SSL Verification Bypassed
The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.
Reason:
Hostname Mismatch - certificate is issued for account.api.here.com, account.here.com, cc.account.api.here.com, cc.account.here.com, prd.api.eu-west-1.account.here.com, prd.api.us-east-1.account.here.com, prd.api.us-west-2.account.here.com, prd.eu-west-1.account.here.com, prd.us-east-1.account.here.com, not for cc.api.us-west-2.account.here.com
Open
Cached
·
just now
24
Headers
Detected Technologies from Headers
Adobe Marketo
Akamai
Algolia
AWS CloudFront
Cloudflare
Cloudflare CDN
Dun & Bradstreet DirectPlus
Flourish
Google API JS Client
Google DoubleClick
Google Search
Google Static File Front End
Google Tag Manager
jsDelivr
Kaltura
LinkedIn
New Relic
Next.js
Omniconvert
Tealium
Vercel
Vidyard
Vimeo
YouTube
Google Cloud
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Connection
close
Vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch
connection: close vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch
Caching Headers
Age
570
Cache-Control
public, max-age=0, must-revalidate
Etag
"xo8r33b48n587s"
age: 570 cache-control: public, max-age=0, must-revalidate etag: "xo8r33b48n587s"
Content Headers
Content-Length
243956
Content-Type
text/html; charset=utf-8
content-length: 243956 content-type: text/html; charset=utf-8
Server Headers
Server
Vercel
X-Powered-By
Next.js
server: Vercel x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Mon, 27 Apr 2026 01:48:25 GMT
Via
1.1 b7cbbb5fc9e4636e7dedd6e4f6aa0eaa.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wJFg5CXCH7gzM1MaL8AVyCIfgrUYAYRoACr9JxILRcsO9uVXiwzCIg==
X-Amz-Cf-Pop
IAD61-P12
X-Cache
Miss from cloudfront
X-Matched-Path
/
X-Nextjs-Prerender
1
X-Nextjs-Stale-Time
4294967294
X-Vercel-Cache
HIT
X-Vercel-Id
iad1::iad1::8d5hn-1777255076768-6d7263dda8c1
date: Mon, 27 Apr 2026 01:48:25 GMT via: 1.1 b7cbbb5fc9e4636e7dedd6e4f6aa0eaa.cloudfront.net (CloudFront) x-amz-cf-id: wJFg5CXCH7gzM1MaL8AVyCIfgrUYAYRoACr9JxILRcsO9uVXiwzCIg== x-amz-cf-pop: IAD61-P12 x-cache: Miss from cloudfront x-matched-path: / x-nextjs-prerender: 1 x-nextjs-stale-time: 4294967294 x-vercel-cache: HIT x-vercel-id: iad1::iad1::8d5hn-1777255076768-6d7263dda8c1
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology