Forum

GenderTeam wrote:
i just got design inspo but not home

GenderTeam wrote:
my es face had finally made 26k stars does that mean i can request money

GenderTeam wrote:
also is it safe..

Undyne wrote:
some other tips for general good web app security to check for (i use these in my job if we observe something reaching out to a sketchy domain)

1. check certificate authority. HTTPS has to be signed by something called a "certificate authority" but people can self-sign it. make sure CA is legit and not self-signed. this article does mention some good things about this: https://support.dnsimple.com/articles/how-to-determine-certificate-authority/ 

2. use whois to check who owns site. sometimes if it's a brand new registered site, it could be sketchy

3. virustotal and urlscan.io will scan the URL you are trying to go to, this will check if it is flagged malicious. tip: when using urlscan, doing a private scan will not appear that you're trying to scan it in any way. i have to make sure to do this at my job in case it is malicious and it could tip off the attackers that we are looking at it

4. double check URLs to make sure they are not slightly missspelled. this is called "typo squatting" and it basically means if you type goggle instead of google, the "bad website" could be on goggle but you didn't notice. this is also true if you click any links in your emails, check the URL (but generally, don't click email links unless you are expecting it like to verify it's you. i always go directly to the website instead of clicking links in email)