HTTP Headers Analysis for https://coitelada.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552001

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

X-UA-Device, Accept

Caching Headers

0 headers

No caching headers found

Content Headers

2 headers

Content-Length

Content

64413

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

nginx

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

10 headers

Date

Other

Wed, 24 Dec 2025 17:27:42 GMT

Link

Other

<https://64.media.tumblr.com/b26c269d482c96c189de75e8588fab00/646cafc031d6f511-5b/s128x128u_c1/a05aa15f0f21de3ec673ea3a8fc142a8bc48921c.jpg>; rel=icon

X-Nc

Other

MISS

X-Rid

Other

b6bc521e008ccc266f656b77232b5dc3

X-Tumblr-Pixel

Other

2

X-Tumblr-Pixel-0

Other

https://px.srvcs.tumblr.com/impixu?T=1766597261&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3d3dy5jb2l0ZWxhZGEuY29tLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyJ9&U=FOCANIGAIJ&K=2945d1e5b0353a6b60930c449b399fe82f15d1965fb8a28bd349bd33684d0d16--https://px.srvcs.tumblr.com/impixu?T=1766597261&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly93d3cuY29pdGVsYWRhLmNvbS8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6Ii8iLCJwb3N0cyI6W3sicG9zdGlkIjoiMTgxMDU2MDk0MjAxIiwiYmxvZ2lkIjoyMjI5MjI1MTQsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTgxMDU0NDAy

X-Tumblr-Pixel-1

Other

NDA2IiwiYmxvZ2lkIjoyMjI5MjI1MTQsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTgxMDUzNzk4MTA2IiwiYmxvZ2lkIjoyMjI5MjI1MTQsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTExMDI2NDY0ODE2IiwiYmxvZ2lkIjoyMjI5MjI1MTQsInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTEwOTA4OTIyNDExIiwiYmxvZ2lkIjoyMjI5MjI1MTQsInNvdXJjZSI6MzN9XX0=&U=FFGJPFJNPI&K=6b777f5a7a5f1b8f83e574ff45135dbd26c07248ef695c12b8744b7e22d313a1

X-Tumblr-User

Other

coitelada

X-Ua-Compatible

Other

IE=Edge,chrome=1

X-Ua-Device

Other

desktop

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching