The Network Monitor shows you all the network requests Firefox makes (for example, when it loads a page, or due to XMLHttpRequests), how long each request takes, and details of each request.

Opening the Network Monitor

There are a few different ways to open the  Network Monitor:

  • Press  CtrlShift + Q ( CommandOption + Q on a Mac).
  • Select "Network" from the Web Developer menu, (which is a submenu in the Tools menu on OS X and Linux).
  • Click the wrench icon (), which is in the main toolbar or under the Hamburger menu (), then select "Network".

The Network Monitor will appear at the bottom of the browser window. Reload the page to see the requests:

The Network Monitor records network requests any time the Toolbox is open, even if the Network Monitor itself is not selected. This means you can start debugging a page in, for example, the Web Console, then switch to the Network Monitor to see network activity without having to reload the page.

UI overview

The UI is divided into four main pieces:


From Firefox 47 onwards, the toolbar is at the top of the main window. In earlier versions of Firefox, it's at the bottom.

It provides:

Network request list

By default, the Network Monitor shows a list of all the network requests made in the course of loading the page. Each request is displayed in its own row:

By default, the Network Monitor is cleared each time you navigate to a new page or reload the current page. You can override this behavior by checking "Enable persistent logs" in the Settings.

Network request fields

Each row displays:

  • Status: the HTTP status code returned. This is displayed as a color-coded icon:
    • blue circle for informational (1XX codes). Notably, this includes 101 (switching protocols) for WebSocket upgrades.
    • green circle for success (2XX codes)
    • orange triangle for redirection (3XX)
    • red square for errors (4XX and 5XX)
    • hollow grey circle for responses that were fetched from the browser cache.
    The exact code is displayed immediately after the icon.
  • Method: the HTTP request method used.
  • File: basename of the file requested.
  • Domain: domain of the path requested.
    • If the request used SSL/TLS and the connection had security weaknesses such as weak ciphers, you'll see a warning triangle next to the domain. You will be able to see more details about the problem in the Security tab.
    • Hover over the domain to see the IP address.
    • There's an icon next to the domain that gives you extra information about the security status of that request. See Security icons.
  • Cause: The reason that the network request occurred, for example XHR request, <img>, script, script requesting an image, etc. This is new in Firefox 49.
  • Type: Content-type of the response.
  • Transferred: the number of bytes that were actually transferred to load the resource. This will be less than Size if the resource was compressed. From Firefox 47, if the resource was fetched from a service worker cache, then this cell displays "service worker".
  • Size: the size of the resource, after any decompression.

The toolbar at the top labels these columns, and clicking the label sorts all the requests by that column.

Image thumbnails

If the file is an image, the row includes a thumbnail of the image, and hovering over the filename shows a preview in a tooltip:

Security icons

The Network Monitor displays an icon in the Domain column:

This gives you extra information about the security status of the request:

Icon Meaning
Weak HTTPS (for example, a weak cipher was used)
Failed HTTPS (for example, a certificate was invalid)

For weak and failed HTTPS requests, you'll see more details of the problem in the Security tab.

Cause column

The Cause column indicates what the cause of the request was. This is usually fairly obvious, and you can generally see the correlation between this and the Type column entry. The most common values are:

  • document: The source HTML document.
  • img: <img> element.
  • imageset: <img> element.
  • script: A JavaScript file.
  • stylesheet: A CSS file.

When a request was triggered by JavaScript, a small JS icon is shown to the left of the entry in the Cause column. Hovering over this displays a popup containing the stack trace for the request, to provide more clues as to why a request happened.

You can then click on any of the entries in the popup to open up the relevant script in the Debugger pane.


The request list also displays a timeline for the different parts of each request.

Each timeline is given a horizontal position in its row relative to the other network requests, so you can see the total time taken to load the page. For more details on the color-coding used here, see the section on the Timings page.

Starting in Firefox 45, the timeline also contains two vertical lines:

  • the blue line marks the point at which the page's DOMContentLoaded event is triggered
  • the red line marks the point at which the page's load event is triggered

Filtering requests

You can filter requests by content type or by URL.

Filtering by content type

To filter by content type, use the buttons in the toolbar.

Filtering XHR

To see only XHR requests, use the "XHR" button in the toolbar.

Filtering WebSockets

New in Firefox 48

To see only WebSocket connections, use the "WS" button in the toolbar.

To monitor the data exchanged in WebSocket connections, try the WebSocket Monitor add-on.

Filtering by URL

To filter by URL, use the search box in the toolbar. Click in the search box, or press Ctrl or Cmd + F, and start typing. The list of network requests will be filtered to include only requests that contain your filter string, in either the Domain or the File portions.

From Firefox 45,  you can filter requests that don't contain your filter string by prefixing your query with the "-" operator. For example, the query "" will show all requests that don't have "" in their URL.

Context menu

Context-clicking on a row in the list displays a context menu with the following options:

  • Copy URL
  • Copy URL Parameters (new in Firefox 40)
  • Copy POST Data (new in Firefox 40, only for POST requests)
  • Copy as cURL
  • Copy Request Headers (new in Firefox 40)
  • Copy Response Headers (new in Firefox 40)
  • Copy Response (new in Firefox 40)
  • Copy Image as Data URI (only for images)
  • Copy All As HAR (new in Firefox 41)
  • Save All As HAR (new in Firefox 41)
  • Edit and Resend
  • Open in New Tab
  • Start Performance Analysis for the page

Edit and Resend

This option opens an editor enabling you to edit the request's method, URL, parameters, and headers, and resend the request.

Copy as cURL

This option copies the network request to the clipboard as a cURL command, so you can execute it from a command line. The command may include the following options:

-X [METHOD] If the method is not GET or POST
--data For URL encoded request parameters
--data-binary For multipart request parameters
--http/VERSION If the HTTP version is not 1.1
-I If the method is HEAD

One for each request header.

From Firefox 34, if the "Accept-Encoding" header is present, the cURL command will include --compressed instead of -H "Accept-Encoding: gzip, deflate". This means that the response will be automatically decompressed.

Copy/Save All As HAR

New in Firefox 41.

These options create an HTTP Archive (HAR) for all requests listed. The HAR format enables you to export detailed information about network requests. 'Copy All As HAR' copies the data to the clipboard, 'Save All As HAR' opens a dialog allowing you to save the archive to disk.

Network request details

Clicking on a row displays a new pane in the right-hand side of the network monitor, which provides more detailed information about the request.

The tabs at the top of this pane enable you to switch between the following pages:

  • Headers
  • Cookies
  • Params
  • Response
  • Timings
  • Security (only for secure pages)
  • Preview (only if the content type is HTML)

Clicking the icon at the right-hand end of the toolbar closes the details pane and returns you to the list view.


This tab lists basic information about the request:

This includes:

  • request URL
  • request method
  • remote IP address and port (new in Firefox 39)
  • status code
  • the HTTP request and response headers that were sent
  • a button to edit and resend the request

You can filter the headers that are displayed:


This tab lists full details of any cookies sent with the request or response:

As with headers, you can filter the list of cookies displayed.


This tab displays the GET parameters and POST data of a request:


The complete content of the response. If the response is HTML, JS, or CSS, it will be shown as text:

If the response is JSON, it will be shown as an inspectable object.

If the response is an image, the tab displays a preview:


The Timings tab breaks a network request down into the following subset of the stages defined in the HTTP Archive specification:

Name Description

Time spent in a queue waiting for a network connection.

The browser imposes a limit on the number of simultaneous connections that can be made to a single server. In Firefox this defaults to 6, but can be changed using the network.http.max-persistent-connections-per-server preference. If all connections are in use, the browser can't download more resources until a connection is released.

DNS resolution Time taken to resolve a host name.
Connecting Time taken to create a TCP connection.
Sending Time taken to send the HTTP request to the server.
Waiting Waiting for a response from the server.
Receiving Time taken to read the entire response from the server (or cache).

It presents a more detailed, annotated, view of the timeline bar for that request showing how the total wait time is split into the various stages:


If the site is being served over HTTPS, you get an extra tab labeled "Security". This contains details about the secure connection used including the protocol, the cipher suite, and certificate details:

The Security tab shows a warning for security weaknesses. Currently it warns you about two weaknesses:

  1. Using SSLv3 instead of TLS
  2. Using the RC4 cipher


If the file type is HTML another tab appears labeled "Preview". This renders just that HTML:

Performance analysis

The Network Monitor includes a performance analysis tool, to help show you how long the browser takes to download the different parts of your site.

To run the performance analysis tool click the stopwatch icon in the toolbar.

(Alternatively, if you have only just opened the Network Monitor, so it's not yet populated with the list of requests, you'll get a stopwatch icon in the main window.)

The Network Monitor then loads the site twice: once with an empty browser cache, and once with a primed browser cache. This simulates the first time a user visits your site, and subsequent visits. It displays the results for each run side by side, or vertically if the browser window is narrow:

The results for each run are summarised in a table and a pie chart. The tables group resources by type, and show the total size of each resource and the total time it took to load them. The accompanying pie chart shows the relative size of each resource type.

To get back to the Network Monitor's list of network requests click the "Back" button on the left.

Clicking on a slice of the pie takes you to the Network Monitor for that run, with a filter automatically applied to see only that resource type.

Document Tags and Contributors

 Last updated by: wbamberg,