HTTP Headers
Show the HTTP headers for a URL, with a full break-down of details. Will follow redirects.
Summary
- Response
- Total Requests
- 1
- Total Time
- 381 ms
https://vimeo.com/709643006
- Status
- 200
- Message
- OK
- Time
- 381 ms
- IP
- 162.159.138.60
Timing
Wait
1 ms
DNS
1 ms
TCP
2 ms
Request
0 ms
First Byte
375 ms
Download
0 ms
Total
381 ms
HTTP Headers
- Date
Fri, 03 May 2024 11:15:59 GMT
The date and time that the message was sent.
- Content-Type
text/html; charset=UTF-8
The MIME type of this content.
Type
text/html
Description
HTML file
Charset
UTF-8
- Connection
close
Control options for the current connection and list of hop-by-hop response fields.
close - The client or server would like to close the connection.
- Expires
Thu, 02 May 2024 23:15:59 GMT
The time at which the response is considered stale.
- Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Inform all caching mechanisms from server to client whether they may cache this object.
no-store
May not be stored by any cache.
no-cache
May be stored by any cache but must be validated by the server.
must-revalidate
Stale caches must not be used.
post-check
0
Problems were found.
- Option is not one of known values.
pre-check
0
Problems were found.
- Option is not one of known values.
- X-Vimeo-Device
d
- Set-Cookie
vuid=1539078714.2144497015; expires=Mon, 01-May-2034 11:15:59 GMT; Max-Age=315360000; path=/; domain=.vimeo.com; secure; SameSite=None
A cookie sent from the server to be set on the client
vuid
1539078714.2144497015
Cookie name and value.
Expires
Mon, 01-May-2034 11:15:59 GMT
When the cookie should expire.
Max-Age
315360000 (10 years)
Number of seconds until the cookie expires.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Domain
.vimeo.com
The client will only send the cookie when requesting from this domain.
secure
The cookie is only sent when requesting from a https domain.
Samesite
None
Cookie sent with both cross-site and same-site requests..
- X-Ua-Compatible
IE=edge
Recommends the preferred rendering engine (often a backward-compatibility mode) to use to display the content.
IE=edge - Use highest level rendering.
- X-Xss-Protection
1; mode=block
Cross-site scripting (XSS) filter.
1
Enable XSS filtering.
Mode
Filtering mode.
- block - Block page if XSS is detected.
- X-Content-Type-Options
nosniff
Prevents Internet Explorer from MIME-sniffing a response away from the declared content-type.
nosniff - Block requests if type 'style' or 'script'.
- X-Frame-Options
sameorigin
Clickjacking protection.
sameorigin - No rendering if origin mismatch.
- Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.
Max-Age
31536000 (1 year)
The time a browser should remember a site can only be accessed with https (seconds).
includesubdomains
max-age applies to subdomains as well.
preload
Use Google's preloading strict transport security.
- Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
The content security policy, reporting only.
Default-Src
Fallback for all fetches.
- https:
- data:
- blob:
- wss:
- 'unsafe-inline'
- 'unsafe-eval'
Report-URI
/_csp
URI for violation reports.
- X-Bapp-Server
pweb-7d6768bc78-9dpb4
- X-Backend-Proxy
webproxy12
- Accept-Ranges
bytes
What partial content range types this server supports via byte serving.
bytes - Byte ranges are supported.
- Via
1.1 varnish, 1.1 varnish
Added by proxies to track a request through proxies and to avoid loops.
Version
1.1
Protocol version.
Host
Host name.
Version
1.1
Protocol version.
Host
Host name.
- X-Served-By
cache-iad-kiad7000036-IAD, cache-lga21981-LGA
- X-Cache
MISS, MISS
Indicates whether a cache was used to server this response.
- X-Cache-Hits
0, 0
- X-Timer
S1714734959.124728,VS0,VE359
- Vary
User-Agent, Accept-Encoding,x-http-method-override
Indicates that different content may be provided to different clients, depending on the vary header.
Headers
- User-Agent
- Accept-Encoding
- x-http-method-override
- Cf-Cache-Status
DYNAMIC
Encoded information about your request from Cloudflare.
DYNAMIC - This is not cached by default.
- Set-Cookie
_abexps=%7B%223316%22%3A%22control%22%7D; expires=Sat, 03-May-2025 11:15:59 GMT; Max-Age=31536000; path=/; domain=vimeo.com; SameSite=Lax
A cookie sent from the server to be set on the client
_abexps
%7B%223316%22%3A%22control%22%7D
Cookie name and value.
Expires
Sat, 03-May-2025 11:15:59 GMT
When the cookie should expire.
Max-Age
31536000 (1 year)
Number of seconds until the cookie expires.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Domain
vimeo.com
The client will only send the cookie when requesting from this domain.
Samesite
Lax
Cookie is not sent on cross-site requests but is when following a link to the origin.
- Set-Cookie
__cf_bm=S._az2x3Y96QMB_VFvhVdlf30WErdCWDjI7guG6LoGg-1714734959-1.0.1.1-cfaoKyFnRq7bL_3MIQrxveEp79EI_0ZmoYuw3rc0VMtz1vNSKvFzgHidmzp6fBbfA40wwS_pYQWAs_uXK.oX7A; path=/; expires=Fri, 03-May-24 11:45:59 GMT; domain=.vimeo.com; HttpOnly; Secure
A cookie sent from the server to be set on the client
__cf_bm
S._az2x3Y96QMB_VFvhVdlf30WErdCWDjI7guG6LoGg-1714734959-1.0.1.1-cfaoKyFnRq7bL_3MIQrxveEp79EI_0ZmoYuw3rc0VMtz1vNSKvFzgHidmzp6fBbfA40wwS_pYQWAs_uXK.oX7A
Cookie name and value.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Expires
Fri, 03-May-24 11:45:59 GMT
When the cookie should expire.
Domain
.vimeo.com
The client will only send the cookie when requesting from this domain.
HttpOnly
Prevents access to the cookie through JavaScript.
Secure
The cookie is only sent when requesting from a https domain.
- Set-Cookie
_cfuvid=wzcauMA9bsNVa2zRjwuAoYdGNp6J7QpQ_pECRHDws.0-1714734959486-0.0.1.1-604800000; path=/; domain=.vimeo.com; HttpOnly
A cookie sent from the server to be set on the client
_cfuvid
wzcauMA9bsNVa2zRjwuAoYdGNp6J7QpQ_pECRHDws.0-1714734959486-0.0.1.1-604800000
Cookie name and value.
Path
/
The client will only send the cookie when requesting this path, or subdirectories, from the server.
Domain
.vimeo.com
The client will only send the cookie when requesting from this domain.
HttpOnly
Prevents access to the cookie through JavaScript.
- Server
cloudflare
A name for the server.
cloudflare - Description of the server software.
- Cf-Ray
87dfd6167d140c78-EWR
Encoded information about your request from Cloudflare.