Status:
HTTP/1.1 200 OKContent-TypeContentapplication/json; charset=utf-8Content type of the response. Indicates which format the answer has.
Cache-ControlCachingmax-age=3600, must-revalidateCaching directives: max-age (TTL), no-cache, no-store, public, private, must-revalidate.
Content-EncodingContentgzipCompression format of the body (gzip, br, deflate, identity).
Strict-Transport-SecuritySicherheitmax-age=31536000; includeSubDomainsHSTS: Enforces HTTPS for max-age seconds. includeSubDomains and preload possible.
X-Content-Type-OptionsSicherheitnosniffnosniff: Verhindert MIME-Type-Sniffing im Browser.
X-Frame-OptionsSicherheitDENYDENY: No embedding as frame. SAMEORIGIN: Only own domain. Protection against Clickjacking.
Content-Security-PolicySicherheitdefault-src 'self'CSP: Determines allowed sources for scripts, styles, images etc. Protection against XSS.
X-Request-IdInfoabc123-def456Unique ID for the request for tracking and debugging purposes.
ServerInfonginx/1.25.0Server software. Security note: Recommended to avoid (Information Disclosure).
DateInfoMon, 01 Jan 2024 12:00:00 GMTResponse timestamp in HTTP date format.