Open
Cached
·
just now
24
Headers
Detected Technologies from Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
Performance Headers
Accept-Ranges
bytes
Connection
close
Vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding,Origin
accept-ranges: bytes connection: close vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding,Origin
Caching Headers
Age
36
Cache-Control
public, max-age=60, stale-while-revalidate=60
age: 36 cache-control: public, max-age=60, stale-while-revalidate=60
Content Headers
Content-Length
248103
Content-Type
text/html; charset=utf-8
content-length: 248103 content-type: text/html; charset=utf-8
Server Headers
X-Powered-By
Next.js
x-powered-by: Next.js
CORS Headers
No CORS headers found
Cookies Headers
Other Headers
Date
Tue, 28 Apr 2026 00:49:45 GMT
Link
rel=preload
as=font
crossorigin
type=font/woff2
rel=preload
as=font
crossorigin
type=font/woff2
rel=preload
as=font
crossorigin
type=font/woff2
Via
1.1 38842c146ccd8f527d2de72671759d96.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
X-Amz-Cf-Id
DbNnRtkzQdsazUB9Mmzxe589qn5zVMug75dU10KKKuogLIlwP3j3Iw==
X-Amz-Cf-Pop
SEA900-P9
X-Amzn-Remapped-Connection
keep-alive
X-Amzn-Remapped-Date
Tue, 28 Apr 2026 00:49:08 GMT
X-Amzn-Requestid
fce0945c-b258-4788-b8f9-2c5a8fc143db
X-Amzn-Trace-Id
Root=1-69f00404-7a559aeb449b3c741e7ce0b3;Parent=7875cd50e27b95eb;Sampled=0;Lineage=1:ca9b16fd:0
X-Cache
Miss from cloudfront, HIT, MISS
X-Cache-Hits
1, 0
X-Correlation-Id
dbd40e6d-df68-4ab0-a63e-9c1d7a747d0e
X-Served-By
cache-bfi-krnt7300055-BFI, cache-ewr-kewr1740050-EWR
X-Timer
S1777337385.989000,VS0,VE65
date: Tue, 28 Apr 2026 00:49:45 GMT link: <https://www.nearmap.com/static/_next/static/media/baf189c215c76387-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", <https://www.nearmap.com/static/_next/static/media/bd5cb8d9c6fd6413-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", <https://www.nearmap.com/static/_next/static/media/f7e28de6d6bf52b7-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2" via: 1.1 38842c146ccd8f527d2de72671759d96.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish x-amz-cf-id: DbNnRtkzQdsazUB9Mmzxe589qn5zVMug75dU10KKKuogLIlwP3j3Iw== x-amz-cf-pop: SEA900-P9 x-amzn-remapped-connection: keep-alive x-amzn-remapped-date: Tue, 28 Apr 2026 00:49:08 GMT x-amzn-requestid: fce0945c-b258-4788-b8f9-2c5a8fc143db x-amzn-trace-id: Root=1-69f00404-7a559aeb449b3c741e7ce0b3;Parent=7875cd50e27b95eb;Sampled=0;Lineage=1:ca9b16fd:0 x-cache: Miss from cloudfront, HIT, MISS x-cache-hits: 1, 0 x-correlation-id: dbd40e6d-df68-4ab0-a63e-9c1d7a747d0e x-served-by: cache-bfi-krnt7300055-BFI, cache-ewr-kewr1740050-EWR x-timer: S1777337385.989000,VS0,VE65
Recommendations
Enable compression (gzip/brotli) to improve performance
Consider removing X-Powered-By header to hide server technology