Home

apache.org

Scanned: 10:21:38+0000 on 02 May 2025

{
  "time": 1746181297.6409986,
  "raw_target": "apache.org",
  "has_contact": true,
  "target": "apache.org",
  "scan_type": "domain",
  "message": "apache.org",
  "domain_details": {
    "a_records": [
      "151.101.2.132"
    ],
    "cname_records": [],
    "txt_records": [
      "MS=E03FCF4BFDA6010D863CDB04B4F156E4C480ACA5",
      "_globalsign-domain-verification=VPemhDee0EKRXi0IPzeSUrn849jHevrjIaTeDYOTZ4",
      "atlassian-domain-verification=ymLFB7Wz8ScIJsja5lQgqHkFZGayJH7z0M3DAUwmeTFBvxJWz7rs9OqateFxBIb4",
      "google-site-verification=y9Wki74vQ-HO4aXrJ-TzmPvLf8itBqrQTPjyAHktuMo",
      "spf2.0/pra ?all",
      "v=spf1 include:_spf.apache.org -all"
    ],
    "time": 0,
    "dns_resolve_time": 1746181297.7167273
  },
  "dnssecuritytxt": {
    "security_contact": null,
    "security_policy": null,
    "matching_domain": null
  },
  "port": 443,
  "certificate": {
    "issuer": "/C=US/O=Let's Encrypt/CN=R10",
    "notAfter": "2025-07-19 04:57:43 UTC",
    "notBefore": "2025-04-20 04:57:44 UTC",
    "serialNumber": 605976738983432985763919704273696647936887,
    "subject": "/CN=apache.org",
    "keyUsage": [
      "Digital Signature, Key Encipherment"
    ],
    "extendedKeyUsage": [
      "TLS Web Server Authentication, TLS Web Client Authentication"
    ],
    "basicConstraints": [
      "CA:FALSE"
    ],
    "subjectKeyIdentifier": [
      "73:F6:C4:49:25:5F:E8:71:CB:FB:33:93:80:20:50:DD:0B:6C:B0:49"
    ],
    "authorityKeyIdentifier": [
      "BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8"
    ],
    "authorityInfoAccess": [
      {
        "OCSP - URI": "http://r10.o.lencr.org"
      },
      {
        "CA Issuers - URI": "http://r10.i.lencr.org/"
      }
    ],
    "subjectAltName": {
      "DNS": [
        "apache.org"
      ]
    },
    "certificatePolicies": [
      "Policy: 2.23.140.1.2.1"
    ],
    "crlDistributionPoints": [
      "Full Name:",
      {
        "URI": "http://r10.c.lencr.org/120.crl"
      }
    ],
    "ct_precert_scts": [
      "Signed Certificate Timestamp:",
      "Version   : v1 (0x0)",
      "Log ID    : 12:F1:4E:34:BD:53:72:4C:84:06:19:C3:8F:3F:7A:13:",
      "F8:E7:B5:62:87:88:9C:6D:30:05:84:EB:E5:86:26:3A",
      "Timestamp : Apr 20 05:56:14.783 2025 GMT",
      "Extensions: none",
      "Signature : ecdsa-with-SHA256",
      "30:45:02:20:1E:AC:D1:F7:12:01:1B:09:EB:DA:8E:CB:",
      "AC:1D:01:89:46:0C:A4:BC:11:7B:8A:37:E2:0E:F0:BF:",
      "12:FD:E3:21:02:21:00:98:7C:93:B6:23:9E:38:BC:74:",
      "BB:68:24:D7:9D:B6:BB:B2:14:E5:77:3F:4F:E2:F1:10:",
      "63:54:C5:7B:52:B7:9E",
      "Log ID    : AF:18:1A:28:D6:8C:A3:E0:A9:8A:4C:9C:67:AB:09:F8:",
      "BB:BC:22:BA:AE:BC:B1:38:A3:A1:9D:D3:F9:B6:03:0D",
      "Timestamp : Apr 20 05:56:15.033 2025 GMT",
      "30:45:02:21:00:F6:35:2A:E0:B8:01:C9:6B:80:E5:86:",
      "56:41:08:83:5E:AA:4E:87:40:B9:AA:77:03:A4:22:86:",
      "E8:2E:A9:D7:55:02:20:63:2E:C2:C2:09:D8:32:51:B5:",
      "8B:38:41:C1:04:99:AB:53:83:63:79:09:8A:1F:55:FA:",
      "AA:FA:E3:56:3A:7A:0E"
    ]
  },
  "http_security_txt": {
    "url": "https://apache.org/.well-known/security.txt",
    "status_code": 200,
    "has_contact": true,
    "valid_https": true,
    "valid_content_type": true,
    "full_text": "Contact: https://security.apache.org/report/\nPolicy: https://security.apache.org/report/\n\n# https://www.apache.org/foundation/policies/conduct#diversity-statement\nPreferred-Languages: en\n\n# https://www.rfc-editor.org/rfc/rfc9116#section-2.5.5\nExpires: 2026-03-18T00:00:00Z",
    "min_text": "Contact: https://security.apache.org/report/\nPolicy: https://security.apache.org/report/\nPreferred-Languages: en\nExpires: 2026-03-18T00:00:00Z\n",
    "items": {
      "Acknowledgements": [],
      "Canonical": [],
      "Contact": [
        "https://security.apache.org/report/"
      ],
      "Encryption": [],
      "Preferred-Languages": "en",
      "Expires": "2026-03-18T00:00:00Z",
      "Hiring": [],
      "Policy": [
        "https://security.apache.org/report/"
      ]
    },
    "headers": {
      "server": "Apache",
      "last-modified": "Tue, 18 Mar 2025 17:23:23 GMT",
      "etag": "\"111-630a12977e66a-gzip\"",
      "cache-control": "max-age=3600",
      "expires": "Fri, 02 May 2025 10:31:51 GMT",
      "content-encoding": "gzip",
      "access-control-allow-origin": "*",
      "content-security-policy": "default-src 'self' data: 'unsafe-inline' https://www.apachecon.com/ https://analytics.apache.org/ http://analytics.apache.org/ https://www.youtube-nocookie.com https://www.youtube.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.apachecon.com/ https://analytics.apache.org/ http://analytics.apache.org/ https://www.youtube-nocookie.com https://www.youtube.com; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; img-src 'self' data: https://www.apache.org/ https://www.apachecon.com/;",
      "access-control-expose-headers": "Content-Security-Policy",
      "content-type": "text/plain",
      "via": "1.1 varnish, 1.1 varnish",
      "accept-ranges": "bytes",
      "age": "2987",
      "date": "Fri, 02 May 2025 10:21:38 GMT",
      "x-served-by": "cache-hel1410032-HEL, cache-iad-kiad7000163-IAD",
      "x-cache": "HIT, MISS",
      "x-cache-hits": "2, 0",
      "x-timer": "S1746181298.923279,VS0,VE294",
      "vary": "Accept-Encoding",
      "strict-transport-security": "max-age=31536000; includeSubDomains; preload",
      "content-length": "190"
    },
    "http_version": "HTTP/2",
    "redirects": [
      {
        "type": "200",
        "val": "https://apache.org/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      }
    ],
    "type": "https_well-known"
  },
  "rank": 315
}

dnssecuritytxt (DNS)

You can find out more about dnssecuritytxt here.

No DNS records found

security.txt (HTTP)

You can find out more about security.txt here or by looking up RFC 9116.

Status: 200

Scheme: https

URL: https://apache.org/.well-known/security.txt (HTTP/2)

Has a contact: Yes

Contacts:

Policy:

Minimal version:

Contact: https://security.apache.org/report/
Policy: https://security.apache.org/report/
Preferred-Languages: en
Expires: 2026-03-18T00:00:00Z

Full version:

Contact: https://security.apache.org/report/
Policy: https://security.apache.org/report/

# https://www.apache.org/foundation/policies/conduct#diversity-statement
Preferred-Languages: en

# https://www.rfc-editor.org/rfc/rfc9116#section-2.5.5
Expires: 2026-03-18T00:00:00Z

Updated at: 10:21:38+0000 on 02 May 2025