owasp.org
Open in
urlscan Pro
172.67.10.39
Public Scan
Submission: On October 03 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2023. Valid for: a year.
This is the only time owasp.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 172.67.10.39 172.67.10.39 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 216.239.34.178 216.239.34.178 | 15169 (GOOGLE) (GOOGLE) | |
1 | 185.199.109.153 185.199.109.153 | 54113 (FASTLY) (FASTLY) | |
1 | 140.82.121.6 140.82.121.6 | 36459 (GITHUB) (GITHUB) | |
30 | 4 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
buttons.github.io |
ASN36459 (GITHUB, US)
PTR: lb-140-82-121-6-fra.github.com
api.github.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
owasp.org
owasp.org — Cisco Umbrella Rank: 185331 |
778 KB |
1 |
github.com
api.github.com — Cisco Umbrella Rank: 4663 |
3 KB |
1 |
github.io
buttons.github.io — Cisco Umbrella Rank: 101767 |
7 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
30 | 4 |
Domain | Requested by | |
---|---|---|
27 | owasp.org |
owasp.org
|
1 | api.github.com |
buttons.github.io
|
1 | buttons.github.io |
owasp.org
|
1 | www.google-analytics.com |
owasp.org
|
30 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-04 - 2024-05-03 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
*.github.io DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-21 - 2024-03-20 |
a year | crt.sh |
*.github.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-16 - 2024-03-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://owasp.org/www-community/OWASP_Application_Security_FAQ
Frame ID: CB22E00FDBC41888869EC34BC34AEBAD
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
OWASP Application Security FAQ | OWASP FoundationDetected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
60 Outgoing links
These are links going to different origins than the main page.
Title: Start a New Project...
Search URL Search Domain Scan URL
Title: Start a Local Chapter...
Search URL Search Domain Scan URL
Title: OWASP Global AppSec Singapore 2023
Search URL Search Domain Scan URL
Title: OWASP Global AppSec DC 2023
Search URL Search Domain Scan URL
Title: Membership Portal
Search URL Search Domain Scan URL
Title: Subscribe to our Mailing List
Search URL Search Domain Scan URL
Title: Video
Search URL Search Domain Scan URL
Title: making it harder to inverse the hash
Search URL Search Domain Scan URL
Title: Securiteam site
Search URL Search Domain Scan URL
Title: SQL Injection in Oracle
Search URL Search Domain Scan URL
Title: more detail
Search URL Search Domain Scan URL
Title: ZAP
Search URL Search Domain Scan URL
Title: Penetration Testing Learning Center
Search URL Search Domain Scan URL
Title: Achilles
Search URL Search Domain Scan URL
Title: bindshell.net
Search URL Search Domain Scan URL
Title: zaproxy.org
Search URL Search Domain Scan URL
Title: Caching Tutorial for Web Authors and Webmasters by Mark Nottingham
Search URL Search Domain Scan URL
Title: HTTP RFC (sec14.9.1)
Search URL Search Domain Scan URL
Title: topic
Search URL Search Domain Scan URL
Title: httpcookies
Search URL Search Domain Scan URL
Title: detail
Search URL Search Domain Scan URL
Title: IIS web server
Search URL Search Domain Scan URL
Title: mod_security
Search URL Search Domain Scan URL
Title: Servermask for faking banners of IIS
Search URL Search Domain Scan URL
Title: Fire & Water
Search URL Search Domain Scan URL
Title: tool httprint
Search URL Search Domain Scan URL
Title: net-square.com
Search URL Search Domain Scan URL
Title: Burp Suite
Search URL Search Domain Scan URL
Title: limitations of automated scanning
Search URL Search Domain Scan URL
Title: what a scanner can’t find
Search URL Search Domain Scan URL
Title: VulnHub
Search URL Search Domain Scan URL
Title: Hack This Site
Search URL Search Domain Scan URL
Title: Hack the Box
Search URL Search Domain Scan URL
Title: Damn Vulnerable Web Application
Search URL Search Domain Scan URL
Title: Rough Auditing Tool for Security (RATS)
Search URL Search Domain Scan URL
Title: editing and logging
Search URL Search Domain Scan URL
Title: here
Search URL Search Domain Scan URL
Title: HOW TO: Secure XML Web Services with Secure Socket Layer in Windows 2000”
Search URL Search Domain Scan URL
Title: Secure your sessions with Page Tokens
Search URL Search Domain Scan URL
Title: App Hardening and Shielding
Search URL Search Domain Scan URL
Title: OWASP Guide to Building Secure Web Application and Web Services
Search URL Search Domain Scan URL
Title: Securing Web-Based Services
Search URL Search Domain Scan URL
Title: Secure Programming for Linux and Unix HOWTO
Search URL Search Domain Scan URL
Title: Michael Howard, David LeBlanc and John Viega
Search URL Search Domain Scan URL
Title: Edit on GitHub
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
OWASP_Application_Security_FAQ
owasp.org/www-community/ |
87 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js.cookie.min.js
owasp.org/www--site-theme/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
owasp.org/www--site-theme/assets/css/ |
128 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.1.min.js
owasp.org/www--site-theme/assets/js/ |
85 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
util.js
owasp.org/www--site-theme/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yaml.min.js
owasp.org/www--site-theme/assets/js/ |
42 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kjua.min.js
owasp.org/www--site-theme/assets/js/ |
28 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.js
buttons.github.io/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
owasp.org/assets/images/ |
11 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
owasp.org/assets/fontawesome/ |
74 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ubuntu-regular.woff2
owasp.org/assets/font/ |
29 KB 29 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ubuntu-medium.woff2
owasp.org/assets/font/ |
28 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
owasp.org/assets/fontawesome/ |
73 KB 73 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner-data.yml
owasp.org/www-community/assets/sitedata/ |
734 B 995 B |
XHR
text/yaml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popup-data.yml
owasp.org/www-community/assets/sitedata/ |
1 KB 2 KB |
XHR
text/yaml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menus.json
owasp.org/www--site-theme/assets/sitedata/ |
6 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
events.yml
owasp.org/assets/sitedata/ |
3 KB 3 KB |
XHR
text/yaml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
corp_members.yml
owasp.org/assets/sitedata/ |
121 KB 122 KB |
XHR
text/yaml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tenable_logo.png
owasp.org/assets/images/corp-member-logo/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GrammarlyLogo.png
owasp.org/assets/images/corp-member-logo/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Arnica.png
owasp.org/assets/images/corp-member-logo/ |
7 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qualys.png
owasp.org/assets/images/corp-member-logo/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
openappsec_CheckPointlogo_owasp.png
owasp.org/assets/images/corp-member-logo/ |
158 KB 158 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Scitum.png
owasp.org/assets/images/corp-member-logo/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EPAMSystemsLogo.jpeg
owasp.org/assets/images/corp-member-logo/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bionic_logo_1.png
owasp.org/assets/images/corp-member-logo/ |
13 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkmarx.png
owasp.org/assets/images/corp-member-logo/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invicti_logo_300x90_black.png
owasp.org/assets/images/corp-member-logo/ |
4 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
www-community
api.github.com/repos/owasp/ |
13 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| Cookies function| handleOutboundLinkClicks function| $ function| jQuery function| YAML function| kjua function| issearch object| events object| members object| plat_indices object| gold_indices object| other_indices function| get_next_member object| banneryaml object| popyaml string| url object| eventsyml string| e string| evnt object| member number| chosenIndex number| pIndex number| cycleIndex boolean| searchitem object| google_tag_data function| ga object| gaplugins0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https://api.github.com https://*.githubusercontent.com https://*.google-analytics.com https://owaspadmin.azurewebsites.net https://*.twimg.com https://platform.twitter.com https://www.youtube.com https://*.doubleclick.net; frame-ancestors 'self'; frame-src https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.sched.com https://*.google.com https://*.twitter.com https://www.youtube.com https://w.soundcloud.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://fonts.googleapis.com https://app.diagrams.net https://cdnjs.cloudflare.com https://cse.google.com https://*.vuejs.org https://*.stripe.com https://*.wufoo.com https://*.youtube.com https://*.meetup.com https://*.sched.com https://*.google-analytics.com https://unpkg.com https://buttons.github.io https://www.google.com https://*.gstatic.com https://*.twitter.com https://*.twimg.com; style-src 'self' 'unsafe-inline' https://*.gstatic.com https://cdnjs.cloudflare.com https://www.google.com https://fonts.googleapis.com https://platform.twitter.com https://*.twimg.com data:; font-src 'self' fonts.gstatic.com; manifest-src 'self' https://pay.google.com; img-src 'self' https://*.globalappsec.org data: www.w3.org https://*.bestpractices.dev https://licensebuttons.net https://img.shields.io https://*.twitter.com https://github.githubassets.com https://*.twimg.com https://platform.twitter.com https://*.githubusercontent.com https://*.vercel.app https://*.cloudfront.net https://*.coreinfrastructure.org https://*.securityknowledgeframework.org https://badges.gitter.im https://travis-ci.org https://api.travis-ci.org https://s3.amazonaws.com https://snyk.io https://coveralls.io https://requires.io https://github.com https://*.googleapis.com https://*.google.com https://*.gstatic.com |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.github.com
buttons.github.io
owasp.org
www.google-analytics.com
140.82.121.6
172.67.10.39
185.199.109.153
216.239.34.178
0738580e85e7fdef026f377d497b2791985a1b161bb9b573ed15798e1d91ea48
083a1ae7bf2402aad2d5875ee80a97131b57acb896897f74d5e0650050880346
170f687d11f38905479e6ce85bf3bcbb5fd648c195df7ee25ba59507dd50cb66
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
23f20472d9325e91615ec8e0c4c9131004958dbd46dd8fbd3de795fb594a395f
3c36fbd29afc6794854a95aa9e707574da335377067d13bc8f4ee6c8fe7036d9
44beeee5122983409ccd274c152f020a953c769cfaf3bd13a31eb276abf5ec55
49d53e6675b016733f6182691c54abe1e0d2c0f4c979ba3ec75583f756b36548
53d3b023092e049484c4e39ce6f50d1b8dd10074795e66da06e1140792a91d9a
582cc085dd8fea044917d1efde838e77e845262fd025bbfe0339f808607c81f6
5e9679f33e0b964657d4d1196612db8fc184829f12d5a7d71580e604aaef8da1
66bf051c02926d6a928217c001ac52b239880dd7ae5c73346d946876274f04be
7d515c0862c758debefe4dfbae52305d10a9c253035c12ae1e9904a943bb4233
8353bfdd1cd583ffe3544362614c1a262e7d6186d557eb73606789958ce56cd6
8565a2bb056746aea663c4d9a0a4a85e431f07bb9d70533c6f025e44948fa458
85a4805934ba775aa7e17fa33654f9459271e437473172ff347adca3c9d9225a
876474d72e348aedb5d6051a83bd583bd1374914d6a7fb40a7966a89e9585426
8902e5836a324eae0ab281a9be7d62683e025d503ce6778cce6768fb908c1089
97c6f4c2604005cd91e9c61e352b2b7c528dcc7bb0b5ad3146c45896fe91c95d
b8ccdf0e45f181fc04f0d202779fff71aa76f27f0428a792e0e6f13fe1d0b085
b99660d51cd8a2850bf72971ae1547abc4a30991c6d50d0eeee18631b47fbc87
cbe2121765e2f3e921a42bcb9b0c78635b68cee1dccd1b1ec31089b9382ff514
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d79d6dac4e2b49006253389b6ac4f74e0c19acddfba25f5e6abfcebacea8e65d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e7ff87211a6a1e788fdea117ba81b8676bd41189423ebde72ed7fe19447acdf5
ea313025ebfe6e5677fceab5f9bfa510ec1f4da1312358339f00b0d26f45a447
ef6559103903953e244a5ffee1101b36faff6d5bd378d44a4514944b643434de
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fde332bb80f7bf17c0eb2e9967e978decdc7d4d45ff92c30c316b2b8f3d37c48