HTTP Headers Guide

Request Headers

HeaderPurposeExample
AcceptContent types client acceptstext/html, application/json
AuthorizationAuth credentialsBearer {token}
Content-TypeBody formatapplication/json; charset=utf-8
User-AgentClient software infoMozilla/5.0 ...
CookieSession cookiessession=abc123
RefererOrigin page URLhttps://example.com/page
Cache-ControlCaching directivesno-cache, max-age=3600
Accept-LanguagePreferred languageen-US,en;q=0.9

Response Headers

HeaderPurposeExample
Content-TypeResponse body formatapplication/json
Set-CookieSets browser cookieid=a3; HttpOnly; Secure
LocationRedirect URL (3xx)https://example.com/new
Cache-ControlCaching policypublic, max-age=86400
ETagResource version tag"33a64df5"
X-Frame-OptionsClickjacking protectionDENY or SAMEORIGIN
CORS (Access-Control-Allow-Origin)Cross-origin access* or https://allowed.com
Strict-Transport-SecurityForce HTTPS (HSTS)max-age=31536000; includeSubDomains
Content-Security-PolicyAllowed resource sourcesdefault-src 'self'

संबंधित टूल

🌍 IP Address Lookup Look up IP address geolocation 🔍 DNS Lookup Query A/AAAA/MX/TXT DNS records 🌐 WHOIS Lookup Query domain registration info 🔒 DNS Leak Test Test VPN for DNS request leaks 🔐 TLS/JA3 Fingerprint Detect browser TLS/JA3 fingerprint 📡 WebRTC Leak Test Test WebRTC real IP address leaks 🔍 Browser Fingerprint Detect browser canvas/WebGL prints 🌐 IP/HTTP Header Leak Test Test IPv6 and HTTP proxy header leaks 📍 Geolocation Leak Test Test browser location API leaks 🔎 Domain Recon Full DNS/mail/CDN/security recon 🏷️ Domain Availability Bulk check domain availability 📋 HTTP Status Codes HTTP status code quick reference