Everyday Tools Hub
Everyday Tools HubUtility directory
Everyday Tools HubPractical tools, clear answers

Free network diagnostics

HTTP Headers Viewer

See the HTTP headers your browser actually sends. The page fetches a real headers reflection from httpbin.org, pairs it with Cloudflare edge metadata for a separate connection, and shows the navigator-API view of your browser — all in one place.

Result

Loading headers…

Fetching a headers reflection from httpbin.org and connection metadata from Cloudflare's edge.

Headers your browser sent

Reflected from a real fetch request to httpbin.org. These are the headers your browser actually transmits to a generic HTTPS endpoint — grouped by category.

No headers were returned.

Connection metadata

Transport-layer details Cloudflare's edge reports for a separate connection from your browser.

HTTP version
TLS
Datacenter
Country (CF)
WARP
Gateway

Browser-reported

Read directly from your browser's navigator API. Nothing in this card was sent over the network — it's purely local.

User agent
Browser brand
Languages
Locale
Timezone
Protocol
http:
In iframe
Referrer (this page)
(none)

What this shows (and doesn't)

This page shows the headers your browser sent on a single fetch request to httpbin.org and the Cloudflare edge metadata for a separate request to 1.1.1.1. These are real headers from a real request — but they are not the headers your browser sent on the page-load request that brought you here, because this site is statically exported and has no server runtime that could read those.

It also does not show: cookies for any site (cross-origin fetches don't carry them), headers stripped by intermediate proxies (we never see what was removed), or headers that only appear on user-activated top-level navigations like Sec-Fetch-User: ?1.

How this page works

This page makes two HTTPS requests on load: one to httpbin.org for the headers reflection (with echo.zuplo.io as a fallback) and one to 1.1.1.1 for the Cloudflare edge metadata. Each of those services sees your IP and headers for the duration of its request.

Everyday Tools Hub does not log, store, or transmit any of the information shown on this page. The Browser-reported card is read directly from your own browser via the navigator API and never leaves your device.

How to use this http headers viewer

See the HTTP headers your browser actually sends, plus connection metadata and a browser-reported readout, all in one place.

Read the headers tableHeaders are grouped by category — browser identity, language preferences, content negotiation, fetch metadata, privacy signals, and any forwarded / proxy chain that reached the reflector.
Compare against the browser-reported cardIf the User-Agent the reflector saw differs from what your browser exposes locally, an extension or proxy is rewriting your headers in flight.
Read the honesty cardWe're explicit about what this page can and cannot show. The headers shown are from a separate fetch — not your page-load request — because static export has no server runtime to read those.

Frequently asked questions

These cover the most common questions about HTTP request headers, what reflectors are, and why a static page can show them but can't show its own server's view.

FAQ

What does this page actually show?

Three things in parallel: (1) the headers your browser sent on a real fetch request to httpbin.org — that includes the user agent, accept-language, all the modern Sec-* client hints, and any X-Forwarded-* chain added by intermediate proxies; (2) Cloudflare edge metadata for a separate connection to 1.1.1.1, which adds TLS version, HTTP version, and the Cloudflare data center; and (3) what your browser exposes locally via the navigator API. Together they give you a fuller picture than any one source alone.

FAQ

Are these the headers my browser sent to this page?

No — and we want to be honest about that. This site is statically exported, which means there is no server runtime that could read the headers from your page-load request. The headers shown are from a separate cross-origin fetch the widget made to httpbin.org after the page loaded. They are a representative sample of what your browser would transmit to any HTTPS endpoint, but they are not the literal headers from your page-load request.

FAQ

Why don't I see Sec-Fetch-User or my cookies?

Sec-Fetch-User: ?1 is only sent on user-activated top-level navigations, never on programmatic fetch() calls — so even though your browser sent it when you loaded the page, the cross-origin fetch we make to httpbin doesn't carry it. Cookies for any site other than httpbin.org are also not sent on a cross-origin fetch — that's a basic browser security restriction that protects you from exactly this kind of cross-site read.

FAQ

What are all the Sec-Ch-Ua headers?

These are User-Agent Client Hints — a Chromium initiative that splits the legacy User-Agent string into structured pieces. Sec-Ch-Ua tells the server your browser brand and major version, Sec-Ch-Ua-Mobile says whether you're on a phone, Sec-Ch-Ua-Platform names your operating system. Modern Chromium-based browsers (Chrome, Edge, Opera, Brave) send a stripped User-Agent and let servers ask for more detail via these headers. Firefox and Safari currently ignore the proposal.

FAQ

Why are some headers different between the table and what I expected?

Browser extensions, content blockers, and corporate proxies all rewrite or strip request headers in ways the browser itself can't see. If a header looks unfamiliar — or if a header you expected is missing — the most common cause is an extension or proxy in between you and the public internet. Comparing the headers httpbin saw against what your browser exposes via navigator (in the Browser-reported card below) is one way to spot rewriting in flight.

FAQ

Is anything I see here stored or sent anywhere?

No. The page makes two HTTPS requests on load — one to httpbin.org for the header reflection (with echo.zuplo.io as a fallback) and one to 1.1.1.1 for the Cloudflare edge metadata. Both services see your IP and headers for those requests. Everyday Tools Hub does not log, store, or transmit anything about your visit.

Related tools

Explore other utilities in the Everyday Tools Hub library.

Live tool

Browser Fingerprint Test

See which browser characteristics any website can read about you, with zero network requests after the page loads.

Live tool

What Is My IP

See your public IP, approximate location, ISP, and a full browser/device readout in one place.

Live tool

DNS Leak Test

Check whether your DNS resolver context looks consistent — public IP, country, and DoH reachability across multiple providers.

Everyday Tools Hub

Free online tools for quick calculations and everyday tasks.

No sign-up required.

Everything runs in your browser.