HTTP Headers Viewer

An HTTP headers viewer displays all request headers automatically sent by your browser, including User-Agent, Accept-Language, and Client Hints used in browser fingerprinting.

Every HTTP request your browser makes includes a set of headers that identify your browser, operating system, language preferences, and capabilities. This tool captures those headers server-side and displays them so you can see exactly what every website you visit receives about your browser. Client Hints in particular can reveal your device model, browser version, and platform in fine detail.

Frequently Asked Questions

What are HTTP headers?

HTTP headers are metadata sent automatically by your browser with every web request. They include your User-Agent (browser and OS identification), Accept-Language (your language preferences), and various Client Hints that can be used to fingerprint your browser.

What is browser fingerprinting?

Browser fingerprinting is a tracking technique that identifies you by the unique combination of your browser settings, installed fonts, screen resolution, timezone, User-Agent, and HTTP headers. Even without cookies, a fingerprint can be highly unique.

Can websites see my User-Agent?

Yes. Every browser sends a User-Agent header with every request that reveals your browser name, version, and operating system. Websites use this for analytics, compatibility checks, and sometimes to block certain clients.

How can I reduce my HTTP header exposure?

Using a privacy-focused browser like Firefox or Brave reduces Client Hint exposure. The Tor Browser standardizes headers to make all users look the same. VPNs do not affect HTTP headers since they operate at the network layer, not the application layer.

All tools

HTTP Headers Viewer

What your browser tells every website about you

These headers are sent automatically with every web request your browser makes. No website has to ask for them. They just arrive.

Loading...

These are the headers your browser sent to our server to load this page. The actual list varies by browser and browser version. Chrome, Firefox, and Safari send noticeably different sets.

Why do HTTP headers matter for privacy?

HTTP headers are the metadata that travels with every request your browser makes. You never see them but they're always there. Between your User-Agent, Accept-Language, and the newer Client Hints headers (sec-ch-ua, sec-ch-ua-platform), a site can fingerprint your browser with high accuracy even without cookies.

The User-Agent alone reveals your browser name, version, and operating system. Add Accept-Language and you narrow down someone's geography even further. These headers contribute to browser fingerprinting alongside Canvas, WebGL, and timezone data.

Unlike cookies, there's no way to block HTTP headers without breaking the web. Browsers have started moving toward Client Hints as a more privacy-friendly alternative, but the transition is slow.

The headers explained

user-agent

Identifies your browser and OS. Websites use this for analytics and sometimes to serve different content.

accept-language

Your preferred language(s). Sites use this to decide which language to show you.

accept-encoding

Compression methods your browser understands (gzip, br, etc.).

accept

Content types your browser can handle (HTML, images, JSON...).

dnt

Do Not Track preference. Most websites ignore it.

sec-ch-ua

Client Hints: your browser brand and version. More precise than User-Agent.

sec-ch-ua-mobile

Whether you're on a mobile device.

sec-ch-ua-platform

Your operating system.

sec-fetch-dest

What kind of resource is being requested.

sec-fetch-mode

How the request was initiated.

sec-fetch-site

Relationship between requester and requested resource.

connection

Whether to keep the TCP connection alive after the request.

cache-control

Caching directives from the browser.

upgrade-insecure-requests

Browser preference for HTTPS over HTTP.

referer

The page you were on before navigating here.

origin

The origin making the request (for CORS).

Common questions

Does enabling Do Not Track actually do anything?

Mostly no. DNT was a voluntary standard and the advertising industry never adopted it. Most sites ignore the header entirely. It's not enforced by any law or browser mechanism. Turning it on is more of a statement than a shield.

What are sec-ch-ua headers?

Client Hints. Google introduced these as a more controlled replacement for the User-Agent string. They let browsers share specific details (browser, version, platform) without exposing everything in one messy string. Chrome sends them by default.

Can I see headers from a specific website I visited?

Not from here. This tool shows what your browser sends, not what servers send back. To inspect response headers from any site, open DevTools (F12) and check the Network tab. Click any request and look at the Headers section.