Open
Cached
·
just now
18
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
frame-src; upgrade-insecure-requests; form-action; +4 more
frame-src 'self' a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.googletagmanager.com *.doubleclick.net *.gstatic.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.consentmanager.net *.googlesyndication.com *.safeframe.usercontent.goog *.adtrafficquality.google *.googleadservices.com *.adnxs.com *.indexww.com *.rubiconproject.com *.criteo.com *.openx.net *.crsspxl.com http://*.pro-market.net *.pubmatic.com *.smartadserver.com *.lijit.com *.adnxs-simple.com error-report.com *.error-report.com html-load.com *.html-load.com *.fb.html-load.com content-loader.com *.content-loader.com *.fb.content-loader.com css-load.com *.css-load.com 07c225f3.online *.07c225f3.online as.sourceforge.net *.as.sourceforge.net app.hubspot.com *.amazon-adsystem.com; upgrade-insecure-requests; form-action 'self' lists.sourceforge.net; script-src 'self' *.licdn.com a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.cloudflareinsights.com *.google-analytics.com *.tiny.cloud *.recaptcha.net recaptcha.net *.gstatic.com *.googletagservices.com *.googlesyndication.com *.doubleclick.net *.googletagmanager.com *.consentmanager.net *.microsofttranslator.com translate.googleapis.com translate.google.cn *.gstatic.cn *.tds.bid *.adnxs.com *.bing.com *.googleadsserving.cn *.adtrafficquality.google *.doubleverify.com *.ampproject.org *.criteo.net *.creativecdn.com *.crwdcntrl.net *.uidapi.com *.im-apps.net *.euid.eu *.openxcdn.net *.id5-sync.com cdn.jsdelivr.net/gh/prebid/shared-id/ *.pubmatic.com *.33across.com *.permutive.app *.adnxs.com *.adnxs.net *.ybp.yahoo.com *.sharethrough.com *.sharethru.com pghub.io/js/pandg-sdk.js *.a47b.com *.adsafeprotected.com *.flashtalking.com *.ftstatic.com *.betrad.com *.truste.com *.trustarc.com *.slashdotmedia.com *.crsspxl.com http://*.pro-market.net ml314.com html-load.com *.html-load.com *.fb.html-load.com content-loader.com *.content-loader.com *.fb.content-loader.com css-load.com *.css-load.com 07c225f3.online *.07c225f3.online cmp.inmobi.com *.inmobicdn.net blob: as.sourceforge.net *.as.sourceforge.net j.6sc.co *.hs-scripts.com js.hsadspixel.net js.hs-analytics.net js.hs-banner.com js.hscollectedforms.net js.usemessages.com *.amazon-adsystem.com fe.sitedataprocessing.com a.usbrowserspeed.com d-code.liadm.com frontend.id-visitors.com *.identitymatrix.ai 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'; object-src 'none'; fenced-frame-src https:
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
geolocation=(), microphone=(), camera=(), payment=(), document-domain=(), display-capture=(), autoplay=()
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
Performance Headers
1 headers
Connection
Performance
keep-alive
Caching Headers
2 headers
Cache-Control
Caching
no-cache
Pragma
Caching
no-cache
Content Headers
2 headers
Content-Length
Content
54137
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=zuyLU1n5JwnHkFODpW97tm1VbUc.47tdk.DecA4Ld2M-1763751499-1.0.1.1-iYWfYaaAryCRGArvtaxuljmNnOYz5DxYfg2hvuBDFG0tujOmg1uQv6QA2WRcCe3XU2d._itdH1X5Gpzbub1EJdQeLbRmNALy0.lgMKGN_tU; path=/; expires=Fri, 21-Nov-25 19:28:19 GMT; domain=.sourceforge.net; HttpOnly; Secure; SameSite=None
Other Headers
6 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9a226af33b5ba177-IAD
Date
Other
Fri, 21 Nov 2025 18:58:19 GMT
Feature-Policy
Other
geolocation 'none'; microphone 'none'; camera 'none'; payment 'none'; document-domain 'none'; display-capture 'none'; autoplay 'none'
Link
Other
<https://a.fsdn.com/con/js/min/sf.sandiego-cmp-top.js?1763739896>; rel=preload; as=script, <https://a.fsdn.com/con/css/fonts/sftheme/lato-v20-latin-ext_latin-regular.woff2>; rel=preload; as=font; crossorigin, <https://a.fsdn.com/con/css/fonts/sftheme/lato-v20-latin-ext_latin-700.woff2>; rel=preload; as=font; crossorigin, <https://a.fsdn.com/con/css/lato.css?1763739896>; rel=preload; as=style, <https://a.fsdn.com/con/css/sandiego.css?1763739896>; rel=preload; as=style, <https://a.fsdn.com/con/js/min/sf.sandiego-head.js?1763739896>; rel=preload; as=script
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 728ms