🗂️

HTTP Header Visualizer

Insert HTTP Response → formatted table with explanations

Status:HTTP/1.1 200 OK
Content-TypeContent
application/json; charset=utf-8

Content type of the response. Indicates which format the answer has.

Cache-ControlCaching
max-age=3600, must-revalidate

Caching directives: max-age (TTL), no-cache, no-store, public, private, must-revalidate.

Content-EncodingContent
gzip

Compression format of the body (gzip, br, deflate, identity).

Strict-Transport-SecuritySicherheit
max-age=31536000; includeSubDomains

HSTS: Enforces HTTPS for max-age seconds. includeSubDomains and preload possible.

X-Content-Type-OptionsSicherheit
nosniff

nosniff: Verhindert MIME-Type-Sniffing im Browser.

X-Frame-OptionsSicherheit
DENY

DENY: No embedding as frame. SAMEORIGIN: Only own domain. Protection against Clickjacking.

Content-Security-PolicySicherheit
default-src 'self'

CSP: Determines allowed sources for scripts, styles, images etc. Protection against XSS.

X-Request-IdInfo
abc123-def456

Unique ID for the request for tracking and debugging purposes.

ServerInfo
nginx/1.25.0

Server software. Security note: Recommended to avoid (Information Disclosure).

DateInfo
Mon, 01 Jan 2024 12:00:00 GMT

Response timestamp in HTTP date format.