Open
Cached
·
just now
19
Headers
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
script-src; frame-ancestors; upgrade-insecure-requests; +4 more
script-src 'self' *.licdn.com a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.cloudflareinsights.com *.google-analytics.com *.tiny.cloud *.recaptcha.net recaptcha.net *.gstatic.com *.googletagservices.com *.googlesyndication.com *.doubleclick.net *.googletagmanager.com *.consentmanager.net *.microsofttranslator.com translate.googleapis.com translate.google.cn *.gstatic.cn *.tds.bid *.adnxs.com *.bing.com *.googleadsserving.cn *.adtrafficquality.google *.doubleverify.com *.ampproject.org *.criteo.net *.creativecdn.com *.crwdcntrl.net *.uidapi.com *.im-apps.net *.euid.eu *.openxcdn.net *.id5-sync.com cdn.jsdelivr.net/gh/prebid/shared-id/ *.pubmatic.com *.33across.com *.permutive.app *.adnxs.com *.adnxs.net *.ybp.yahoo.com *.sharethrough.com *.sharethru.com pghub.io/js/pandg-sdk.js *.a47b.com *.adsafeprotected.com *.flashtalking.com *.ftstatic.com *.betrad.com *.truste.com *.trustarc.com *.slashdotmedia.com *.crsspxl.com http://*.pro-market.net ml314.com html-load.com *.html-load.com *.fb.html-load.com content-loader.com *.content-loader.com *.fb.content-loader.com css-load.com *.css-load.com 07c225f3.online *.07c225f3.online cmp.inmobi.com *.inmobicdn.net blob: as.sourceforge.net *.as.sourceforge.net j.6sc.co *.hs-scripts.com js.hsadspixel.net js.hs-analytics.net js.hs-banner.com js.hscollectedforms.net js.usemessages.com *.amazon-adsystem.com fe.sitedataprocessing.com a.usbrowserspeed.com d-code.liadm.com frontend.id-visitors.com *.identitymatrix.ai 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self'; upgrade-insecure-requests; frame-src 'self' a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.googletagmanager.com *.doubleclick.net *.gstatic.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.consentmanager.net *.googlesyndication.com *.safeframe.usercontent.goog *.adtrafficquality.google *.googleadservices.com *.adnxs.com *.indexww.com *.rubiconproject.com *.criteo.com *.openx.net *.crsspxl.com http://*.pro-market.net *.pubmatic.com *.smartadserver.com *.lijit.com *.adnxs-simple.com error-report.com *.error-report.com html-load.com *.html-load.com *.fb.html-load.com content-loader.com *.content-loader.com *.fb.content-loader.com css-load.com *.css-load.com 07c225f3.online *.07c225f3.online as.sourceforge.net *.as.sourceforge.net app.hubspot.com *.amazon-adsystem.com; form-action 'self' lists.sourceforge.net; fenced-frame-src https:; object-src 'none'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
geolocation=(), microphone=(), camera=(), payment=(), document-domain=(), display-capture=(), autoplay=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
Performance Headers
1 headers
Connection
Performance
keep-alive
Caching Headers
2 headers
Cache-Control
Caching
no-cache
Pragma
Caching
no-cache
Content Headers
2 headers
Content-Length
Content
155664
Content-Type
Content
text/html; charset=utf-8
Server Headers
1 headers
Server
Server
cloudflare
CORS Headers
0 headers
No CORS headers found
Cookies Headers
1 headers
Set-Cookie
Cookies
__cf_bm=1vYE8sKqyiSTo28i3EZWJ1b3w8NPuQc3buiCUDi2k5g-1763677353-1.0.1.1-22sVc2fJ_fqys_WWfuZv8e7BWJqWTQFWo6.lt9jMS_QiaPkEI63CQMf4FcPNEaUwhf5nFSjYusiW6fgPmNSIBpiCLPBlQrJ_ZlIeLsAth5Y; path=/; expires=Thu, 20-Nov-25 22:52:33 GMT; domain=.sourceforge.net; HttpOnly; Secure; SameSite=None
Other Headers
6 headers
Alt-Svc
Other
h3=":443"; ma=86400
Cf-Cache-Status
Other
DYNAMIC
Cf-Ray
Other
9a1b58c399bec9b0-IAD
Date
Other
Thu, 20 Nov 2025 22:22:33 GMT
Feature-Policy
Other
geolocation 'none'; microphone 'none'; camera 'none'; payment 'none'; document-domain 'none'; display-capture 'none'; autoplay 'none'
Link
Other
<https://a.fsdn.com/con/js/sftheme/vendor/bizx-prebid.js?1763583265>; rel=preload; as=script, <https://a.fsdn.com/con/js/min/sf.sandiego-cmp-top.js?1763583265>; rel=preload; as=script, <https://c.amazon-adsystem.com/aax2/apstag.js>; rel=preload; as=script, <https://a.fsdn.com/con/css/fonts/sftheme/lato-v20-latin-ext_latin-regular.woff2>; rel=preload; as=font; crossorigin, <https://a.fsdn.com/con/css/fonts/sftheme/lato-v20-latin-ext_latin-700.woff2>; rel=preload; as=font; crossorigin, <https://a.fsdn.com/con/css/lato.css?1763583265>; rel=preload; as=style, <https://a.fsdn.com/con/css/sandiego.css?1763583265>; rel=preload; as=style, <https://a.fsdn.com/con/js/min/sf.sandiego-head.js?1763583265>; rel=preload; as=script
Recommendations
Enable compression (gzip/brotli) to improve performance
Analysis completed in 378ms