English

language

Within the commerce-oriented generic top-level domain (.shop), 'demo.owasp-juice.shop' is registered; it also runs on subdomain 'demo'. The second-level label 'owasp-juice' is 11 characters long with 5 vowels and five consonants; bonus characters include 1 hyphen. It segments into 3 words: o, wasp, juice. Median word length is 4 characters. No strong language cues emerged from the frequency lists.

html/03/1b/031bd112-91d8-4387-b440-905c941e458a.html.gz

43540bdba2ce48f49e45e9bb34a5aabb7dad1328c59aa4346de932794b52bc8d

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

c9aced9198eeca4461990d59a25e8594fa6b5e13ec88a61846e4ef36f0ba280b

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

fe1d4f2b143598876a5b48f9dcf4517592d87a1cd32cd8c35d5740f772ee9b01

57d115f59f932e4fac1e2c2b020cb4aa6a46abba87b8be656a253197261b5dac

jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates

parseHTML() executes scripts in event handlers

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.

Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

d800e99992206bdcddac27f367b216c9abdab25b6970a0a4c689a495f313086d

Open Worldwide Application Security Project (OWASP)

Probably the most modern and sophisticated insecure web application

description

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

owasp-juice.shop

Abuse

Admin

Cloudflare-NOC

Cloudflare, Inc.

CLOUDFLARENET


    window.addEventListener("load", function(){
      window.cookieconsent.initialise({
        "palette": {
          "popup": { "background": "var(--theme-primary)", "text": "var(--theme-text)" },
          "button": { "background": "var(--theme-accent)", "text": "var(--theme-text)" }
        },
        "theme": "classic",
        "position": "bottom-right",
        "content": { "message": "This website uses fruit cookies to ensure you get the juiciest tracking experience.", "dismiss": "Me want it!", "link": "But me wait!", "href": "https://www.youtube.com/watch?v=9PnbKL3wuH4" }
      })});
  

Requests	IP Address	Location	AS Autonomous System
21	104.17.24.14	United States	AS13335CLOUDFLARENET
21	81.169.145.156	Germany	AS6724Strato GmbH
42	2	-	-

Security Scan Report: demo.owasp-juice.shop

Summary

AI Security Verdict

Low Risk

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies4

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History