HTTP Headers Analysis for https://ycorpblog.com

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552001

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

3 headers

Accept-Ranges

Performance

bytes

Connection

Performance

keep-alive

Vary

Performance

X-UA-Device, Accept

Caching Headers

0 headers

No caching headers found

Content Headers

2 headers

Content-Length

Content

20768

Content-Type

Content

text/html; charset=utf-8

Server Headers

1 headers

Server

nginx

CORS Headers

0 headers

No CORS headers found

Cookies Headers

0 headers

No cookies headers found

Other Headers

12 headers

Date

Other

Tue, 18 Nov 2025 00:37:39 GMT

Link

Other

<https://64.media.tumblr.com/avatar_9e5e867181b7_128.pnj>; rel=icon

X-Nc

Other

HIT

X-Rid

Other

7eb8f1c6eb0f208c9451c8ef577492d9

X-Tumblr-Pixel

Other

4

X-Tumblr-Pixel-0

Other

https://px.srvcs.tumblr.com/impixu?T=1763426205&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL3lhaG9vLnR1bWJsci5jb20vIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=GKBJBPNJNE&K=37b4a27ab2fc5cd322b0f306240555f14bb50f468a12ac080074a5fff3d90194--https://px.srvcs.tumblr.com/impixu?T=1763426205&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly95YWhvby50dW1ibHIuY29tLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxNjE3NzI0NjQxMDQiLCJibG9naWQiOjE2MjY2NTQ5LCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjE2MTU0MjI4NDcy

X-Tumblr-Pixel-1

Other

OSIsImJsb2dpZCI6MTYyNjY1NDksInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTYxMzIwODgzNTg0IiwiYmxvZ2lkIjoxNjI2NjU0OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxNjA1NDc0NDQyNzQiLCJibG9naWQiOjE2MjY2NTQ5LCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjE2MDUxNDc0MDI1OSIsImJsb2dpZCI6MTYyNjY1NDksInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTYwMjYyMDAyNTM0IiwiYmxvZ2lkIjoxNjI2NjU0OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxNjAwNDc3NDM2MjQiLCJibG9naWQiOjE2MjY2NTQ5LCJzb3VyY2UiOjMzfSx7InJvb3RfYmxvZ2lkIjoiMTQzMDI4MzE1Iiwicm9vdF9wb3N0aWQiOiIxNTk5NDIwMDg1MT

X-Tumblr-Pixel-2

Other

EiLCJwb3N0aWQiOiIxNTk5NDIwNDAzMjQiLCJibG9naWQiOjE2MjY2NTQ5LCJzb3VyY2UiOjMzfSx7InBvc3RpZCI6IjE1OTc5Mzc0MTk1NCIsImJsb2dpZCI6MTYyNjY1NDksInNvdXJjZSI6MzN9LHsicm9vdF9ibG9naWQiOiIxMTYwOTgyMTMiLCJyb290X3Bvc3RpZCI6IjE1OTc1ODAwOTE4NiIsInBvc3RpZCI6IjE1OTc1ODAyMzY1NCIsImJsb2dpZCI6MTYyNjY1NDksInNvdXJjZSI6MzN9LHsicG9zdGlkIjoiMTU5NzUxODg3MDA0IiwiYmxvZ2lkIjoxNjI2NjU0OSwic291cmNlIjozM30seyJyb290X2Jsb2dpZCI6IjExNjEwMjYwOSIsInJvb3RfcG9zdGlkIjoiMTU5NzI1NDk2NjY1IiwicG9zdGlkIjoiMTU5NzM1Mjg0OTA0IiwiYmxvZ2lk

X-Tumblr-Pixel-3

Other

IjoxNjI2NjU0OSwic291cmNlIjozM30seyJyb290X2Jsb2dpZCI6IjE4NDMwMiIsInJvb3RfcG9zdGlkIjoiMTU5NzE3MDI5NzUwIiwicG9zdGlkIjoiMTU5NzE3NTMyNjM5IiwiYmxvZ2lkIjoxNjI2NjU0OSwic291cmNlIjozM30seyJwb3N0aWQiOiIxNTk2NzU4NDE4MDkiLCJibG9naWQiOjE2MjY2NTQ5LCJzb3VyY2UiOjMzfSx7InJvb3RfYmxvZ2lkIjoiMjMxNTA0MDQ1Iiwicm9vdF9wb3N0aWQiOiIxNTkyNzI0ODk1NDkiLCJwb3N0aWQiOiIxNTkyNzI4ODMyNDQiLCJibG9naWQiOjE2MjY2NTQ5LCJzb3VyY2UiOjMzfV19&U=BAFIFACKLA&K=b0c4f537fe43527831c89bfda1efe5d31e533be5bbd1479db04eb66f4f213250

X-Tumblr-User

Other

yahoo

X-Ua-Compatible

Other

IE=Edge,chrome=1

X-Ua-Device

Other

desktop

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching