HTTP Headers Viewer
View all HTTP headers sent with your request. Debug CORS, caching, authentication, and security headers instantly.
Request Method
GET
Headers Count
40
Client Info 4
- quant-client-ip
- Your IP address (Quant header)
- 216.73.216.135
- true-client-ip
- 216.73.216.135
- user-agent
- Your browser/client identification
- Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
- x-forwarded-for
- Client IP when behind a proxy
- 216.73.216.135, 140.248.79.83, 157.52.97.72
Request 2
- accept
- Content types the client can handle
- */*
- host
- The domain name of the server
- www.quantcdn.io
Other 34
- cdn-loop
- Fastly, Fastly, Fastly
- client-continent
- NA
- client-geo-country
- US
- client-geo-proxy-description
- ?
- client-geo-proxy-type
- ?
- fastly-cachetype
- HIT
- fastly-client
- 1
- fastly-client-ip
- 216.73.216.135
- fastly-ff
- 9XXzZqCNypj/OH6Jq5SBjvbWoklzqrwBMpuVO9u7jGk=!CMH!cache-cmh1290025-CMH, 9XXzZqCNypj/OH6Jq5SBjvbWoklzqrwBMpuVO9u7jGk=!CMH!cache-cmh1290083-CMH, 9XXzZqCNypj/OH6Jq5SBjvbWoklzqrwBMpuVO9u7jGk=!SYD!cache-syd10172-SYD
- fastly-force-shield
- 1
- fastly-orig-host
- www.quantcdn.io
- fastly-ssl
- 1
- fastly-tmp-obj-grace
- 300.000
- fastly-tmp-obj-ttl
- 2579099.386
- quant-orig-encoding
- gzip
- quant-orig-host
- www.quantcdn.io
- real-client-ip
- 216.73.216.135
- section-io-geo-country-code
- US
- x-amzn-trace-id
- Root=1-6984c065-06fbb5e86ea17c084743b40d
- x-forwarded-host
- www.quantcdn.io, www.quantcdn.io
- x-forwarded-port
- 443
- x-forwarded-proto
- https
- x-forwarded-server
- cache-cmh1290025-CMH, cache-syd10172-SYD
- x-original-method
- GET
- x-original-url
- /tools/http-headers-viewer
- x-quant-enable-h3
- 1
- x-quant-image-optimize
- 1
- x-quant-imageoptimize
- true
- x-quant-meta-ttl
- 2579099.386
- x-quant-origin-protection
- TWZssX313JGElFpgGZiFMwuW
- x-quant-shield-pop
- au
- x-skip-rate-limit
- false
- x-timer
- S1770307686.741328,VS0,VS0,VS0,VS0
- x-varnish
- 1479524945, 2044110375, 1289149960
About HTTP Headers
HTTP headers carry metadata about the request and client. This tool shows exactly what the server receives when you make a request. Useful for debugging CORS issues, checking what information your browser sends, or verifying proxy configurations. Sensitive values (cookies, auth) are partially masked.
What are HTTP headers?
HTTP headers are metadata sent with every HTTP request and response. They carry information about the request, the client, caching preferences, security policies, and more. Headers are key-value pairs that look like:
Content-Type: application/json
Authorization: Bearer abc123
Cache-Control: max-age=3600Common request headers
Host - The domain being requested:
Host: www.example.comUser-Agent - Identifies the browser/client:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0Accept - Content types the client can handle:
Accept: text/html,application/jsonAccept-Language - Preferred languages:
Accept-Language: en-AU,en;q=0.9Accept-Encoding - Supported compression:
Accept-Encoding: gzip, deflate, brSecurity headers
Origin - Where the request originated (for CORS):
Origin: https://app.example.comSec-Fetch-* - Request context for security decisions:
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-originAuthorization - Authentication credentials:
Authorization: Bearer eyJhbGciOiJIUzI1...
Authorization: Basic dXNlcjpwYXNzCaching headers
Cache-Control - Caching directives:
Cache-Control: no-cache
Cache-Control: max-age=3600If-Modified-Since - Conditional request (304 Not Modified):
If-Modified-Since: Wed, 21 Oct 2024 07:28:00 GMTIf-None-Match - Conditional request using ETag:
If-None-Match: "abc123"Client hints
Modern browsers send Client Hints for adaptive content:
Sec-CH-UA: "Chrome";v="120"
Sec-CH-UA-Mobile: ?0
Sec-CH-UA-Platform: "Windows"These help servers deliver optimised content without parsing the User-Agent string.
Debugging with headers
CORS issues - Check Origin header matches server expectations.
Authentication failures - Verify Authorization header is present and formatted correctly.
Caching problems - Look for Cache-Control, If-Modified-Since, If-None-Match.
Mobile detection - Check Sec-CH-UA-Mobile or parse User-Agent.
Headers through proxies
When requests pass through proxies, load balancers, or CDNs, additional headers track the original client:
X-Forwarded-For - Client IP through proxies:
X-Forwarded-For: 203.0.113.50, 70.41.3.18X-Real-IP - Single original client IP:
X-Real-IP: 203.0.113.50X-Forwarded-Proto - Original protocol:
X-Forwarded-Proto: httpsHow this tool works
This tool displays all HTTP headers your browser sends when loading this page. Headers are categorised by type for easy navigation. Sensitive values (cookies, auth tokens) are partially masked. You can copy all headers as text or JSON. Powered by a QuantCDN Edge Function running at the edge nearest to you.