findsecuritycontacts.com

Home

wordpress.org

Scanned: 10:15:43+0000 on 20 January 2023

{
  "time": 1674209743.3575687,
  "raw_target": "wordpress.org",
  "has_contact": true,
  "target": "wordpress.org",
  "scan_type": "domain",
  "message": "wordpress.org",
  "domain_details": {
    "a_records": [
      "198.143.164.252"
    ],
    "cname_records": [],
    "txt_records": [
      "google-site-verification=t8FjG1vzC4OFZJ8qL4SkR8xxtLyKldXKbswyeemQS5w",
      "google-site-verification=UL0sGJ1dZbCT4J7pGrLW3hqM_I1LJ8pUi2WBEI_98kI",
      "v=spf1 ip4:66.155.40.0/24 ip4:198.143.164.0/24 include:helpscoutemail.com -all"
    ],
    "time": 0,
    "dns_resolve_time": 1674209743.3936718
  },
  "dnssecuritytxt": {
    "security_contact": null,
    "security_policy": null,
    "matching_domain": null
  },
  "port": 443,
  "certificate": {
    "issuer": "/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo ECC Domain Validation Secure Server CA",
    "notAfter": "2024-01-06 23:59:59 UTC",
    "notBefore": "2022-12-06 00:00:00 UTC",
    "serialNumber": 221441128175840076092542163390280616418,
    "subject": "/CN=*.wordpress.org",
    "authorityKeyIdentifier": [
      "F6:85:0A:3B:11:86:E1:04:7D:0E:AA:0B:2C:D2:EE:CC:64:7B:7B:AE"
    ],
    "subjectKeyIdentifier": [
      "4E:CD:3E:29:1E:6E:F0:22:81:97:F3:8D:FB:63:95:3E:20:22:A9:AD"
    ],
    "keyUsage": [
      "Digital Signature"
    ],
    "basicConstraints": [
      "CA:FALSE"
    ],
    "extendedKeyUsage": [
      "TLS Web Server Authentication, TLS Web Client Authentication"
    ],
    "certificatePolicies": [
      "Policy: 1.3.6.1.4.1.6449.1.2.2.7",
      "CPS: https://sectigo.com/CPS",
      "Policy: 2.23.140.1.2.1"
    ],
    "authorityInfoAccess": [
      {
        "CA Issuers - URI": "http://crt.sectigo.com/SectigoECCDomainValidationSecureServerCA.crt"
      },
      {
        "OCSP - URI": "http://ocsp.sectigo.com"
      }
    ],
    "subjectAltName": {
      "DNS": [
        "*.wordpress.org",
        "wordpress.org"
      ]
    },
    "ct_precert_scts": [
      "Signed Certificate Timestamp:",
      "Version   : v1 (0x0)",
      "Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:",
      "B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74",
      "Timestamp : Dec  6 22:25:19.059 2022 GMT",
      "Extensions: none",
      "Signature : ecdsa-with-SHA256",
      "30:44:02:20:55:A4:55:22:FC:3E:40:57:4D:79:48:8C:",
      "B8:69:D5:6C:96:13:81:8A:58:E1:07:4D:BA:59:E7:B6:",
      "70:AF:6D:8D:02:20:7D:E4:BC:A8:55:2E:DF:BE:17:04:",
      "76:EF:E7:24:34:C8:F7:1E:A4:1E:54:1D:86:7A:98:DE:",
      "16:F7:54:3F:DE:47",
      "Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:",
      "91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB",
      "Timestamp : Dec  6 22:25:19.037 2022 GMT",
      "30:45:02:20:73:13:44:47:B4:49:B0:59:13:AF:CF:23:",
      "05:8C:AB:CD:CE:17:FE:14:20:E5:49:86:19:52:A0:FD:",
      "0B:C1:70:7D:02:21:00:85:02:A4:90:29:80:4E:9C:03:",
      "1F:D1:3E:53:6C:10:A5:6A:6E:BE:11:8B:55:91:52:45:",
      "BC:49:47:ED:6F:87:18",
      "Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:",
      "32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B",
      "Timestamp : Dec  6 22:25:18.954 2022 GMT",
      "30:44:02:20:14:76:2A:D9:E1:5B:15:57:78:8E:FF:CE:",
      "17:F3:DE:AD:46:92:D7:DE:03:C1:65:DB:E2:D3:0B:9D:",
      "B7:A1:7B:03:02:20:3E:20:AC:7B:CD:14:A2:81:C4:A8:",
      "A8:55:A3:B7:86:86:60:A0:00:1E:11:EE:0D:65:6F:E7:",
      "74:2A:02:1F:E0:A0"
    ]
  },
  "http_security_txt": {
    "url": "https://wordpress.org/.well-known/security.txt",
    "status_code": 200,
    "has_contact": true,
    "valid_https": true,
    "valid_content_type": true,
    "full_text": "Contact: https://hackerone.com/wordpress\nExpires: 2024-12-31T15:00:00.000Z\nAcknowledgments: https://hackerone.com/wordpress/thanks\nCanonical: https://wordpress.org/.well-known/security.txt\nPolicy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/\n\n# The above contact is for reporting security issues in core WordPress software itself.\n# For reporting issues in a plugin hosted at wordpress.org, contact plugins@wordpress.org \n# If your website is hacked, please contact your site administrator or hosting provider.\n# Additionally, community support forums are a good resource at https://wordpress.org/support/",
    "min_text": "Contact: https://hackerone.com/wordpress\nExpires: 2024-12-31T15:00:00.000Z\nAcknowledgements: https://hackerone.com/wordpress/thanks\nCanonical: https://wordpress.org/.well-known/security.txt\nPolicy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/\n",
    "items": {
      "Acknowledgements": [
        "https://hackerone.com/wordpress/thanks"
      ],
      "Canonical": [
        "https://wordpress.org/.well-known/security.txt"
      ],
      "Contact": [
        "https://hackerone.com/wordpress"
      ],
      "Encryption": [],
      "Preferred-Languages": "",
      "Expires": "2024-12-31T15:00:00.000Z",
      "Hiring": [],
      "Policy": [
        "https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/"
      ]
    },
    "headers": {
      "server": "nginx",
      "date": "Fri, 20 Jan 2023 10:15:43 GMT",
      "content-type": "text/plain;charset=utf-8",
      "vary": "Accept-Encoding",
      "strict-transport-security": "max-age=360",
      "x-frame-options": "SAMEORIGIN",
      "content-encoding": "br",
      "x-nc": "MISS ord 1"
    },
    "http_version": "HTTP/2",
    "redirects": [
      {
        "type": "200",
        "val": "https://wordpress.org/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      }
    ],
    "type": "https_well-known"
  },
  "rank": 10
}

dnssecuritytxt (DNS)

You can find out more about dnssecuritytxt here.

No DNS records found

security.txt (HTTP)

You can find out more about security.txt here or by looking up RFC 9116.

Status: 200

Scheme: https

URL: https://wordpress.org/.well-known/security.txt (HTTP/2)

Has a contact: Yes

Contacts:

https://hackerone.com/wordpress

Policy:

https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

Minimal version:

Contact: https://hackerone.com/wordpress
Expires: 2024-12-31T15:00:00.000Z
Acknowledgements: https://hackerone.com/wordpress/thanks
Canonical: https://wordpress.org/.well-known/security.txt
Policy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

Full version:

Contact: https://hackerone.com/wordpress
Expires: 2024-12-31T15:00:00.000Z
Acknowledgments: https://hackerone.com/wordpress/thanks
Canonical: https://wordpress.org/.well-known/security.txt
Policy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

# The above contact is for reporting security issues in core WordPress software itself.
# For reporting issues in a plugin hosted at wordpress.org, contact plugins@wordpress.org 
# If your website is hacked, please contact your site administrator or hosting provider.
# Additionally, community support forums are a good resource at https://wordpress.org/support/

Updated at: 10:15:43+0000 on 20 January 2023