-Src
Fallback for all fetches.
- 'self'
- http:
- https:
- ws:
- wss:
- data:
- blob:
- 'unsafe-inline'
- 'unsafe-eval'
Frame-Ancestors
Define valid parents for frame, iframe, embed, object, and applet.
- 'self'
- Permissions-Policy
interest-cohort=()
Enable and disable browser features.
interest-cohort
Control access to Federated Learning of Cohorts.
- () - Feature is disabled.
- Strict-Transport-Security
max-age=31536000; includeSubDomains
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Max-Age
31536000 (1 year)
The time a browser should remember a site can only be accessed with https (seconds).
includesubdomains
max-age applies to subdomains as well.
- Cf-Cache-Status
DYNAMIC
Encoded information about your request from Cloudflare.
DYNAMIC - This is not cached by default.
- Server-Timing
cfCacheStatus;desc="DYNAMIC"
Server metrics for the request.
Cfcachestatus
DYNAMIC
- Server-Timing
cfEdge;dur=12,cfOrigin;dur=813
Server metrics for the request.
Cfedge
- dur - 12
Cforigin
- dur - 813
Problems were detected with this header
- Duplicate header. There is another header with this name and this may cause problems.
- Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PQ6MnE2o94I%2FJd%2Bjj3ygjNu75qPKRAb8JlQTrLgU8gQQR9A0712DV%2F7xSiEl%2BtYPgvVXtx47J2DO4YFoyafuu58y4Mgt3Xw%3D"}]}
Report to.
Group
cf-nel
Max_age
604800
Endpoints
- {"url":"https://a.nel.cloudflare.com/report/v4?s=PQ6MnE2o94I%2FJd%2Bjj3ygjNu75qPKRAb8JlQTrLgU8gQQR9A0712DV%2F7xSiEl%2BtYPgvVXtx47J2DO4YFoyafuu58y4Mgt3Xw%3D"}
- Nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Configure network request logging.
Report_to
cf-nel
Success_fraction
0Max_age
604800
- Cf-Ray
9b440853c87c4238-EWR
Encoded information about your request from Cloudflare.
- Alt-Svc
h3=":443"; ma=86400
Indicate a resource should be loaded from a different server while still appearing to be loaded from this server.
Service
- h3 - :443
Service
- ma - 86400 (1 day)
Max age for the alternative (seconds).
- ma - 86400 (1 day)