From 319bbcad741d5eb5c1852918d89b81ca2c667100 Mon Sep 17 00:00:00 2001
From: Rafa Faura <rafael.fcucalon@gmail.com>
Date: Fri, 17 Jan 2025 19:38:24 +0100
Subject: [PATCH] Feature: 10 new fingerprint headers

---
 README.md                  |  2 +-
 additional/fingerprint.txt | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9a6a702..10fd486 100644
--- a/README.md
+++ b/README.md
@@ -59,7 +59,7 @@
 
 :heavy_check_mark: 58 [checks](#checks-enabled-headers) for enabled security-related HTTP response headers.<br />
 :heavy_check_mark: 14 [checks](#checks-missing-headers) for missing security-related HTTP response headers (the ones I consider essential).<br />
-:heavy_check_mark: 1191 [checks](#checks-fingerprint-headers) for fingerprinting through HTTP response headers.<br />
+:heavy_check_mark: 1201 [checks](#checks-fingerprint-headers) for fingerprinting through HTTP response headers.<br />
 :heavy_check_mark: 129 [checks](#checks-deprecated-headersprotocols-and-insecure-values) for deprecated HTTP response headers/protocols or with insecure/wrong values.<br />
 :heavy_check_mark: Checks compliance with OWASP <a href="https://owasp.org/www-project-secure-headers/#div-bestpractices" target="_blank">'Secure Headers Project'<a> Best Practices.<br />
 :heavy_check_mark: SSL/TLS checks: requires the **amazing** https://testssl.sh/.<br />
diff --git a/additional/fingerprint.txt b/additional/fingerprint.txt
index 1cb8b61..7dad6d0 100644
--- a/additional/fingerprint.txt
+++ b/additional/fingerprint.txt
@@ -1121,6 +1121,16 @@ X-TT-Agw-Login (toutiao.com platform)
 X-TT-LogID (toutiao.com platform)
 X-TT-Trace-Host (toutiao.com platform)
 X-TT-Trace-Tag (toutiao.com platform)
+X-Tumblr-Content-Rating (tumblr.com Platform)
+X-Tumblr-Pixel (tumblr.com Platform)
+X-Tumblr-Pixel-0 (tumblr.com Platform)
+X-Tumblr-Pixel-1 (tumblr.com Platform)
+X-Tumblr-Pixel-2 (tumblr.com Platform)
+X-Tumblr-Pixel-3 (tumblr.com Platform)
+X-Tumblr-Pixel-4 (tumblr.com Platform)
+X-Tumblr-Pixel-5 (tumblr.com Platform)
+X-Tumblr-Pixel-6 (tumblr.com Platform)
+X-Tumblr-User (tumblr.com Platform)
 X-Turbo-Charged-By (Generic HTTP Server/Content Delivery Network)
 X-Two-Cache-Date (10web.io Platform)
 X-Two-Critical (10web.io Platform)