Open
Cached
·
just now
90/100
SECURITY SCORE
Certificate Information
Subject
CN=sourceforge.net
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
October 27, 2025
Valid Until
January 25, 2026
66 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
7B:FA:22:F2:C3:A5:F2:2C:B1:CF:AF:24:E6:2E:BB:46:18:0F:FF:99:CD:18:0B:53:8E:09:B0:1C:9D:D5:70:DE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
script-src; frame-src; upgrade-insecure-requests; +4 more
script-src 'self' adservice.google.com.kh adservice.google.al js.hs-banner.com adservice.google.com.pr adservice.google.cm adservice.google.sr adservice.google.sn adservice.google.com.ec adservice.google.to adservice.google.com.gi adservice.google.rw adservice.google.cg frontend.id-visitors.com adservice.google.gg adservice.google.co.jp adservice.google.ki *.pubmatic.com adservice.google.pt adservice.google.com.mm *.gstatic.cn adservice.google.com.ng adservice.google.com.cu adservice.google.com.my *.googleadsserving.cn adservice.google.at adservice.google.je adservice.google.com.pe adservice.google.co.cr adservice.google.com.gt adservice.google.co.bw adservice.google.dm adservice.google.co.ve adservice.google.com.uy http://*.pro-market.net adservice.google.com.tj adservice.google.tl *.uidapi.com a.fsdn.com *.ftstatic.com adservice.google.bg adservice.google.mv content-loader.com adservice.google.ad adservice.google.fi adservice.google.gm adservice.google.se adservice.google.com.np adservice.google.mu adservice.google.com.au adservice.google.cz adservice.google.com.ni adservice.google.kg adservice.google.kz *.gstatic.com adservice.google.so adservice.google.ps cmp.inmobi.com *.ybp.yahoo.com adservice.google.com.ly adservice.google.no *.fb.html-load.com adservice.google.is adservice.google.im adservice.google.com.ag adservice.google.ms *.33across.com adservice.google.lu adservice.google.com.vn *.recaptcha.net adservice.google.td recaptcha.net adservice.google.com.sa adservice.google.hr *.doubleverify.com *.content-loader.com adservice.google.as adservice.google.md adservice.google.dk adservice.google.com.sb adservice.google.com.ph adservice.google.ws pghub.io/js/pandg-sdk.js adservice.google.co.vi adservice.google.mk adservice.google.lt *.id5-sync.com adservice.google.rs adservice.google.com.jm adservice.google.vg adservice.google.tt *.adnxs.net adservice.google.ci *.betrad.com css-load.com adservice.google.be adservice.google.st adservice.google.it adservice.google.gy *.tiny.cloud *.truste.com adservice.google.cl adservice.google.ru adservice.google.es *.creativecdn.com adservice.google.co.id adservice.google.dj fe.sitedataprocessing.com adservice.google.fr js.hscollectedforms.net *.cloudflareinsights.com js.hs-analytics.net adservice.google.com.cy *.googlesyndication.com adservice.google.fm adservice.google.co.ke adservice.google.cd adservice.google.lv adservice.google.com.fj adservice.google.com.vc html-load.com *.inmobicdn.net *.sharethrough.com adservice.google.com.bh adservice.google.jo adservice.google.ae *.googletagmanager.com adservice.google.de *.consentmanager.net blob: adservice.google.nl adservice.google.com.sv adservice.google.pl adservice.google.cv adservice.google.co.ck as.sourceforge.net adservice.google.co.uz adservice.google.si adservice.google.lk adservice.google.com.eg adservice.google.com.pk adservice.google.com.co adservice.google.com.bn adservice.google.li adservice.google.az adservice.google.hn adservice.google.co.mz adservice.google.sm adservice.google.com.tr *.euid.eu adservice.google.com.bd adservice.google.com.sg *.amazon-adsystem.com adservice.google.com.pg adservice.google.bj *.adnxs.com *.hs-scripts.com adservice.google.co.nz adservice.google.ee adservice.google.dz adservice.google.com.bz adservice.google.bs *.criteo.net adservice.google.com.om adservice.google.com.et adservice.google.com.br *.sharethru.com adservice.google.ie http://b.sf-syn.com adservice.google.cf *.im-apps.net js.hsadspixel.net adservice.google.tm adservice.google.tn *.google-analytics.com adservice.google.co.zm adservice.google.tg adservice.google.ne *.crsspxl.com *.microsofttranslator.com a.usbrowserspeed.com adservice.google.com.af adservice.google.ch adservice.google.mw adservice.google.nu 07c225f3.online *.adsafeprotected.com adservice.google.ml adservice.google.mn adservice.google.la http://c.sf-syn.com adservice.google.co.in adservice.google.co.zw adservice.google.com.na d-code.liadm.com *.trustarc.com adservice.google.ht js.usemessages.com *.flashtalking.com *.licdn.com adservice.google.me adservice.google.co.kr adservice.google.com.pa j.6sc.co adservice.google.gr adservice.google.bt translate.google.cn *.css-load.com adservice.google.com.mx adservice.google.com.ar adservice.google.co.ls adservice.google.com.mt *.html-load.com adservice.google.com.hk *.crwdcntrl.net *.adtrafficquality.google adservice.google.iq adservice.google.co.ao adservice.google.ge ml314.com adservice.google.bf adservice.google.com.kw adservice.google.sc *.doubleclick.net adservice.google.co.uk *.identitymatrix.ai adservice.google.com.bo *.google.com *.07c225f3.online adservice.google.bi *.ampproject.org adservice.google.co.ug *.fb.content-loader.com adservice.google.co.il *.a47b.com adservice.google.hu adservice.google.ga adservice.google.co.tz *.tds.bid *.permutive.app adservice.google.co.th adservice.google.gt adservice.google.mg adservice.google.com.ai adservice.google.com.tw adservice.google.vu *.googletagservices.com adservice.google.ro adservice.google.nr *.bing.com adservice.google.com.lb adservice.google.gl adservice.google.com.qa *.slashdotmedia.com adservice.google.com.gh adservice.google.ca *.openxcdn.net translate.googleapis.com cdn.jsdelivr.net/gh/prebid/shared-id/ adservice.google.co.za adservice.google.com.py adservice.google.sk *.as.sourceforge.net adservice.google.com.ua 'unsafe-inline' 'unsafe-eval'; frame-src 'self' a.fsdn.com *.google.com http://c.sf-syn.com http://b.sf-syn.com *.googletagmanager.com *.doubleclick.net *.gstatic.com *.recaptcha.net recaptcha.net *.youtube.com www.youtube-nocookie.com *.consentmanager.net *.googlesyndication.com *.safeframe.usercontent.goog *.adtrafficquality.google *.googleadservices.com *.adnxs.com *.indexww.com *.rubiconproject.com *.criteo.com *.openx.net *.crsspxl.com http://*.pro-market.net *.pubmatic.com *.smartadserver.com *.lijit.com *.adnxs-simple.com error-report.com *.error-report.com html-load.com *.html-load.com *.fb.html-load.com content-loader.com *.content-loader.com *.fb.content-loader.com css-load.com *.css-load.com 07c225f3.online *.07c225f3.online as.sourceforge.net *.as.sourceforge.net app.hubspot.com *.amazon-adsystem.com; upgrade-insecure-requests; frame-ancestors 'self'; form-action 'self' lists.sourceforge.net; object-src 'none'; fenced-frame-src https:
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
geolocation=(), microphone=(), camera=(), payment=(), document-domain=(), display-capture=(), autoplay=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports