HTTP Headers Analysis for https://beta.yellow.ai

Detected Technologies from Headers

See all in URL Inspect 32

AWS CloudFront

Algolia

AWS

Amazon S3

Azure Blob Storage

BugHerd

Bugsnag

Calendly

Cloudflare CDN

ElevenLabs

Facebook

Google Analytics

Google API JS Client

Google DoubleClick

Google Fonts

Google reCAPTCHA

Google Search

Google Sign-In

hCaptcha

Hotjar

HubSpot Forms

jsDelivr

Mixpanel

New Relic

OpenAI Active incidents

PostHog

Pusher

Sentry

Stripe

Yellow.ai

YouTube

Zendesk

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Good

script-src; img-src; frame-src; +12 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer

Permissions-Policy

Missing

Not configured

Recommendations

• Strengthen CSP by removing 'unsafe-eval'
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Transfer-Encoding

Performance

chunked

connection: close
transfer-encoding: chunked

Caching Headers

Expires

Caching

0

expires: 0

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

Server

cloudflare

server: cloudflare

CORS Headers

Access-Control-Allow-Credentials

Cors

true

Access-Control-Allow-Headers

Cors

Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-app-id,bot

Access-Control-Allow-Methods

Cors

GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform,Responsetype,x-app-id,bot
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD

Cookies Headers

No cookies headers found

Other Headers

Cf-Cache-Status

Other

DYNAMIC

Cf-Ray

Other

9e5ed6537bde2996-IAD

Date

Other

Thu, 02 Apr 2026 09:34:21 GMT

Feature-Policy

Other

geolocation 'self'

cf-cache-status: DYNAMIC
cf-ray: 9e5ed6537bde2996-IAD
date: Thu, 02 Apr 2026 09:34:21 GMT
feature-policy: geolocation 'self'

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching