Network Monitor

The Network Monitor shows you all the network requests Firefox makes (for example, when it loads a page, or due to XMLHttpRequests), how long each request takes, and details of each request.

Opening the Network Monitor

There are a few different ways to open the  Network Monitor:

Keyboard shortcut changed in Firefox 55

  • Press  Ctrl + Shift + E ( Command + Option + E on a Mac).
  • Select "Network" from the Web Developer menu, (which is a submenu in the Tools menu on OS X and Linux).
  • Click the wrench icon (), which is in the main toolbar or under the Hamburger menu (), then select "Network".

The Network Monitor will appear at the bottom of the browser window. Reload the page to see the requests:

The Network Monitor records network requests any time the Toolbox is open, even if the Network Monitor itself is not selected. This means you can start debugging a page in, for example, the Web Console, then switch to the Network Monitor to see network activity without having to reload the page.

UI overview

The UI is divided into four main pieces:

Performance analysis view

Toolbar

From Firefox 47 onwards, the toolbar is at the top of the main window. In earlier versions of Firefox, it's at the bottom.

It provides:

Network request list

By default, the Network Monitor shows a list of all the network requests made in the course of loading the page. Each request is displayed in its own row:

By default, the Network Monitor is cleared each time you navigate to a new page or reload the current page. You can override this behavior by checking "Enable persistent logs" in the Settings.

Network request columns

From Firefox 55 onwards, you can toggle different columns by right-clicking on the table header and choosing the specific column from the context menu. A "Reset Columns" option is also available to reset the columns to their initial configuration. Here is a list of all available columns:

  • Status: The HTTP status code returned. This is displayed as a color-coded icon:
    • blue circle for informational (1XX codes). Notably, this includes 101 (switching protocols) for WebSocket upgrades.
    • green circle for success (2XX codes)
    • orange triangle for redirection (3XX)
    • red square for errors (4XX and 5XX)
    • hollow grey circle for responses that were fetched from the browser cache.
    The exact code is displayed immediately after the icon.
  • Method: the HTTP request method used.
  • File: basename of the file requested.
  • Protocol: The network protocol used to transfer the data. This column is hidden by default. This is new in Firefox 55.
  • Scheme: The scheme (https/http/ftp/...) of the path requested. This column is hidden by default. This is new in Firefox 55.
  • Domain: domain of the path requested.
    • If the request used SSL/TLS and the connection had security weaknesses such as weak ciphers, you'll see a warning triangle next to the domain. You will be able to see more details about the problem in the Security tab.
    • Hover over the domain to see the IP address.
    • There's an icon next to the domain that gives you extra information about the security status of that request. See Security icons.
  • Remote IP: The IP address of the server answering the request. This column is hidden by default. This is new in Firefox 55.
  • Cause: The reason that the network request occurred, for example XHR request, <img>, script, script requesting an image, etc. This is new in Firefox 49.
  • Type: Content-type of the response.
  • Cookies: The number of request cookies associated to the request. This column is hidden by default. This is new in Firefox 55.
  • Set-Cookies: The number of response cookies associated to the request. This column is hidden by default. This is new in Firefox 55.
  • Transferred: the number of bytes that were actually transferred to load the resource. This will be less than Size if the resource was compressed. From Firefox 47, if the resource was fetched from a service worker cache, then this cell displays "service worker".
  • Size: the size of the transferred resource.

The toolbar at the top labels these columns, and clicking the label sorts all the requests by that column.

Image thumbnails

If the file is an image, the row includes a thumbnail of the image, and hovering over the filename shows a preview in a tooltip:

Security icons

The Network Monitor displays an icon in the Domain column:

This gives you extra information about the security status of the request:

Icon Meaning
HTTPS
Weak HTTPS (for example, a weak cipher was used)
Failed HTTPS (for example, a certificate was invalid)
HTTP
Localhost

For weak and failed HTTPS requests, you'll see more details of the problem in the Security tab.

Cause column

The Cause column indicates what the cause of the request was. This is usually fairly obvious, and you can generally see the correlation between this and the Type column entry. The most common values are:

  • document: The source HTML document.
  • img: <img> element.
  • imageset: <img> element.
  • script: A JavaScript file.
  • stylesheet: A CSS file.

When a request was triggered by JavaScript, a small JS icon is shown to the left of the entry in the Cause column. Hovering over this displays a popup containing the stack trace for the request, to provide more clues as to why a request happened.

You can then click on any of the entries in the popup to open up the relevant script in the Debugger pane.

Timeline

The request list also displays a timeline for the different parts of each request.

Each timeline is given a horizontal position in its row relative to the other network requests, so you can see the total time taken to load the page. For more details on the color-coding used here, see the section on the Timings page.

Starting in Firefox 45, the timeline also contains two vertical lines:

  • the blue line marks the point at which the page's DOMContentLoaded event is triggered
  • the red line marks the point at which the page's load event is triggered

Filtering requests

You can filter requests by content type, by whether they are XMLHttpRequests or WebSocket requests, by URL, or by request properties.

Filtering by content type

To filter by content type, use the buttons in the toolbar.

Filtering XHR

To see only XHR requests, use the "XHR" button in the toolbar.

Filtering WebSockets

New in Firefox 48

To see only WebSocket connections, use the "WS" button in the toolbar.

To monitor the data exchanged in WebSocket connections, try the WebSocket Monitor add-on.

Filtering by URL

To filter by URL, use the search box in the toolbar. Click in the search box, or press Ctrl + F (or Cmd + F on a Mac), and start typing. The list of network requests will be filtered to include only requests that contain your filter string, in either the Domain or the File portions.

From Firefox 45,  you can filter requests that don't contain your filter string by prefixing your query with the "-" operator. For example, the query "-google.com" will show all requests that don't have "google.com" in their URL.

Filtering by properties

New in Firefox 55

To filter by specific request properties, use the search box in the toolbar. The search box recognizes specific keywords, which can be used to filter the requests by specific request properties. Those keywords are followed by a colon and a related filter value. The filter values are matched case insensitive. Prepending a minus (-) negates the filter. You can combine different filters together by seperating them with a space.

Keyword Meaning Examples
status-code Shows resources that have the specific HTTP status code. status-code:304
method Shows resources that have were requested via the specific HTTP request method. method:post
domain Shows resources coming from a specifc domain. domain:mozilla.org
remote-ip Shows resources coming from a server with the specified IP. remote-ip:63.245.215.53
remote-ip:[2400:cb00:2048:1::6810:2802]
cause Shows resources matching a specific cause type. The types can be found in the description of the cause column. cause:js
cause:stylesheet
cause:img
transferred Shows resources having a specific transferred size or a transferred size close to the one specified.  k can be used as suffix for kilobytes and m for megabytes, e.g. the value 1k is equivalent to 1024. transferred:1k
size Shows resources having a specific size (after decompression) or a size close to the one specified. k can be used as suffix for kilobytes and m for megabytes, e.g. the value 1k is equivalent to 1024. size:2m
larger-than Shows resources that are larger than the specified size in bytes. k can be used as suffix for kilobytes and m for megabytes, e.g. the value 1k is equivalent to 1024. larger-than:2000
-larger-than:4k
mime-type Shows resources that match the specified MIME type. mime-type:text/html
mime-type:image/png
mime-type:application/javascript
is is:cached and is:from-cache shows only resources coming from cache.
is:running shows only resources, which are currently being transferred.
is:cached
-is:running
scheme Shows resources transferred via the given scheme. scheme:http
has-response-header Shows resources that contain the specified HTTP response header. has-response-header:cache-control
has-response-header:X-Firefox-Spdy
set-cookie-domain Show the resources that have a Set-Cookie header with a Domain attribute that matches the specified value. set-cookie-domain:.mozilla.org
set-cookie-name Show the resources that have a Set-Cookie header with a name that matches the specified value. set-cookie-name:_ga
set-cookie-value Show the resources that have a Set-Cookie header with a value that matches the specified value. set-cookie-value:true
regexp Show the resources having a URL that matches the given regular expression. regexp:\d{5}
regexp:mdn|mozilla

Context menu

Context-clicking on a row in the list displays a context menu with the following options:

  • Copy URL
  • Copy URL Parameters (new in Firefox 40)
  • Copy POST Data (new in Firefox 40, only for POST requests)
  • Copy as cURL
  • Copy Request Headers (new in Firefox 40)
  • Copy Response Headers (new in Firefox 40)
  • Copy Response (new in Firefox 40)
  • Copy Image as Data URI (only for images)
  • Copy All As HAR (new in Firefox 41)
  • Save All As HAR (new in Firefox 41)
  • Save Image As (new in Firefox 55, only for images)
  • Edit and Resend
  • Open in New Tab
  • Start Performance Analysis for the page

Edit and Resend

This option opens an editor enabling you to edit the request's method, URL, parameters, and headers, and resend the request.

Copy as cURL

This option copies the network request to the clipboard as a cURL command, so you can execute it from a command line. The command may include the following options:

-X [METHOD] If the method is not GET or POST
--data For URL encoded request parameters
--data-binary For multipart request parameters
--http/VERSION If the HTTP version is not 1.1
-I If the method is HEAD
-H

One for each request header.

From Firefox 34, if the "Accept-Encoding" header is present, the cURL command will include --compressed instead of -H "Accept-Encoding: gzip, deflate". This means that the response will be automatically decompressed.

Copy/Save All As HAR

New in Firefox 41.

These options create an HTTP Archive (HAR) for all requests listed. The HAR format enables you to export detailed information about network requests. 'Copy All As HAR' copies the data to the clipboard, 'Save All As HAR' opens a dialog allowing you to save the archive to disk.

Network request details

Clicking on a row displays a new pane in the right-hand side of the network monitor, which provides more detailed information about the request.

The tabs at the top of this pane enable you to switch between the following pages:

  • Headers
  • Cookies
  • Params
  • Response
  • Timings
  • Security (only for secure pages)
  • Preview (only if the content type is HTML) (Removed in Firefox 55)

Clicking the icon at the right-hand end of the toolbar closes the details pane and returns you to the list view.

Headers

This tab lists basic information about the request:

This includes:

  • request URL
  • request method
  • remote IP address and port (new in Firefox 39)
  • status code with link to MDN doc (if available)
  • the HTTP request and response headers that were sent
  • a button to edit and resend the request

You can filter the headers that are displayed:

New in Firefox 54

Besides each header is a [Learn More] link referring to the documentation of the HTTP headers.

Cookies

This tab lists full details of any cookies sent with the request or response:

As with headers, you can filter the list of cookies displayed.

Params

This tab displays the GET parameters and POST data of a request:

Response

The complete content of the response. If the response is HTML, JS, or CSS, it will be shown as text:

If the response is JSON, it will be shown as an inspectable object.

If the response is an image, the tab displays a preview:

Timings

The Timings tab breaks a network request down into the following subset of the stages defined in the HTTP Archive specification:

Name Description
Blocked

Time spent in a queue waiting for a network connection.

The browser imposes a limit on the number of simultaneous connections that can be made to a single server. In Firefox this defaults to 6, but can be changed using the network.http.max-persistent-connections-per-server preference. If all connections are in use, the browser can't download more resources until a connection is released.

DNS resolution Time taken to resolve a host name.
Connecting Time taken to create a TCP connection.
Sending Time taken to send the HTTP request to the server.
Waiting Waiting for a response from the server.
Receiving Time taken to read the entire response from the server (or cache).

It presents a more detailed, annotated, view of the timeline bar for that request showing how the total wait time is split into the various stages:

Security

If the site is being served over HTTPS, you get an extra tab labeled "Security". This contains details about the secure connection used including the protocol, the cipher suite, and certificate details:

The Security tab shows a warning for security weaknesses. Currently it warns you about two weaknesses:

  1. Using SSLv3 instead of TLS
  2. Using the RC4 cipher

Preview

Removed in Firefox 55.

If the file type is HTML another tab appears labeled "Preview". This renders just that HTML:

Performance analysis

The Network Monitor includes a performance analysis tool, to help show you how long the browser takes to download the different parts of your site.

To run the performance analysis tool click the stopwatch icon in the toolbar.

(Alternatively, if you have only just opened the Network Monitor, so it's not yet populated with the list of requests, you'll get a stopwatch icon in the main window.)

The Network Monitor then loads the site twice: once with an empty browser cache, and once with a primed browser cache. This simulates the first time a user visits your site, and subsequent visits. It displays the results for each run side by side, or vertically if the browser window is narrow:

The results for each run are summarised in a table and a pie chart. The tables group resources by type, and show the total size of each resource and the total time it took to load them. The accompanying pie chart shows the relative size of each resource type.

To get back to the Network Monitor's list of network requests click the "Back" button on the left.

Clicking on a slice of the pie takes you to the Network Monitor for that run, with a filter automatically applied to see only that resource type.

Document Tags and Contributors

 Last updated by: mikedeboer,