HTTP Headers Analysis for https://yoti.com

Detected Technologies from Headers

See all in URL Inspect 20

Microsoft ASP.NET CDN

Amazon S3

Cloudflare CDNJS

Facebook

Google Analytics

Google DoubleClick

Google Fonts

Google Hosted Libraries

Google Search

Google Tag Manager

Hotjar

HubSpot

HubSpot Analytics

HubSpot Forms

jsDelivr

Nginx

OneTrust

Vimeo

YouTube

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=63072000; includeSubDomains; preload

Content-Security-Policy

Basic

default-src; script-src; child-src; +11 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

deny

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Accept-Ranges

Performance

bytes

Connection

Performance

close

Vary

Performance

Accept-Encoding, Accept-Encoding

accept-ranges: bytes
connection: close
vary: Accept-Encoding, Accept-Encoding

Caching Headers

Etag

Caching

"69ea0348-228d5"

Last-Modified

Caching

Thu, 23 Apr 2026 11:32:24 GMT

etag: "69ea0348-228d5"
last-modified: Thu, 23 Apr 2026 11:32:24 GMT

Content Headers

Content-Length

Content

141525

Content-Type

Content

text/html

content-length: 141525
content-type: text/html

Server Headers

Server

nginx

server: nginx

CORS Headers

No CORS headers found

Cookies Headers

No cookies headers found

Other Headers

Date

Other

Sun, 10 May 2026 10:37:16 GMT

date: Sun, 10 May 2026 10:37:16 GMT

Recommendations

Enable compression (gzip/brotli) to improve performance

Add Cache-Control header to optimize caching