HTTP Headers Analysis for https://yango.com

Detected Technologies from Headers

See all in URL Inspect 3

Next.js

Yandex

YouTube

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Good

default-src; manifest-src; script-src; +8 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

Close

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding, Accept-Encoding, RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding

connection: Close
transfer-encoding: chunked
vary: Accept-Encoding, Accept-Encoding, RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding

Caching Headers

Cache-Control

Caching

private, no-cache, no-store, max-age=0, must-revalidate

cache-control: private, no-cache, no-store, max-age=0, must-revalidate

Content Headers

Content-Type

Content

text/html; charset=utf-8

content-type: text/html; charset=utf-8

Server Headers

X-Powered-By

Server

Next.js

x-powered-by: Next.js

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

Cookies

set-cookie: _yasc=/fbZYh5e+vsyLvZOIcfPsn+XkQGGyWzGJeU1uRQcClvcy6zrDKCeUg1rn35uqDDa.MTc3ODA4NzM3MzUyNA==; domain=.yango.com; path=/; expires=Sat, 03 May 2036 17:09:33 GMT; secure
_yasc=3J/FoC+MKmGPxlr2EnqkgxkZtjm72tBiyjksppgiQqOEmMtYsK5vbwR18BrP+KhfaQ==.MTc3ODA4NzM3MzQxMQ==; domain=.yango.com; path=/; expires=Sat, 03 May 2036 17:09:33 GMT; secure
i=Bs66Vld6+KDYk5QClU4Vq8A2ediytc+Uu4isAyfcGS1Z5Nauqe7guZHgt3hqU1MHfpfo47LQlYcu+U3UaoyHoTCWwrA=; Expires=Fri, 05-May-2028 17:09:33 GMT; Domain=.yango.com; Path=/; Secure; HttpOnly
yandexuid=2551280741778087373; Expires=Fri, 05-May-2028 17:09:33 GMT; Domain=.yango.com; Path=/; Secure
yashr=502493971778087373; Path=/; Domain=.yango.com; Expires=Thu, 06 May 2027 17:09:33 GMT; Secure; HttpOnly

Other Headers

Date

Other

Wed, 06 May 2026 17:09:33 GMT

Link

Other

URL https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/15669f19e58d1919-s.p.woff2

rel=preload as=font crossorigin nonce=NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj type=font/woff2

URL https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/2412a9db4d067d83-s.p.woff2

rel=preload as=font crossorigin nonce=NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj type=font/woff2

URL https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/6320870e2949570b-s.p.woff2

rel=preload as=font crossorigin nonce=NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj type=font/woff2

URL https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/6b2d2fab3bfb5a57-s.p.woff2

rel=preload as=font crossorigin nonce=NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj type=font/woff2

X-Nonce

Other

NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj

date: Wed, 06 May 2026 17:09:33 GMT
link: <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/15669f19e58d1919-s.p.woff2>; rel=preload; as="font"; crossorigin=""; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj"; type="font/woff2", <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/2412a9db4d067d83-s.p.woff2>; rel=preload; as="font"; crossorigin=""; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj"; type="font/woff2", <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/6320870e2949570b-s.p.woff2>; rel=preload; as="font"; crossorigin=""; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj"; type="font/woff2", <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/6b2d2fab3bfb5a57-s.p.woff2>; rel=preload; as="font"; crossorigin=""; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj"; type="font/woff2", <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/media/bad06b8a4d3d57f8-s.p.woff2>; rel=preload; as="font"; crossorigin=""; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj"; type="font/woff2", <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/css/814573ad927ef51f.css>; rel=preload; as="style"; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj", <https://static.yango.tech/s3/taxi-front/txf-yango-career-frontend/0.98.0/_next/static/css/5a03ce817eb9d899.css>; rel=preload; as="style"; nonce="NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj"
x-nonce: NTBmZjNjYzYtODliNC00Mzc4LThlNmMtZWEzNzc0YzEyMzdj

Recommendations

Enable compression (gzip/brotli) to improve performance

Consider removing X-Powered-By header to hide server technology