Home
apache.org
Scanned: 10:20:46+0000 on 16 September 2025
{
"time": 1758018046.1740873,
"raw_target": "apache.org",
"has_contact": true,
"target": "apache.org",
"scan_type": "domain",
"message": "apache.org",
"domain_details": {
"a_records": [
"151.101.2.132"
],
"cname_records": [],
"txt_records": [
"MS=E03FCF4BFDA6010D863CDB04B4F156E4C480ACA5",
"_globalsign-domain-verification=VPemhDee0EKRXi0IPzeSUrn849jHevrjIaTeDYOTZ4",
"atlassian-domain-verification=ymLFB7Wz8ScIJsja5lQgqHkFZGayJH7z0M3DAUwmeTFBvxJWz7rs9OqateFxBIb4",
"google-site-verification=y9Wki74vQ-HO4aXrJ-TzmPvLf8itBqrQTPjyAHktuMo",
"spf2.0/pra ?all",
"v=spf1 include:_spf.apache.org -all"
],
"time": 0,
"dns_resolve_time": 1758018046.1991293
},
"dnssecuritytxt": {
"security_contact": null,
"security_policy": null,
"matching_domain": null
},
"port": 443,
"certificate": {
"issuer": "/C=US/O=Let's Encrypt/CN=R11",
"notAfter": "2025-11-16 03:08:14 UTC",
"notBefore": "2025-08-18 03:08:15 UTC",
"serialNumber": 479395453962818378537984980817570985522753,
"subject": "/CN=apache.org",
"keyUsage": [
"Digital Signature, Key Encipherment"
],
"extendedKeyUsage": [
"TLS Web Server Authentication, TLS Web Client Authentication"
],
"basicConstraints": [
"CA:FALSE"
],
"subjectKeyIdentifier": [
"0C:F4:61:88:40:74:61:D7:35:A9:F5:71:97:D0:E7:F8:C0:D8:5E:E3"
],
"authorityKeyIdentifier": [
"C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9"
],
"authorityInfoAccess": [
{
"CA Issuers - URI": "http://r11.i.lencr.org/"
}
],
"subjectAltName": {
"DNS": [
"apache.org"
]
},
"certificatePolicies": [
"Policy: 2.23.140.1.2.1"
],
"crlDistributionPoints": [
"Full Name:",
{
"URI": "http://r11.c.lencr.org/66.crl"
}
],
"ct_precert_scts": [
"Signed Certificate Timestamp:",
"Version : v1 (0x0)",
"Log ID : ED:3C:4B:D6:E8:06:C2:A4:A2:00:57:DB:CB:24:E2:38:",
"01:DF:51:2F:ED:C4:86:C5:70:0F:20:DD:B7:3E:3F:E0",
"Timestamp : Aug 18 04:06:45.062 2025 GMT",
"Extensions: none",
"Signature : ecdsa-with-SHA256",
"30:45:02:20:27:C3:C2:32:B1:77:D0:D4:16:13:E5:00:",
"C5:79:5B:03:8D:D2:6D:64:EA:34:2C:04:90:F4:48:C3:",
"D2:E8:9B:19:02:21:00:9A:F7:AD:BF:73:3D:0F:BA:14:",
"3E:B5:A4:B2:5B:A7:21:19:A7:2C:B7:0B:56:EA:60:8E:",
"21:65:E3:3B:D7:C1:83",
"Log ID : 0D:E1:F2:30:2B:D3:0D:C1:40:62:12:09:EA:55:2E:FC:",
"47:74:7C:B1:D7:E9:30:EF:0E:42:1E:B4:7E:4E:AA:34",
"Timestamp : Aug 18 04:06:45.063 2025 GMT",
"30:45:02:21:00:CB:AF:CB:54:8F:CA:49:68:91:77:E2:",
"7A:A0:E0:B8:B3:FD:C0:4C:0F:57:23:09:A7:1D:24:5F:",
"3E:DE:23:32:40:02:20:21:58:1D:FA:72:3C:8F:F6:01:",
"65:6C:7F:D5:E6:87:D2:A6:22:66:98:B5:EC:56:53:BA:",
"16:64:BE:21:97:45:07"
]
},
"http_security_txt": {
"url": "https://apache.org/.well-known/security.txt",
"status_code": 200,
"has_contact": true,
"valid_https": true,
"valid_content_type": true,
"full_text": "Contact: https://security.apache.org/report/\nPolicy: https://security.apache.org/report/\n\n# https://www.apache.org/foundation/policies/conduct#diversity-statement\nPreferred-Languages: en\n\n# https://www.rfc-editor.org/rfc/rfc9116#section-2.5.5\nExpires: 2026-03-18T00:00:00Z",
"min_text": "Contact: https://security.apache.org/report/\nPolicy: https://security.apache.org/report/\nPreferred-Languages: en\nExpires: 2026-03-18T00:00:00Z\n",
"items": {
"Acknowledgements": [],
"Canonical": [],
"Contact": [
"https://security.apache.org/report/"
],
"Encryption": [],
"Preferred-Languages": "en",
"Expires": "2026-03-18T00:00:00Z",
"Hiring": [],
"Policy": [
"https://security.apache.org/report/"
]
},
"headers": {
"server": "Apache",
"last-modified": "Tue, 18 Mar 2025 17:23:23 GMT",
"etag": "\"111-630a12977e66a-gzip\"",
"cache-control": "max-age=3600",
"expires": "Tue, 16 Sep 2025 11:05:55 GMT",
"content-encoding": "gzip",
"access-control-allow-origin": "*",
"content-security-policy": "default-src 'self' data: 'unsafe-inline' https://www.apachecon.com/ https://analytics.apache.org/ http://analytics.apache.org/ https://www.youtube-nocookie.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://analytics.apache.org/ http://analytics.apache.org/ https://www.youtube-nocookie.com https://www.youtube.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; img-src 'self' data: https://www.apache.org/ https://www.apachecon.com/;",
"access-control-expose-headers": "Content-Security-Policy",
"content-type": "text/plain",
"via": "1.1 varnish, 1.1 varnish",
"accept-ranges": "bytes",
"age": "890",
"date": "Tue, 16 Sep 2025 10:20:46 GMT",
"x-served-by": "cache-hel1410021-HEL, cache-sjc1000093-SJC",
"x-cache": "HIT, MISS",
"x-cache-hits": "1, 0",
"x-timer": "S1758018046.292945,VS0,VE157",
"vary": "Accept-Encoding",
"strict-transport-security": "max-age=31536000; includeSubDomains; preload",
"content-length": "190"
},
"http_version": "HTTP/2",
"redirects": [
{
"type": "200",
"val": "https://apache.org/.well-known/security.txt",
"https": true,
"http_version": "HTTP/2"
}
],
"type": "https_well-known"
},
"rank": 315
}
dnssecuritytxt (DNS)
You can find out more about dnssecuritytxt here.
No DNS records found
security.txt (HTTP)
You can find out more about security.txt here or by looking up RFC 9116.
Status: 200
Scheme: https
URL: https://apache.org/.well-known/security.txt (HTTP/2)
Has a contact: Yes
Contacts:
Minimal version:
Contact: https://security.apache.org/report/ Policy: https://security.apache.org/report/ Preferred-Languages: en Expires: 2026-03-18T00:00:00Z
Full version:
Contact: https://security.apache.org/report/ Policy: https://security.apache.org/report/ # https://www.apache.org/foundation/policies/conduct#diversity-statement Preferred-Languages: en # https://www.rfc-editor.org/rfc/rfc9116#section-2.5.5 Expires: 2026-03-18T00:00:00Z
Updated at: 10:20:46+0000 on 16 September 2025