HTTP Headers Analysis for https://beckyphan.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552001

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

X-UA-Device, Accept

Caching Headers

0 headers

No caching headers found

Content Headers

2 headers

Content-Length

Content

130246

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

nginx

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

10 headers

Date

Other

Wed, 24 Dec 2025 17:22:04 GMT

Link

Other

<https://64.media.tumblr.com/5e6e4c17e8a12f3e9e0501d44bce2cbd/fb038ce00bd83927-97/s128x128u_c1/6440d526f4638c7fae067320dcc23df0a8442bbb.jpg>; rel=icon

X-Nc

Other

MISS

X-Rid

Other

f85d64abd11a60af39bdbcb429e41e70

X-Tumblr-Pixel

Other

2

X-Tumblr-Pixel-0

Other

https://px.srvcs.tumblr.com/impixu?T=1766596924&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2JlY2t5cGhhbi5jb20vIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=KNJBAJLOEB&K=74c44aa8e01299d47bb0bab3a34e867365680c7bc8be909b87b45b3870b67544--https://px.srvcs.tumblr.com/impixu?T=1766596924&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly9iZWNreXBoYW4uY29tLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiI3OTE5MTY2MTA3MjIxMzYwNjQiLCJibG9naWQiOjE3NTA4NTMsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiNzkxOTE2NTk1MjMz

X-Tumblr-Pixel-1

Other

NTg3MjAwIiwiYmxvZ2lkIjoxNzUwODUzLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijc5MTkxNjU3MzI0NjA2MjU5MiIsImJsb2dpZCI6MTc1MDg1Mywic291cmNlIjozM30seyJwb3N0aWQiOiI3NjczMzQ1MzE4MjM5OTI4MzIiLCJibG9naWQiOjE3NTA4NTMsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiNzY3MjQzOTQxODQ0MjM4MzM2IiwiYmxvZ2lkIjoxNzUwODUzLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6Ijc2NzE1MzMzNjgzNzM5MDMzNiIsImJsb2dpZCI6MTc1MDg1Mywic291cmNlIjozM31dfQ==&U=AFGOBGPAOG&K=de8f024f7c71e2cd8844a2230ececf111e2462c4474ac5f49d60fa66e96f8ee7

X-Tumblr-User

Other

beckyphan

X-Ua-Compatible

Other

IE=Edge,chrome=1

X-Ua-Device

Other

desktop

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching