HTTP Parser
Paste a raw HTTP request or response for local parsing, structured breakdowns, and cautious security review notes.
Speed up your recruitment workflow
URLCV automates CV parsing, candidate scoring, and shortlist generation — so you can place more candidates, faster.
Runs locally in your browser
Pasted HTTP is parsed with JavaScript on this page only. URLCV does not upload your request or response to the server or any third party.
Accepted input
Burp raw messages, curl verbose headers, browser/devtools copies, or log excerpts with an intact HTTP start line.
Keyboard flow
Ctrl/Cmd + Enter parses. Copy buttons keep sensitive values masked in the UI.
Paste a full request or response. The parser is forgiving about wrapper lines, but it still expects a real HTTP start line somewhere in the paste.
Summary
Structured output and review notes generated entirely in the browser.
Type
Method
Status
Headers
Body size
- Start line
- Reconstructed URL
Parser notes
Security triage
These checks only reflect what is visible in the pasted message. They are prompts for review, not proof of a vulnerability.
Path
Query string
| Name | Value | Copy |
|---|---|---|
Authorization and auth-related headers
Potentially sensitive headers stay masked in the UI. Use copy only when you need the original value.
Body notes
JSON (formatted)
Form fields
Raw preview
Nothing parsed yet
Paste a raw HTTP request or response, then click Parse locally. The parser handles common copies from Burp, curl verbose output, browser/devtools, and logs as long as an HTTP start line is present.
Raw HTTP parser and triage
Paste traffic copied from Burp, browser devtools, curl, or logs. This tool parses it locally in your browser — nothing is sent to our servers.
What you get
- Requests: method, path, query string, HTTP version, host, headers, cookies, auth headers, body, JSON or form fields when applicable
- Responses: status line and code, headers,
Set-Cookielines, content type, body preview, JSON fields when applicable - Security triage: only what is visible in the pasted message — cookie flags, CORS/CSP hints, auth material, duplicate parameters, ID-like segments, version leakage, and similar — phrased as worth checking, not certainties
What this is not
Not a scanner, fuzzer, or exploit tool — only a parser and checklist-style hints for manual review.
SEO / discovery
Useful for: raw HTTP parser, HTTP request parser, HTTP response parser, parse raw request headers, inspect HTTP request online, security header check from raw response.