owasp.org favicon

owasp.org

Category: Information Technology, Information, Computer Security

Scanned: Jul 5, 2026, 05:05 AM UTC · First seen: Jul 5, 2026 · Threat Engines: 0 / 91 · Times Scanned: 1
99 / 100 Trust Score Based on scan findings at the time of analysis
No Threats Found
0 - High Risk50 - Moderate100 - No Threats
Not scanned has not been scanned yet. Hit Scan Now to check it.

Scans can take up to 5 minutes to complete. Please keep this tab open - we'll redirect you to the report when it's ready.

Failed
Scan unavailable
Scan failed
Screenshot of owasp.org Captured Jul 5, 2026
https://owasp.org
Screenshot of owasp.org
24 years
Very Popular - #3,935 Tranco rank (>10M monthly visitors)
Not listed (91 checked)
✓ Valid (TLS)
Cloudflare, Inc.
Toronto, Canada
cloudflare
Unknown
172.66.157.115
Domain & WHOIS Information
Registrar GoDaddy.com, LLC
Registered September 21, 2001
Expires September 21, 2031
Name Servers fay.ns.cloudflare.com
DNSSEC Unsigned
Hosting Cloudflare, Inc.
Reputation & Threat Check 91 security engines checked
File Scan Summary Powered by Quttera Engine
23 files scanned
No threats
23
Low Risk
0
Medium Risk
0
High Risk
0
No threats Low Risk Medium Risk High Risk
buttons.github.io/buttons.js 19.1 KB No threats
www.google-analytics.com/analytics.js 51.1 KB No threats
owasp.org/donate?reponame=owasp.github.io 41.9 KB No threats
owasp.org/rss.xml 8.7 KB No threats
owasp.org/store 439 B No threats
owasp.org/feed.xml 124.4 KB No threats
owasp.org/manage-membership 95.6 KB No threats
owasp.org/# 161.8 KB No threats
owasp.org/membership 95.6 KB No threats
owasp.org/feed.json 115.5 KB No threats
Show 13 more...
External Links & Domains
391
External Links
All Clean
1
Iframes
Clean
138
Referenced Domains
1 Flagged
1
Flagged Resources
Detected
www.aikido.devFlagged: Generic Suspicious Object
http://owasp.orgNot flagged
http://owasp.org/[twitter_url]Not flagged
http://owasp.org/about/Not flagged
http://owasp.org/account/apple/login/?redirect%3D%2FNot flagged
http://owasp.org/account/google/login/?redirect%3D%2FNot flagged
http://owasp.org/account/linkedin/login/?redirect%3D%2FNot flagged
http://owasp.org/account/recoverNot flagged
http://owasp.org/account/twitter/login/?redirect%3D%2FNot flagged
http://owasp.org/alex.ley@owasp.orgNot flagged
http://owasp.org/assets/css/mxgraph-responsive.cssNot flagged
http://owasp.org/assets/files/OWASP_Impact_Report_2025.pdfNot flagged
http://owasp.org/assets/images/abdd.jpgNot flagged
http://owasp.org/assets/images/abdiot.jpgNot flagged
http://owasp.org/assets/images/abdiot2.jpgNot flagged
http://owasp.org/assets/images/abdmobile.jpgNot flagged
Show 376 more...
www.aikido.devFlagged: Generic Suspicious Object
anssi.bjNot flagged
apdp.bjNot flagged
app.diagrams.netNot flagged
appsec.org.nzNot flagged
appsecdays.ptNot flagged
appsecg.hostNot flagged
appsecil.orgNot flagged
asin.bjNot flagged
asvs.devNot flagged
asvs.owasp.orgNot flagged
basconf.orgNot flagged
batatatech.comNot flagged
benevity.comNot flagged
bit.lyNot flagged
Show 123 more...
<iframe src%3D"https://calendar.google.com/calendar/embed?src%3Dhl6cjgs6ep1h7oniqgueu2bhbo%40group.calendar.google.com&amp%3Bctz%3DAmerica%2FChicago" style%3D"border: 0" width%3D"100%" height%3D"600" frameborder%3D"0" scrolling%3D"no">Not flagged
owasp.org Overview

Description of owasp.org

owasp.org appears to be the official website of the OWASP Foundation, a long-established nonprofit organization focused on improving software and application security. The page title, metadata, and homepage screenshot indicate that the site provides cybersecurity resources, community projects, chapters, events, educational materials, and membership information related to secure software development.

Based on the domain name, visible branding, and classification data, the website operates in the information technology and computer security space. It appears to serve developers, security professionals, educators, and organizations seeking open-source guidance and best practices for application security, rather than functioning primarily as a commercial retail platform.

Safety Assessment for owasp.org

The scan results are strongly reassuring at the time of this scan. The domain was not flagged by any of 91 security engines, and the checked malware and threat-database sources did not report active phishing, malware, or blacklist issues. The domain is also very mature at roughly 24 years old and has a strong traffic presence, which generally aligns with an established organization rather than a newly created high-risk site.

One low-confidence cautionary signal appeared in the malware scan context: a referenced external domain was associated with a generic heuristic label. However, this did not correspond to any flagged files on owasp.org itself, and there was no broader corroboration from security engines or blacklist databases. Based on available data, this appears more consistent with an isolated or low-confidence signal than with evidence of direct compromise on the scanned domain.

Based on available scan data, no threats were detected at the time of this scan.

Technical Description

The site uses a valid SSL/TLS certificate issued by Google Trust Services, with certificate expiry shown as 2026-08-08. It is hosted behind Cloudflare infrastructure, with the web server identified as Cloudflare and nameservers also pointing to Cloudflare. The resolved server IP geolocates to Toronto, Canada, though CDN-backed hosting can make physical hosting location less definitive.

DNSSEC appears to be unsigned, which is not uncommon but means DNS responses may not benefit from DNSSEC validation. No major technical security concerns were evident from the provided scan data, and blacklist checks were clean at the time of this scan.

HTTP Redirect Chain
No redirects detected - direct connection to destination
Website Insights
#3,935
Tranco Rank
Very Popular
Visitors >10M/mo
Category: Information Technology, Information, Computer Security
Rank History (30 days)
May 25 Jul 4
No cookies data available
Dispute This Score For website owners
Believe this score is inaccurate?
If you are the website owner and believe the scan results contain errors or false positives, you can submit a dispute for manual review. Our team typically responds within 1-2 business days.
You will be asked to verify your email before the dispute can be processed.
By submitting this form, you confirm that the information provided is accurate. Disputes are reviewed manually and results may take up to 48 hours to update.
One more step..
To submit your dispute for owasp.org, please click the verification link we just emailed you. Once verified, we'll review it within 1–2 business days.
This report was generated automatically and is provided for informational purposes only. Results are based on a point-in-time scan and may contain false positives or incomplete data. This does not constitute a security audit or certification. No vendor in the market can guarantee a 100% detection rate. If you believe this report is inaccurate, please submit a dispute.

Share your experience with this website. Was it safe? Did you encounter any issues?