XenForo.com: "Heartbleed" header links to a domain that has changed hands


Well-known member
XenForo.com sends a Heartbleed header with responses. The domain included in this header recently dropped and was re-registered, likely by a different entity. The URL is no longer accessible, and there's no indication as to the intentions of the new owner.


Well-known member
I'm not seeing it:

HTTP/1.1 200 OK =>
Date => Wed, 09 Nov 2022 19:16:22 GMT
Content-Type => text/html; charset=utf-8
Connection => close
x-frame-options => SAMEORIGIN
x-content-type-options => nosniff
last-modified => Wed, 09 Nov 2022 19:16:22 GMT
expires => Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control => private, no-cache, max-age=0
vary => Accept-Encoding
set-cookie => xf_csrf=ZrWE3dcs8fDcumGH; path=/; secure
heartbleed => NO; see http://heartbleedheader.com
CF-Cache-Status => DYNAMIC
Server => cloudflare
CF-RAY => 7678e1e97bae5797-IAD


Well-known member
I'm not sure what you're asking. If you are currently using that URL in a header, you should remove it. You can continue to use the header, but not that URL.