Request Inspector

The Request Inspector provides powerful utilities to analyze and understand your webhook requests in detail. Each captured request includes smart parsing and helpful tools to decode and visualize your data.

Requests panel

The sidebar provides a clear and organized list of all the captured requests, allowing you to navigate through them effortlessly. Each entry includes essential metadata such as method, status code, timestamp, and a quick visual indicator of the request type.

You can click on any request in the sidebar to instantly load and inspect its details — including headers, body content, query parameters, response previews, and more.

If you’re actively working on a specific request, you can pin it to the top of the sidebar. Pinned requests remain fixed in place even as new requests come in, making it easy to keep track of important items without losing them in the flow of incoming traffic.

The sidebar also includes powerful filtering options, enabling you to refine the list.

Overview

When you click on any captured request, the inspector reveals:

HTTP Method & URL: Full endpoint with query parameters
Headers Analysis: Smart detection and parsing
Body Viewer: Multiple formats with syntax highlighting
Timestamp & Metadata: Complete request information
Decoding Utilities: Built-in tools for common formats

Headers Analysis

Smart Header Detection

The inspector automatically identifies and highlights important headers:

Authentication Headers

Automatically detected and parsed:

Authorization: Shows auth type (Bearer, Basic, etc.)
X-API-Key: API key headers
X-Auth-Token: Custom auth tokens
Cookie: Session cookies

Common Webhook Headers

Special highlighting for webhook-specific headers:

X-Webhook-Signature: Signature verification headers
X-Hub-Signature: GitHub-style signatures
X-Event-Type: Event classification
User-Agent: Source identification
Content-Type: Body format indicator

Custom Headers

All custom headers (X-* prefixed) are grouped and highlighted for easy identification.

Header Utilities

Copy Individual Headers

Click any header to copy its value to clipboard.

Body Viewer

Smart Format Detection

The body viewer automatically detects and formats:

JSON

Syntax highlighting
Collapsible nested objects
Copy individual values
Tree view navigation

{
  "event": "payment.succeeded",
  "amount": 1000,
  "currency": "usd",
  "metadata": {
    "customer_id": "cus_123",
    "order_id": "ord_456"
  }
}

XML

Syntax highlighting
Attribute highlighting

<webhook>
  <event>payment.succeeded</event>
  <amount>1000</amount>
  <currency>usd</currency>
</webhook>

Form Data (URL Encoded)

Key-value pairs
Decoded values
Copy individual fields

event=payment.succeeded&amount=1000&currency=usd

Plain Text

Raw display
Copy entire content

Preview Modes

Switch between different view modes:

Pretty: Formatted with syntax highlighting
Raw: Original unmodified content
Table: Key-value pairs (Form data)
Image: Image data
Video: Video data
Audio: Audio data

Built-in Utilities

JWT Decoder

Automatically detects JWT tokens in Authorization: Bearer <token> headers.

Features:

Decode header, payload, and signature
Display claims with formatting
Expiration time highlighting
Algorithm detection
Validity status (not cryptographic verification)

Base64 Decoder

Automatically detects and offers to decode Base64-encoded content:

Auth tokens
Image data URIs
Binary data

Query Parameters

Query parameters are parsed and displayed in a key/value container.

Metadata & Timing

Request Metadata

Each request includes:

IP Address: Source IP of the request
User Agent: Client identification
Timestamp: Precise request time (with timezone)
Request ID: Unique identifier for the request
Size: Total request size in bytes

Timing Information

Received At: When h00k.dev received the request
Processing Time: How long it took to process
Response Time: Time to return mock response (if configured)

Response Preview

If a mock response is configured, see what was returned:

Status Code: HTTP response code
Headers: Response headers
Body: Response payload
Time: Response delay (if configured)

Copy & Export

Quick Copy Options

Copy URL: Full request URL with query params
Copy Body: Body content (formatted or raw)
Copy Headers: All headers as JSON
Copy as cURL: Complete cURL command to replay the request

Export Formats

Export the entire request in various formats:

JSON: Complete request object
CURL: You can paste on Postman
HAR: HTTP Archive format (for browser dev tools)
Markdown: Documentation-friendly format
Plain Text: Human-readable format

Best Practices

Security

Review auth tokens before sharing requests
Be cautious with JWT tokens (they can contain sensitive data)
Redact sensitive information before creating snapshots

Debugging

Use JWT decoder to verify token expiration
Check Content-Type header matches body format
Compare webhook signatures for verification
Use hash detection for signature debugging

Performance

Large bodies (>100KB) may take longer to format
Use "Raw" mode for faster loading of large requests
Filter unnecessary headers for cleaner views

Mock Responses → Create intelligent mocks
Snapshot: Create snapshot to share with devs
Forward Requests: Replay to your server

Questions? Contact us at support@h00k.dev

Requests panel​

Overview​

Headers Analysis​

Smart Header Detection​

Authentication Headers​

Common Webhook Headers​

Custom Headers​

Header Utilities​

Copy Individual Headers​

Body Viewer​

Smart Format Detection​

JSON​

XML​

Form Data (URL Encoded)​

Plain Text​

Preview Modes​

Built-in Utilities​

JWT Decoder​

Base64 Decoder​

Query Parameters​

Metadata & Timing​

Request Metadata​

Timing Information​

Response Preview​

Copy & Export​

Quick Copy Options​

Export Formats​

Best Practices​

Security​

Debugging​

Performance​

Related Topics​