indexo.dev

yotoplay.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1445 ms crawled 2026-05-18

US · 13.33.235.108 · AS16509 Amazon.com, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title
Yoto Homepage - The Screen-Free Audio Platform for Children
Description
Yoto Player plays audiobook stories, music, activities, sound effects, radio and podcasts for children. A safe and secure way for children to explore amazing audio with kids in control. Welcome to Audiotime.
Language
en
Canonical
https://eu.yotoplay.com/
Translations
  • en
  • en-au
  • en-ca
  • en-gb
  • en-us

Open Graph

title
Yoto Homepage - The Screen-Free Audio Platform for Children
locale
en_EU
description
Yoto Player plays audiobook stories, music, activities, sound effects, radio and podcasts for children. A safe and secure way for children to explore amazing audio with kids in control. Welcome to Audiotime.

Technology

CDN
Netlify
CMS
Shopify

Third-party hosts loaded (4)

  • www.datocms-assets.com×50
  • cdn.shopify.com×6
  • cdn-cookieyes.com×1
  • yoto-eu.myshopify.com×1

Social

Registration

Registrar
Gandi SAS
Created
2017-03-09
Expires
2027-03-09 293 days left
Updated
2026-02-06
Name servers
  • ns-136-b.gandi.net
  • ns-21-a.gandi.net
  • ns-41-c.gandi.net

DNS records live

NS
  • ns-136-b.gandi.net
  • ns-21-a.gandi.net
  • ns-41-c.gandi.net
MX
  • 1 aspmx.l.google.com
  • 10 aspmx2.googlemail.com
  • 10 aspmx3.googlemail.com
  • 5 alt1.aspmx.l.google.com
  • 5 alt2.aspmx.l.google.com
TXT
Show 16 TXT records
  • google-site-verification=CqcOnIxVGxRERiU3glHJURUDxrTSiWDqhDizdYdzHUA
  • anthropic-domain-verification-3b291c=sRSegBMO3Od64zlGTsISlJnvF
  • google-site-verification=y9GX6OdwLA_XGGWgIgN4lvVjFpZINx-IXmBc9v8mPnA
  • lovable_verification=eqYAujZdGLL9gzJ2WF7s
  • shopify-verification-code=NixlIaBz1CVen12o8aPLPQmqFu9vpm
  • MS=ms33619508
  • google-site-verification=eTXJ_RVaVAfNLdVpS00U3aFV2nhzRAYa-heksdoEyo4
  • anthropic-domain-verification-g6c0dv=yB8TLIMp14y1VGxSosTQG!mwb
  • google-site-verification=8WoP4eAF2Fnmb1QXpBsA2j3t9asZEdvblVzJ_QiiFdg
  • atlassian-domain-verification=tmvuOMiIt0MwU2RacBTJkpUEX32rWTCS9AZXa7cBlkFCg4JnjJXLuATpgfhdd4NY
  • slack-domain-verification=hZHEOYJ26wYbrBcTSHx6G7HqktMf9uUiSwXDtd67
  • openai-domain-verification=dv-8svBk1BNHJ9QstnuEJoiRB8c
  • dropbox-domain-verification=zl1v6b2li1yh
  • google-site-verification=tfDz2Qh09S1yi-CMye-uFZdXsSfi_gZMdqqBXMTl4lc
  • figma-domain-verification=648491bc28535765464fc2c0976d691fb075a6a2270dca410a16ae7544474370-1775656191
  • facebook-domain-verification=vzpts9x9dssqn0k8auz3f8hpzr1j38

Email authentication partial

SPF
v=spf1 include:_spf.google.com include:mailgun.org include:amazonses.com include:sendgrid.net include:shops.shopify.com -all
strict (-all)
DMARC
v=DMARC1; p=none; rua=mailto:re+2bec4725720b@inbound.dmarcdigests.com
policy: none (monitoring only)
DKIM
  • google: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo75RNtuXDDj0GdPOBBbi4+5SvxeqV7yTWnE1BIxElCrZQRdFqXoT5jmFq4V4GWvTt5HfqPWMxP+eu…
  • k1: k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbNrX2cY/GUKIFx2G/1I00ftdAj713WP9AQ1xir85i89sA2guU0ta4UX1Xzm06XIU6iBP41VwmPwBGRNofhBVR+e6WHUo…
  • smtpapi: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPtW5iwpXVPiH5FzJ7Nrl8USzuY9zqqzjE0D1r04xDN6qwziDnmgcFNNfMewVKN2D1O+2J9N14hRprzByFwfQW76…
selectors probed

Certificate (current)

Amazon RSA 2048 M04
from 2025-12-09 to 2027-01-07
Expires in 232 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 90/100 Checked live page: https://eu.yotoplay.com/

present
  • strict-transport-security
  • content-security-policy
  • x-frame-options
  • x-content-type-options
  • referrer-policy
findings
  • CSP uses wildcard sources
  • missing Permissions Policy
Header values
referrer-policy
origin-when-cross-origin
x-frame-options
DENY
x-content-type-options
nosniff
content-security-policy
default-src 'self' assets.gorgias.chat; base-uri 'none'; child-src 'self' blob: app.netlify.com netlify-cdp-loader.netlify.app; connect-src 'self' lb.affilae.com *.lottiefiles.com *.myshopify.com *.onetrust.com graphql.datocms.com test.aws.fooropa.com stockist.co *.stockist.workers.dev *.cloudfunctions.net bat.bing.com *.ip-api.com *.mapbox.com www.facebook.com *.doubleclick.net analytics.tiktok.com api.yotoplay.com geo.yotoplay.com *.sentry.io *.amplitude.com *.maze.co cdn.amplitude.com au.yotoplay.com uk.yotoplay.com eu.yotoplay.com us.yotoplay.com ca.yotoplay.com *.yotoplay.com yotoplay.extole.io products-test.aws.fooropa.com docs.google.com doc-0s-7s-sheets.googleusercontent.com *.cookieyes.com cdn-cookieyes.com *.backinstock.org *.mixpanel.com js.go2sdk.com *.edgemv.mux.com ct.pinterest.com *.lightboxcdn.com adservice.google.com www.googletagmanager.com www.googleadservices.com *.google-analytics.com *.analytics.google.com www.google.com www.google.co.uk *.googleapis.com analytics
strict-transport-security
max-age=63072000; includeSubDomains; preload

Links to (6)

Linked from (6)