findsecuritycontacts.com

Home

wordpress.org

Scanned: 10:16:00+0000 on 16 August 2022

{
  "time": 1660644959.776729,
  "raw_target": "wordpress.org",
  "has_contact": true,
  "target": "wordpress.org",
  "scan_type": "domain",
  "domain_details": {
    "a_records": [
      "198.143.164.252"
    ],
    "cname_records": [],
    "txt_records": [
      "google-site-verification=UL0sGJ1dZbCT4J7pGrLW3hqM_I1LJ8pUi2WBEI_98kI",
      "google-site-verification=t8FjG1vzC4OFZJ8qL4SkR8xxtLyKldXKbswyeemQS5w",
      "v=spf1 ip4:66.155.40.0/24 ip4:198.143.164.0/24 include:helpscoutemail.com -all"
    ],
    "time": 0,
    "dns_resolve_time": 1660644959.8052032
  },
  "dnssecuritytxt": {
    "security_contact": null,
    "security_policy": null,
    "matching_domain": null
  },
  "port": 443,
  "certificate": {
    "issuer": "/C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA",
    "notAfter": "2022-12-25 23:59:59 UTC",
    "notBefore": "2021-11-24 00:00:00 UTC",
    "serialNumber": 161223264630351536988348106564144162063,
    "subject": "/CN=*.wordpress.org",
    "authorityKeyIdentifier": [
      "8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1"
    ],
    "subjectKeyIdentifier": [
      "D0:A8:0F:E1:72:F9:8B:2C:38:38:6A:E3:D7:98:45:7E:1C:60:A6:FB"
    ],
    "keyUsage": [
      "Digital Signature, Key Encipherment"
    ],
    "basicConstraints": [
      "CA:FALSE"
    ],
    "extendedKeyUsage": [
      "TLS Web Server Authentication, TLS Web Client Authentication"
    ],
    "certificatePolicies": [
      "Policy: 1.3.6.1.4.1.6449.1.2.2.7",
      "CPS: https://sectigo.com/CPS",
      "Policy: 2.23.140.1.2.1"
    ],
    "authorityInfoAccess": [
      {
        "CA Issuers - URI": "http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt"
      },
      {
        "OCSP - URI": "http://ocsp.sectigo.com"
      }
    ],
    "subjectAltName": {
      "DNS": [
        "*.wordpress.org",
        "wordpress.org"
      ]
    },
    "ct_precert_scts": [
      "Signed Certificate Timestamp:",
      "Version   : v1 (0x0)",
      "Log ID    : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:",
      "11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47",
      "Timestamp : Nov 24 09:47:42.582 2021 GMT",
      "Extensions: none",
      "Signature : ecdsa-with-SHA256",
      "30:45:02:21:00:BF:B9:A5:43:AC:5E:F8:4A:60:3A:AE:",
      "8E:72:5E:D3:27:B6:72:9D:67:C8:21:FC:F0:A3:7D:69:",
      "FD:2E:FA:7E:7D:02:20:18:F0:D3:F0:B8:F3:00:9A:35:",
      "12:81:D4:BD:C3:AB:7C:F0:ED:B9:B7:30:FE:D0:8D:B1:",
      "2F:4E:C6:D3:F5:D2:33",
      "Log ID    : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:",
      "4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6",
      "Timestamp : Nov 24 09:47:42.510 2021 GMT",
      "30:45:02:20:07:41:75:9E:4D:66:53:11:BD:10:FC:2F:",
      "86:38:D4:89:D8:86:AD:2A:A0:65:7C:D4:56:D0:5E:AA:",
      "34:75:B6:B9:02:21:00:82:F5:E7:2C:4B:4A:AC:2D:0A:",
      "96:96:2E:03:EF:79:94:89:B9:2D:4E:AB:03:E4:45:FF:",
      "2F:00:11:B4:45:E3:2F",
      "Log ID    : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:",
      "BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84",
      "Timestamp : Nov 24 09:47:42.466 2021 GMT",
      "30:45:02:21:00:8D:C7:BB:C6:31:76:85:85:A2:3F:E6:",
      "93:D0:49:B6:47:AA:64:C8:BD:06:1E:17:19:F7:21:C4:",
      "D4:BA:62:CF:EB:02:20:21:D8:6D:34:53:00:7C:61:94:",
      "EC:41:DF:52:8F:E0:77:8B:46:CE:ED:46:DE:7B:A5:B7:",
      "BF:5B:5D:72:0E:DF:11"
    ]
  },
  "http_security_txt": {
    "url": "https://wordpress.org:443/.well-known/security.txt",
    "status_code": 200,
    "has_contact": true,
    "valid_https": true,
    "valid_content_type": true,
    "full_text": "Contact: https://hackerone.com/wordpress\nExpires: 2024-12-31T15:00:00.000Z\nAcknowledgments: https://hackerone.com/wordpress/thanks\nCanonical: https://wordpress.org/.well-known/security.txt\nPolicy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/\n\n# The above contact is for reporting security issues in core WordPress software itself.\n# For reporting issues in a plugin hosted at wordpress.org, contact plugins@wordpress.org \n# If your website is hacked, please contact your site administrator or hosting provider.\n# Additionally, community support forums are a good resource at https://wordpress.org/support/",
    "min_text": "Contact: https://hackerone.com/wordpress\nExpires: 2024-12-31T15:00:00.000Z\nAcknowledgements: https://hackerone.com/wordpress/thanks\nCanonical: https://wordpress.org/.well-known/security.txt\nPolicy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/\n",
    "items": {
      "Acknowledgements": [
        "https://hackerone.com/wordpress/thanks"
      ],
      "Canonical": [
        "https://wordpress.org/.well-known/security.txt"
      ],
      "Contact": [
        "https://hackerone.com/wordpress"
      ],
      "Encryption": [],
      "Preferred-Languages": "",
      "Expires": "2024-12-31T15:00:00.000Z",
      "Hiring": [],
      "Policy": [
        "https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/"
      ]
    },
    "headers": {
      "Server": "nginx",
      "Date": "Tue, 16 Aug 2022 10:16:00 GMT",
      "Content-Type": "text/plain;charset=utf-8",
      "Transfer-Encoding": "chunked",
      "Connection": "keep-alive",
      "Strict-Transport-Security": "max-age=360",
      "X-Frame-Options": "SAMEORIGIN",
      "X-nc": "MISS ord 1"
    },
    "redirects": [
      {
        "type": "200",
        "val": "https://wordpress.org:443/.well-known/security.txt",
        "https": true
      }
    ],
    "type": "https_well-known"
  },
  "rank": 10
}

dnssecuritytxt (DNS)

You can find out more about dnssecuritytxt here.

No DNS records found

security.txt (HTTP)

You can find out more about security.txt here or by looking up RFC 9116.

Status: 200

Content type: text/plain;charset=utf-8

Scheme: https

URL: https://wordpress.org:443/.well-known/security.txt

Has a contact: Yes

Contacts:

https://hackerone.com/wordpress

Policy:

https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

Minimal version:

Contact: https://hackerone.com/wordpress
Expires: 2024-12-31T15:00:00.000Z
Acknowledgements: https://hackerone.com/wordpress/thanks
Canonical: https://wordpress.org/.well-known/security.txt
Policy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

Full version:

Contact: https://hackerone.com/wordpress
Expires: 2024-12-31T15:00:00.000Z
Acknowledgments: https://hackerone.com/wordpress/thanks
Canonical: https://wordpress.org/.well-known/security.txt
Policy: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/

# The above contact is for reporting security issues in core WordPress software itself.
# For reporting issues in a plugin hosted at wordpress.org, contact plugins@wordpress.org 
# If your website is hacked, please contact your site administrator or hosting provider.
# Additionally, community support forums are a good resource at https://wordpress.org/support/

Updated at: 10:16:00+0000 on 16 August 2022