Cache Headers Analyzer

Analyze HTTP caching headers for any URL. Inspect Cache-Control, Expires, ETag, Last-Modified, Vary, Age, and common CDN cache signals to understand browser vs shared-cache behavior. Includes redirect tracing, raw header view, filtering, issue findings, and JSON/PDF export.

Loading…

About Cache Headers Analyzer

Paste a URL and instantly understand how it’s cached: browser directives, shared CDN/proxy caching (s-maxage, surrogate controls), validators (ETag/Last-Modified), and revalidation patterns (stale-while-revalidate, stale-if-error). Use it to debug performance, prevent accidental HTML caching, and verify static asset cache policies.

Features

URL-based cache audit with a clear score card + findings (focus on caching/performance headers).
Follow redirects (up to 10) to see where caching rules actually apply.
Raw headers view for full transparency (what the server/CDN really returned).
Cache analysis highlights: Cache-Control directives, Expires/Pragma, and conflicts.
Validator checks: ETag and Last-Modified detection (for conditional requests & revalidation).
Vary analysis to catch missing or risky Vary behavior (esp. for personalized content).
CDN signals detection: Age, Via, CF-Cache-Status, X-Cache, Fastly/Akamai/CloudFront-style headers.
Filters & “only problems” mode to focus on actionable issues quickly.
Export results as JSON and PDF reports (great for audits and client deliverables).
HEAD-first probing (fallback to GET) to minimize bandwidth while staying compatible.

🧭 How to use for cache-headers-analyzer

Enter the URL

Paste the full URL you want to audit (e.g., [https://example.com/static/app.css](https://example.com/static/app.css)).

Choose request behavior

Keep “Try HEAD first (fallback to GET)” enabled for fast checks. Enable “Follow Redirects” if the URL may redirect (HTTP→HTTPS, www, CDN, etc.).

Pick an analyzer focus

Use “Auto (recommended)” for a balanced view. Switch to “Browser caching”, “CDN / proxy caching”, or “API caching” to prioritize the most relevant findings for your endpoint.

Review findings and header categories

Inspect the score/findings first, then drill into cache directives, validators (ETag/Last-Modified), Vary analysis, and CDN signals (Age, cache status headers). Turn on “Show Raw Headers” if you need the full response.

Export a report

Download a JSON report for automation or a PDF report for audits and sharing with teammates/clients.

Technical specs

Request model

This tool performs a URL header inspection with optional redirect following. It attempts a HEAD request first (if enabled) and falls back to GET when needed.

Setting	Behavior	Default
Try HEAD first (fallback to GET)	Uses HEAD to fetch headers quickly; falls back to GET if HEAD is unsupported or insufficient	Enabled
Follow Redirects	Follows the redirect chain to inspect final caching behavior	Enabled
Max Redirects	Redirect cap to prevent infinite loops	10 (range 0–20)
Timeout	Request timeout limit	15000 ms
User-Agent	Identifies the request user agent	Encode64Bot/1.0 (+[https://encode64.com](https://encode64.com))
Private networks	Blocks access to private network ranges for safety	Disabled (private networks not allowed)

Headers & signals analyzed

The analyzer focuses on cache semantics (browser and shared caches) plus common CDN edge signals.

Category	Examples
Cache directives	Cache-Control, Expires, Pragma, Surrogate-Control, CDN-Cache-Control
Validators	ETag, Last-Modified (used for conditional requests / revalidation)
Shared cache behavior	s-maxage, stale-while-revalidate, stale-if-error (when present in Cache-Control)
Vary behavior	Vary (cache key variations and personalization safety)
CDN/proxy signals	Age, Via, CF-Cache-Status, X-Cache, X-Cache-Hits, Server-Timing and other edge hints

Some CDN headers are vendor-specific; presence and meaning can vary by provider and configuration.

Heuristics (what triggers warnings)

Findings are derived from practical caching heuristics to help spot missing, contradictory, or weak caching policies.

Heuristic	What it checks
Missing Cache-Control	Warns when Cache-Control is absent
Conflicting directives	Warns when directives appear inconsistent (e.g., mixed caching intentions)
Missing validators	Warns when cacheable responses lack ETag/Last-Modified
Weak validators	Flags weak validator patterns where relevant
Vary risk	Warns when Vary seems missing where variation is likely needed
Pragma no-cache mismatch	Warns when Pragma: no-cache appears without corresponding Cache-Control

Classification (static vs HTML vs API)

The analyzer can infer the content type intent from the URL path to tailor caching recommendations.

Class	Path patterns (examples)
Static asset	.css, .js, .png, .svg, .woff2, etc.
HTML	.html, .htm
API	Paths starting with /api/ or ending with .json

If your URL doesn’t match these patterns, use “Analyzer Focus” to steer the recommendations.

Command line

Use these CLI snippets to inspect cache headers locally. They don’t replace this tool’s findings/score, but they help you reproduce results quickly.

macOS / Linux

Fetch headers with a HEAD request

curl -I [https://example.com/static/app.css](https://example.com/static/app.css)

Checks Cache-Control, Expires, ETag, Last-Modified, Vary, and CDN signals without downloading the body.

Follow redirects and show headers

curl -IL [https://example.com/](https://example.com/)

Shows the redirect chain so you can verify where caching directives change.

Run

Windows (PowerShell)

Get response headers

(Invoke-WebRequest -Uri [https://example.com/static/app.css](https://example.com/static/app.css) -Method Head).Headers

Lists headers including Cache-Control, ETag, Last-Modified and vendor CDN headers when present.

For static assets with hashed filenames (app.abc123.css), prefer long-lived caching with immutable. For HTML, be conservative to avoid serving stale personalized pages.

Use cases

Static assets caching audit (CSS/JS/images/fonts)

Verify that fingerprinted assets are cacheable for a long time and can be efficiently revalidated when needed.

Confirm Cache-Control includes long max-age and (when appropriate) immutable
Ensure validators exist (ETag or Last-Modified) for safe revalidation
Check CDN cache hit indicators (Age, CF-Cache-Status, X-Cache)

Cache-Control: public, max-age=31536000, immutable
ETag: "686897696a7c876b7e"
Vary: Accept-Encoding

Prevent accidental caching of HTML pages

Catch cases where HTML pages are cached too aggressively at the CDN or browser level, which can break login flows, personalization, and SEO rendering consistency.

Detect overly permissive Cache-Control on HTML
Identify missing Vary where content differs by cookies, auth, or language
Confirm safe revalidation patterns

API endpoint caching review

Understand whether shared caches are enabled for API responses and whether your API is safely cacheable.

Detect shared caching via s-maxage
Spot stale-while-revalidate / stale-if-error strategies
Flag missing validators when API responses are cacheable

Debug CDN behavior across redirects

Many sites redirect (HTTP→HTTPS, apex→www, locale redirects). This tool helps ensure caching policies remain consistent from the first hop to the final response.

Verify headers on each hop and on the final URL
Catch cache header changes introduced by edge rules or origin rewrites

❓ Frequently Asked Questions

❓What headers does this tool analyze for caching?

It focuses on cache semantics and signals: Cache-Control, Expires, Pragma, Age, ETag, Last-Modified, Vary, plus common CDN/proxy indicators such as Via, CF-Cache-Status, X-Cache and related edge headers.

❓Why do I see different caching results between browser and CDN?

Browsers follow end-to-end cache directives (Cache-Control, Expires) while CDNs and proxies may apply shared-cache rules (s-maxage, Surrogate-Control) and edge policies. A response can be cacheable at the edge but short-lived in the browser, or the opposite.

❓What are ETag and Last-Modified used for?

They are validators for conditional requests. With ETag (If-None-Match) or Last-Modified (If-Modified-Since), clients and caches can revalidate resources and receive a lightweight 304 Not Modified when content hasn’t changed.

❓Should I cache HTML pages for a long time?

Usually no. HTML often changes frequently and may be personalized. Aggressive caching can serve stale or wrong content. Prefer short caching with revalidation, and use correct Vary rules when content depends on headers/cookies.

❓What is Vary and why is it important?

Vary tells caches which request headers affect the response (e.g., Accept-Encoding). Missing or incorrect Vary can cause caches to serve the wrong variant (compressed vs uncompressed, language variants, etc.).

❓Is it safe to paste URLs here?

The tool performs server-side requests to the provided URL and blocks private-network targets. Use public URLs you trust and avoid pasting secrets in the URL query string.