HTTP Headers Analysis for https://blog.housekinoa.me

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552001

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

bytes

Connection

Performance

keep-alive

Vary

Performance

X-UA-Device, Accept

Caching Headers

0 headers

No caching headers found

Content Headers

2 headers

Content-Length

Content

38549

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

nginx

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

11 headers

Date

Other

Fri, 14 Nov 2025 21:47:10 GMT

Link

Other

<https://64.media.tumblr.com/f70186b4059182aca9ba9f7ffa889a77/6f90a34d3b9db550-92/s128x128u_c1/a76bc0f5ecce46e457ecd7cef4b1a92a988b5ee4.pnj>; rel=icon

X-Nc

Other

MISS

X-Rid

Other

a61aba00dca9b6cc762e5c0beaba572a

X-Robots-Tag

Other

noindex, nofollow

X-Tumblr-Pixel

Other

2

X-Tumblr-Pixel-0

Other

https://px.srvcs.tumblr.com/impixu?T=1763156830&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2Jsb2cuaG91c2VraW5vYS5tZS8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6Ii8ifQ==&U=KMNKKHMMOP&K=7f0b313f0d4053e2515395d38c5a821242d4c457613331ef74e321e2d3d6092e--https://px.srvcs.tumblr.com/impixu?T=1763156830&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly9ibG9nLmhvdXNla2lub2EubWUvIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIiwicG9zdHMiOlt7InBvc3RpZCI6IjY1MjY4NzQ1NjQ1MzM5NDQzMiIsImJsb2dpZCI6NDUxOTQwMjMzLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6

X-Tumblr-Pixel-1

Other

IjE4NjI1NTQ1OTcyOCIsImJsb2dpZCI6NDUxOTQwMjMzLCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjE4MTI3NjAwMDc1MyIsImJsb2dpZCI6NDUxOTQwMjMzLCJzb3VyY2UiOjMzfV19&U=LFBIAIHBDJ&K=d8a1288ba2b3a0a432a72c4bdf782b93ca0c17619e6026e04e1699535832f94d

X-Tumblr-User

Other

houseki-no-ame

X-Ua-Compatible

Other

IE=Edge,chrome=1

X-Ua-Device

Other

desktop

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching