dast

Passed Started 5 years ago by
This job is archived. Only the complete pipeline can be retried.
1Running with gitlab-runner 12.7.1 (003fe500)
2  on docker-auto-scale 72989761
 3  Using Docker executor with image registry.gitlab.com/gitlab-org/security-products/dast:1 ...  
  02:35
4Pulling docker image registry.gitlab.com/gitlab-org/security-products/dast:1 ...
5Using docker image sha256:39d0cd3f21d06abf104bbb03ffeb9d2f623ed3d700a1af31df10c7e269a0e0ec for registry.gitlab.com/gitlab-org/security-products/dast:1 ...
 6  Running on runner-72989761-project-4422333-concurrent-0 via runner-72989761-stg-srm-1581697057-76857fa5...  
  00:06
 7  $ eval "$CI_PRE_CLONE_SCRIPT"  
  00:03
8Fetching changes with git depth set to 50...
9Initialized empty Git repository in /builds/gitlab-org/monitor/monitor-sandbox/.git/
10Created fresh repository.
11From https://staging.gitlab.com/gitlab-org/monitor/monitor-sandbox
12 * [new ref]         refs/pipelines/12713460 -> refs/pipelines/12713460
13 * [new branch]      master                  -> origin/master
14Checking out c8cb41c1 as master...
15Skipping Git submodules setup
 16  Downloading artifacts for dast_environment_deploy (37081927)...  
  00:03
17Downloading artifacts from coordinator... ok        id=37081927 responseStatus=200 OK token=9Mdsw_G6
 18  $ export DAST_WEBSITE=${DAST_WEBSITE:-$(cat environment_url.txt)}  
  00:39
19$ /analyze -t $DAST_WEBSITE
202020-02-14 16:20:29,662 using Python 2.7.15+ (default, Jul  9 2019, 16:51:35) [GCC 7.4.0]
212020-02-14 16:20:29,662 waiting for http://dast-4422333-dast-default.34.67.11.220.nip.io to be available
222020-02-14 16:20:29,663 requesting access to http://dast-4422333-dast-default.34.67.11.220.nip.io
232020-02-14 16:20:30,053 starting scan
242020-02-14 16:20:30,054 Script params: [('-t', 'http://dast-4422333-dast-default.34.67.11.220.nip.io'), ('-J', 'gl-dast-report.json'), ('-z', '-config selenium.firefoxDriver=/usr/bin/geckodriver')]
252020-02-14 16:20:30,054 Params: ['zap-x.sh', '-daemon', '-port', '34013', '-host', '0.0.0.0', '-config', 'api.disablekey=true', '-config', 'api.addrs.addr.name=.*', '-config', 'api.addrs.addr.regex=true', '-config', 'spider.maxDuration=1', '-addonupdate', '-addoninstall', 'pscanrulesBeta', '-config', 'selenium.firefoxDriver=/usr/bin/geckodriver']
26Feb 14, 2020 4:20:40 PM java.util.prefs.FileSystemPreferences$1 run
27INFO: Created user preferences directory.
28[zap.out] Found Java version 1.8.0_222
29[zap.out] Available memory: 3693 MB
30[zap.out] Using JVM args: -Xmx923m
31[zap.out] 730 [main] INFO org.zaproxy.zap.DaemonBootstrap  - OWASP ZAP D-2019-09-23 started 14/02/20 16:20:34 with home /root/.ZAP_D/
32[zap.out] 796 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config api.disablekey = true was null
33[zap.out] 799 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config api.addrs.addr.name = .* was null
34[zap.out] 800 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config api.addrs.addr.regex = true was null
35[zap.out] 800 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config spider.maxDuration = 1 was null
36[zap.out] 800 [main] INFO org.parosproxy.paros.common.AbstractParam  - Setting config selenium.firefoxDriver = /usr/bin/geckodriver was null
37[zap.out] 814 [main] INFO org.parosproxy.paros.network.SSLConnector  - Reading supported SSL/TLS protocols...
38[zap.out] 814 [main] INFO org.parosproxy.paros.network.SSLConnector  - Using a SSLEngine...
39[zap.out] 1069 [main] INFO org.parosproxy.paros.network.SSLConnector  - Done reading supported SSL/TLS protocols: [SSLv2Hello, SSLv3, TLSv1, TLSv1.1, TLSv1.2]
40[zap.out] 1081 [main] INFO org.parosproxy.paros.extension.option.OptionsParamCertificate  - Unsafe SSL renegotiation disabled.
41[zap.out] 1930 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open start
42[zap.out] 1955 [main] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open end
43[zap.out] 2075 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory  - Loading extensions
44[zap.out] 5849 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory  - Installed add-ons: [[id=accessControl, version=6.0.0], [id=alertFilters, version=9.0.0], [id=ascanrules, version=34.0.0], [id=ascanrulesBeta, version=27.0.0], [id=bruteforce, version=9.0.0], [id=coreLang, version=14.0.0], [id=diff, version=10.0.0], [id=directorylistv1, version=4.0.0], [id=formhandler, version=3.0.0], [id=fuzz, version=12.0.0], [id=gettingStarted, version=11.0.0], [id=help, version=10.0.0], [id=hud, version=0.7.0], [id=importurls, version=7.0.0], [id=invoke, version=10.0.0], [id=onlineMenu, version=7.0.0], [id=openapi, version=14.0.0], [id=plugnhack, version=12.0.0], [id=portscan, version=9.0.0], [id=pscanrules, version=25.0.0], [id=pscanrulesBeta, version=20.0.0], [id=quickstart, version=27.0.0], [id=replacer, version=8.0.0], [id=reveal, version=3.0.0], [id=saverawmessage, version=5.0.0], [id=savexmlmessage, version=0.1.0], [id=scripts, version=26.0.0], [id=selenium, version=15.1.0], [id=sequence, version=6.0.0], [id=spiderAjax, version=23.1.0], [id=tips, version=7.0.0], [id=webdriverlinux, version=13.0.0], [id=webdrivermacos, version=13.0.0], [id=webdriverwindows, version=13.0.0], [id=websocket, version=21.0.0], [id=zest, version=30.0.0]]
45[zap.out] 7091 [ZAP-daemon] INFO org.zaproxy.zap.control.ExtensionFactory  - Extensions loaded
46[zap.out] 7509 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows ZAP to check for updates
47[zap.out] 7519 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Options Extension
48[zap.out] 7519 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Edit Menu Extension
49[zap.out] 7519 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides a rest based API for controlling and accessing ZAP
50[zap.out] 7536 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Session State Extension
51[zap.out] 7536 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Report Extension
52[zap.out] 7537 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing History Extension
53[zap.out] 7539 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Show hidden fields and enable disabled fields
54[zap.out] 7541 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Search messages for strings and regular expressions
55[zap.out] 7546 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Encode/Decode/Hash...
56[zap.out] 7546 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to intercept and modify requests and responses
57[zap.out] 7548 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Passive scanner
58[zap.out] 7709 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Script Passive Scan Rules
59[zap.out] 7709 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Stats Passive Scan Rule
60[zap.out] 7712 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Application Error Disclosure
61[zap.out] 7712 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Absence of Anti-CSRF Tokens
62[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Incomplete or No Cache-control and Pragma HTTP Header Set
63[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Charset Mismatch
64[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: CSP Scanner
65[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Content-Type Header Missing
66[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie No HttpOnly Flag
67[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Loosely Scoped Cookie
68[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie Without Secure Flag
69[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cross-Domain JavaScript Source File Inclusion
70[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Web Browser XSS Protection Not Enabled
71[zap.out] 7717 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Debug Error Messages
72[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Weak Authentication Method
73[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Insecure JSF ViewState
74[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Secure Pages Include Mixed Content
75[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Private IP Disclosure
76[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Session ID in URL Rewrite
77[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Viewstate Scanner
78[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Content-Type-Options Header Missing
79[zap.out] 7718 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Frame-Options Header Scanner
80[zap.out] 7719 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie Without SameSite Attribute
81[zap.out] 7719 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cross-Domain Misconfiguration
82[zap.out] 7719 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Sensitive Information in URL
83[zap.out] 7719 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Sensitive Information in HTTP Referrer Header
84[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Suspicious Comments
85[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: HTTP Parameter Override
86[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Timestamp Disclosure
87[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Username Hash Found
88[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-AspNet-Version Response Header Scanner
89[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Debug-Token Information Leak
90[zap.out] 7720 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
91[zap.out] 7745 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to view and manage alerts
92[zap.out] 7747 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Active scanner, heavily based on the original Paros active scanner, but with additional tests added
93[zap.out] 7756 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionSequence
94[zap.out] 7758 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Spider used for automatically finding URIs on a site
95[zap.out] 7771 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing A set of common popup menus for miscellaneous tasks
96[zap.out] 7772 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Forced browsing of files and directories using code from the OWASP DirBuster tool
97[zap.out] 7773 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Simple but effective port scanner
98[zap.out] 7774 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Manual Request Editor Extension
99[zap.out] 7774 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Compares 2 sessions and generates an HTML file showing the differences
100[zap.out] 7775 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Invoke external applications passing context related information such as URLs and parameters
101[zap.out] 7775 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Handles anti cross site request forgery (CSRF) tokens
102[zap.out] 7778 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Authentication Extension
103[zap.out] 7795 [ZAP-daemon] INFO org.zaproxy.zap.extension.authentication.ExtensionAuthentication  - Loaded authentication method types: [Form-based Authentication, HTTP/NTLM Authentication, Manual Authentication, Script-based Authentication, JSON-based Authentication]
104[zap.out] 7796 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Creates a dynamic SSL certificate to allow SSL communications to be intercepted without warnings being generated by the browser
105[zap.out] 7797 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Logs errors to the Output tab in development mode only
106[zap.out] 7797 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Users Extension
107[zap.out] 7799 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Summarise and analyse FORM and URL parameters as well as cookies
108[zap.out] 7799 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Script integration
109[zap.out] 7848 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Scripting console, supports all JSR 223 scripting languages
110[zap.out] 8141 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Forced User Extension
111[zap.out] 8142 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Extension handling HTTP sessions
112[zap.out] 8144 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Zest is a specialized scripting language from Mozilla specifically designed to be used in security tools
113[zap.out] 8351 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionDiff
114[zap.out] 8351 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Post Table View Extension
115[zap.out] 8351 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Simple browser configuration
116[zap.out] 8352 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Session Management Extension
117[zap.out] 8357 [ZAP-daemon] INFO org.zaproxy.zap.extension.sessions.ExtensionSessionManagement  - Loaded session management method types: [Cookie-based Session Management, HTTP Authentication Session Management]
118[zap.out] 8358 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Form Table View Extension
119[zap.out] 8358 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Capture messages from WebSockets with the ability to set breakpoints.
120[zap.out] 8417 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to import a file containing URLs which ZAP will access, adding them to the Sites tree
121[zap.out] 8417 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Core UI related functionality.
122[zap.out] 8420 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Authorization Extension
123[zap.out] 8421 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing AJAX Spider, uses Crawljax
124[zap.out] 8424 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides WebDrivers to control several browsers using Selenium and includes HtmlUnit browser.
125[zap.out] 8438 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Manages the local proxy configurations
126[zap.out] 8443 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Add-on that adds a set of tools for testing access control in web applications.
127[zap.out] 8447 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Handles adding Global Excluded URLs
128[zap.out] 8448 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Adds menu item to refresh the Sites tree
129[zap.out] 8448 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing OWASP ZAP User Guide
130[zap.out] 8449 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides a URL suitable for calling from target sites
131[zap.out] 8458 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to configure which extensions are loaded when ZAP starts
132[zap.out] 8458 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Combined HTTP Panels Extension
133[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Hex View Extension
134[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Image View Extension
135[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Large Request View Extension
136[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Large Response View Extension
137[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Query Table View Extension
138[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing HTTP Panel Syntax Highlighter View Extension
139[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Adds support for configurable keyboard shortcuts for all of the ZAP menus.
140[zap.out] 8459 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Active and passive rule configuration
141[zap.out] 8465 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Statistics
142[zap.out] 8470 [ZAP-daemon] INFO org.zaproxy.zap.extension.stats.ExtensionStats  - Start recording in memory stats
143[zap.out] 8473 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Provides the foundation for concrete message types (for example, HTTP, WebSockets) expose fuzzer implementations.
144[zap.out] 8479 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows to fuzz HTTP messages.
145[zap.out] 8480 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Tips and Tricks
146[zap.out] 8480 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Active Scan Rules - beta
147[zap.out] 8485 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Context alert rules filter
148[zap.out] 8487 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing This extension allows a user to change the default values used by ZAP Spiders.
149[zap.out] 8512 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionSaveRawHttpMessage
150[zap.out] 8515 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows to fuzz WebSocket messages.
151[zap.out] 8516 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Active Scan Rules
152[zap.out] 8516 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Translations of the core language files
153[zap.out] 8516 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Passive Scan Rules
154[zap.out] 8517 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing The ZAP Getting Started Guide
155[zap.out] 8517 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Easy way to replace strings in requests and responses
156[zap.out] 8532 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing The Online menu links
157[zap.out] 8537 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionSaveXMLHttpMessage
158[zap.out] 8537 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Passive Scan Rules - beta
159[zap.out] 8537 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Heads Up Display
160[zap.out] 8684 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing ExtensionHUDlaunch
161[zap.out] 8710 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Allows you to spider and import OpenAPI (Swagger) definitions 
162[zap.out] 8728 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Adds the Quick Start panel for scanning and exploring applications
163[zap.out] 8736 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Add the option to use the Ajax Spider in the Quick Start scan
164[zap.out] 8736 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Launch browsers proxying through ZAP
165[zap.out] 8737 [ZAP-daemon] INFO org.parosproxy.paros.extension.ExtensionLoader  - Initializing Launch browsers proxying through ZAP
166[zap.out] 9389 [ZAP-daemon] INFO org.zaproxy.zap.extension.callback.ExtensionCallback  - Started callback server on 0.0.0.0:37053
167[zap.out] 9389 [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL  - Creating new root CA certificate
168[zap.out] 11346 [ZAP-daemon] INFO org.zaproxy.zap.extension.dynssl.ExtensionDynSSL  - New root CA certificate created
169[zap.out] 15415 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/alertFilters-release-10.zap
170[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/quickstart-release-28.zap
171[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/pscanrulesBeta-beta-21.zap
172[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/pscanrules-release-27.zap
173[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/hud-beta-0.10.0.zap
174[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/webdriverwindows-release-17.zap
175[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/webdriverlinux-release-17.zap
176[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/webdrivermacos-release-16.zap
177[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/openapi-beta-15.zap
178[zap.out] 15416 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/zest-beta-32.zap
179[zap.out] 15459 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon quickstart v28.0.0
180[zap.out] 15572 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon quickstart v28.0.0
181[zap.out] 15620 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon pscanrulesBeta v21.0.0
182[zap.out] 15686 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Big Redirect Detected (Potential Sensitive Information Leak)
183[zap.out] 15690 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Content Security Policy (CSP) Header Not Set
184[zap.out] 15693 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Directory Browsing
185[zap.out] 15693 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Hash Disclosure
186[zap.out] 15693 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Heartbleed OpenSSL Vulnerability (Indicative)
187[zap.out] 15693 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: HTTP to HTTPS Insecure Transition in Form Post
188[zap.out] 15694 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: HTTPS to HTTP Insecure Transition in Form Post
189[zap.out] 15695 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Reverse Tabnabbing
190[zap.out] 15696 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: PII Scanner
191[zap.out] 15696 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Retrieved from Cache
192[zap.out] 15696 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: HTTP Server Response Header Scanner
193[zap.out] 15696 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: HTTP Parameter Override
194[zap.out] 15696 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Strict-Transport-Security Header Scanner
195[zap.out] 15697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: User Controllable Charset
196[zap.out] 15697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie Poisoning
197[zap.out] 15697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: User Controllable HTML Element Attribute (Potential XSS)
198[zap.out] 15697 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: User Controllable JavaScript Event (XSS)
199[zap.out] 15698 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Open Redirect
200[zap.out] 15701 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Backend-Server Header Information Leak
201[zap.out] 15701 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-ChromeLogger-Data (XCOLD) Header Information Leak
202[zap.out] 15771 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon pscanrulesBeta v21.0.0
203[zap.out] 15798 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon webdriverlinux v17.0.0
204[zap.out] 16198 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon webdriverlinux v17.0.0
205[zap.out] 16213 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon openapi v15.0.0
206[zap.out] 16237 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon openapi v15.0.0
207[zap.out] 16263 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon pscanrules v27.0.0
208[zap.out] 16318 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Application Error Disclosure
209[zap.out] 16319 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Absence of Anti-CSRF Tokens
210[zap.out] 16319 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Incomplete or No Cache-control and Pragma HTTP Header Set
211[zap.out] 16319 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Charset Mismatch
212[zap.out] 16319 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: CSP Scanner
213[zap.out] 16320 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Content-Type Header Missing
214[zap.out] 16320 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie No HttpOnly Flag
215[zap.out] 16321 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Loosely Scoped Cookie
216[zap.out] 16321 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie Without SameSite Attribute
217[zap.out] 16321 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cookie Without Secure Flag
218[zap.out] 16321 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cross-Domain Misconfiguration
219[zap.out] 16321 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Cross-Domain JavaScript Source File Inclusion
220[zap.out] 16323 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Debug Error Messages
221[zap.out] 16323 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Sensitive Information in URL
222[zap.out] 16323 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Sensitive Information in HTTP Referrer Header
223[zap.out] 16325 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Information Disclosure - Suspicious Comments
224[zap.out] 16325 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Weak Authentication Method
225[zap.out] 16326 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Insecure JSF ViewState
226[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Secure Pages Include Mixed Content
227[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Private IP Disclosure
228[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Session ID in URL Rewrite
229[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Timestamp Disclosure
230[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Username Hash Found
231[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Viewstate Scanner
232[zap.out] 16329 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-AspNet-Version Response Header Scanner
233[zap.out] 16330 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Content-Type-Options Header Missing
234[zap.out] 16330 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Debug-Token Information Leak
235[zap.out] 16330 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: X-Frame-Options Header Scanner
236[zap.out] 16330 [ZAP-daemon] INFO org.zaproxy.zap.extension.pscan.ExtensionPassiveScan  - loaded passive scan rule: Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
237[zap.out] 16339 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon pscanrules v27.0.0
238[zap.out] 16415 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon zest v32.0.0
239[zap.out] 16714 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon zest v32.0.0
240[zap.out] 16737 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon webdrivermacos v16.0.0
241[zap.out] 17074 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon webdrivermacos v16.0.0
242[zap.out] 17102 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon alertFilters v10.0.0
243[zap.out] 17121 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon alertFilters v10.0.0
244[zap.out] 17313 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon hud v0.10.0
245[zap.out] 17417 [ZAP-daemon] INFO org.zaproxy.zap.extension.hud.HudParam  - Updating configurations from v3 to v4
246[zap.out] 17537 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon hud v0.10.0
247[zap.out] 17573 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Installing new addon webdriverwindows v17.0.0
248[zap.out] 18000 [ZAP-daemon] INFO org.zaproxy.zap.extension.autoupdate.ExtensionAutoUpdate  - Finished installing new addon webdriverwindows v17.0.0
249[zap.out] 18001 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on update check complete
250[zap.out] 18001 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on already installed: /root/.ZAP_D/plugin/pscanrulesBeta-beta-21.zap
251[zap.out] 18001 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/alertFilters-release-10.zap
252[zap.out] 18002 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/quickstart-release-28.zap
253[zap.out] 18002 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/pscanrulesBeta-beta-21.zap
254[zap.out] 18003 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/pscanrules-release-27.zap
255[zap.out] 18003 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/hud-beta-0.10.0.zap
256[zap.out] 18003 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/webdriverwindows-release-17.zap
257[zap.out] 18004 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/webdriverlinux-release-17.zap
258[zap.out] 18004 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/webdrivermacos-release-16.zap
259[zap.out] 18004 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/openapi-beta-15.zap
260[zap.out] 18004 [ZAP-daemon] INFO org.parosproxy.paros.CommandLine  - Add-on downloaded to: /root/.ZAP_D/plugin/zest-beta-32.zap
261[zap.out] 18009 [ZAP-daemon] INFO org.zaproxy.zap.DaemonBootstrap  - ZAP is now listening on 0.0.0.0:34013
262[zap.out] 18553 [ZAP-ProxyThread-2] INFO org.parosproxy.paros.control.Control  - Discard Session
263[zap.out] 18669 [ZAP-ProxyThread-2] INFO org.parosproxy.paros.control.Control  - New Session
264[zap.out] 18669 [ZAP-ProxyThread-2] INFO org.parosproxy.paros.control.Control  - Create and Open Untitled Db
265[zap.out] 18711 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit start
266[zap.out] 18724 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache commit end
267[zap.out] 18730 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - Database closed
268[zap.out] 19027 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open start
269[zap.out] 19035 [ZAP-ProxyThread-2] INFO hsqldb.db.HSQLDB379AF3DEBD.ENGINE  - dataFileCache open end
270[zap.out] 23007 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread  - Starting spidering scan on Context: Target Context at Fri Feb 14 16:20:56 UTC 2020
271[zap.out] 23010 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider  - Spider initializing...
272[zap.out] 23111 [ZAP-SpiderInitThread-0] INFO org.zaproxy.zap.spider.Spider  - Starting spider...
273[zap.out] 23274 [ZAP-SpiderThreadPool-0-thread-2] INFO org.zaproxy.zap.spider.Spider  - Spidering process is complete. Shutting down...
274[zap.out] 23275 [ZAP-SpiderShutdownThread-0] INFO org.zaproxy.zap.extension.spider.SpiderThread  - Spider scanning complete: true
275[zap.out] 24367 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner CSP Scanner failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
276[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
277[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.scanHttpResponseReceive(ContentSecurityPolicyScanner.java:95)
278[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
279[zap.out] 24371 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Content-Type Header Missing failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
280[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
281[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentTypeMissingScanner.scanHttpResponseReceive(ContentTypeMissingScanner.java:49)
282[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
283[zap.out] 24376 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie No HttpOnly Flag failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
284[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
285[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieHttpOnlyScanner.scanHttpResponseReceive(CookieHttpOnlyScanner.java:60)
286[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
287[zap.out] 24378 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without SameSite Attribute failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
288[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
289[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.checkCookies(CookieSameSiteScanner.java:63)
290[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.scanHttpResponseReceive(CookieSameSiteScanner.java:58)
291[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
292[zap.out] 24381 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Weak Authentication Method failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
293[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpRequestHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
294[zap.out] 	at org.zaproxy.zap.extension.pscanrules.InsecureAuthenticationScan.scanHttpRequestSend(InsecureAuthenticationScan.java:86)
295[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:197)
296[zap.out] 24388 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Username Hash Found failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
297[zap.out] java.lang.NoSuchMethodError: org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getHelper()Lorg/zaproxy/zap/extension/pscan/PassiveScanData;
298[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getUsers(UsernameIdorScanner.java:77)
299[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.scanHttpResponseReceive(UsernameIdorScanner.java:88)
300[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
301[zap.out] 24388 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-AspNet-Version Response Header Scanner failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
302[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
303[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XAspNetVersionScanner.scanHttpResponseReceive(XAspNetVersionScanner.java:60)
304[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
305[zap.out] 24393 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Debug-Token Information Leak failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
306[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
307[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.responseHasHeader(XDebugTokenScanner.java:119)
308[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.scanHttpResponseReceive(XDebugTokenScanner.java:65)
309[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
310[zap.out] 24393 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) failed on record 1 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
311[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
312[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.isXPoweredByHeaderExist(XPoweredByHeaderInfoLeakScanner.java:83)
313[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.scanHttpResponseReceive(XPoweredByHeaderInfoLeakScanner.java:62)
314[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
315[zap.out] 24412 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Incomplete or No Cache-control and Pragma HTTP Header Set failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
316[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
317[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CacheControlScanner.scanHttpResponseReceive(CacheControlScanner.java:73)
318[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
319[zap.out] 24417 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner CSP Scanner failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
320[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
321[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.scanHttpResponseReceive(ContentSecurityPolicyScanner.java:95)
322[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
323[zap.out] 24420 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Content-Type Header Missing failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
324[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
325[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentTypeMissingScanner.scanHttpResponseReceive(ContentTypeMissingScanner.java:49)
326[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
327[zap.out] 24420 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie No HttpOnly Flag failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
328[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
329[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieHttpOnlyScanner.scanHttpResponseReceive(CookieHttpOnlyScanner.java:60)
330[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
331[zap.out] 24420 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without SameSite Attribute failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
332[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
333[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.checkCookies(CookieSameSiteScanner.java:63)
334[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.scanHttpResponseReceive(CookieSameSiteScanner.java:58)
335[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
336[zap.out] 24420 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without Secure Flag failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
337[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
338[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSecureFlagScanner.scanHttpResponseReceive(CookieSecureFlagScanner.java:65)
339[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
340[zap.out] 24422 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Username Hash Found failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
341[zap.out] java.lang.NoSuchMethodError: org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getHelper()Lorg/zaproxy/zap/extension/pscan/PassiveScanData;
342[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getUsers(UsernameIdorScanner.java:77)
343[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.scanHttpResponseReceive(UsernameIdorScanner.java:88)
344[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
345[zap.out] 24425 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-AspNet-Version Response Header Scanner failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
346[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
347[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XAspNetVersionScanner.scanHttpResponseReceive(XAspNetVersionScanner.java:60)
348[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
349[zap.out] 24426 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Content-Type-Options Header Missing failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
350[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
351[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XContentTypeOptionsScanner.scanHttpResponseReceive(XContentTypeOptionsScanner.java:66)
352[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
353[zap.out] 24426 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Debug-Token Information Leak failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
354[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
355[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.responseHasHeader(XDebugTokenScanner.java:119)
356[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.scanHttpResponseReceive(XDebugTokenScanner.java:65)
357[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
358[zap.out] 24426 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Frame-Options Header Scanner failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
359[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
360[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XFrameOptionScanner.scanHttpResponseReceive(XFrameOptionScanner.java:78)
361[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
362[zap.out] 24426 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) failed on record 3 from History table: GET https://dast-4422333-dast-default.34.67.11.220.nip.io/
363[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
364[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.isXPoweredByHeaderExist(XPoweredByHeaderInfoLeakScanner.java:83)
365[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.scanHttpResponseReceive(XPoweredByHeaderInfoLeakScanner.java:62)
366[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
367[zap.out] 24449 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner CSP Scanner failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
368[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
369[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.scanHttpResponseReceive(ContentSecurityPolicyScanner.java:95)
370[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
371[zap.out] 24450 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Content-Type Header Missing failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
372[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
373[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentTypeMissingScanner.scanHttpResponseReceive(ContentTypeMissingScanner.java:49)
374[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
375[zap.out] 24450 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie No HttpOnly Flag failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
376[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
377[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieHttpOnlyScanner.scanHttpResponseReceive(CookieHttpOnlyScanner.java:60)
378[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
379[zap.out] 24451 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without SameSite Attribute failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
380[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
381[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.checkCookies(CookieSameSiteScanner.java:63)
382[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.scanHttpResponseReceive(CookieSameSiteScanner.java:58)
383[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
384[zap.out] 24455 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Weak Authentication Method failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
385[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpRequestHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
386[zap.out] 	at org.zaproxy.zap.extension.pscanrules.InsecureAuthenticationScan.scanHttpRequestSend(InsecureAuthenticationScan.java:86)
387[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:197)
388[zap.out] 24456 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Username Hash Found failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
389[zap.out] java.lang.NoSuchMethodError: org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getHelper()Lorg/zaproxy/zap/extension/pscan/PassiveScanData;
390[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getUsers(UsernameIdorScanner.java:77)
391[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.scanHttpResponseReceive(UsernameIdorScanner.java:88)
392[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
393[zap.out] 24457 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-AspNet-Version Response Header Scanner failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
394[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
395[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XAspNetVersionScanner.scanHttpResponseReceive(XAspNetVersionScanner.java:60)
396[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
397[zap.out] 24457 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Debug-Token Information Leak failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
398[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
399[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.responseHasHeader(XDebugTokenScanner.java:119)
400[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.scanHttpResponseReceive(XDebugTokenScanner.java:65)
401[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
402[zap.out] 24457 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) failed on record 9 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/
403[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
404[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.isXPoweredByHeaderExist(XPoweredByHeaderInfoLeakScanner.java:83)
405[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.scanHttpResponseReceive(XPoweredByHeaderInfoLeakScanner.java:62)
406[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
407[zap.out] 24491 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner CSP Scanner failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
408[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
409[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.scanHttpResponseReceive(ContentSecurityPolicyScanner.java:95)
410[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
411[zap.out] 24493 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Content-Type Header Missing failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
412[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
413[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentTypeMissingScanner.scanHttpResponseReceive(ContentTypeMissingScanner.java:49)
414[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
415[zap.out] 24494 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie No HttpOnly Flag failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
416[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
417[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieHttpOnlyScanner.scanHttpResponseReceive(CookieHttpOnlyScanner.java:60)
418[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
419[zap.out] 24494 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without SameSite Attribute failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
420[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
421[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.checkCookies(CookieSameSiteScanner.java:63)
422[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.scanHttpResponseReceive(CookieSameSiteScanner.java:58)
423[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
424[zap.out] 24513 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Weak Authentication Method failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
425[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpRequestHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
426[zap.out] 	at org.zaproxy.zap.extension.pscanrules.InsecureAuthenticationScan.scanHttpRequestSend(InsecureAuthenticationScan.java:86)
427[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:197)
428[zap.out] 24514 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Username Hash Found failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
429[zap.out] java.lang.NoSuchMethodError: org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getHelper()Lorg/zaproxy/zap/extension/pscan/PassiveScanData;
430[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getUsers(UsernameIdorScanner.java:77)
431[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.scanHttpResponseReceive(UsernameIdorScanner.java:88)
432[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
433[zap.out] 24514 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-AspNet-Version Response Header Scanner failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
434[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
435[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XAspNetVersionScanner.scanHttpResponseReceive(XAspNetVersionScanner.java:60)
436[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
437[zap.out] 24514 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Debug-Token Information Leak failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
438[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
439[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.responseHasHeader(XDebugTokenScanner.java:119)
440[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.scanHttpResponseReceive(XDebugTokenScanner.java:65)
441[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
442[zap.out] 24514 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) failed on record 10 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
443[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
444[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.isXPoweredByHeaderExist(XPoweredByHeaderInfoLeakScanner.java:83)
445[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.scanHttpResponseReceive(XPoweredByHeaderInfoLeakScanner.java:62)
446[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
447[zap.out] 24527 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner CSP Scanner failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
448[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
449[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.scanHttpResponseReceive(ContentSecurityPolicyScanner.java:95)
450[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
451[zap.out] 24528 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Content-Type Header Missing failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
452[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
453[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentTypeMissingScanner.scanHttpResponseReceive(ContentTypeMissingScanner.java:49)
454[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
455[zap.out] 24528 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie No HttpOnly Flag failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
456[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
457[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieHttpOnlyScanner.scanHttpResponseReceive(CookieHttpOnlyScanner.java:60)
458[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
459[zap.out] 24528 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without SameSite Attribute failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
460[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
461[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.checkCookies(CookieSameSiteScanner.java:63)
462[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.scanHttpResponseReceive(CookieSameSiteScanner.java:58)
463[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
464[zap.out] 24528 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Weak Authentication Method failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
465[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpRequestHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
466[zap.out] 	at org.zaproxy.zap.extension.pscanrules.InsecureAuthenticationScan.scanHttpRequestSend(InsecureAuthenticationScan.java:86)
467[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:197)
468[zap.out] 24529 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Username Hash Found failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
469[zap.out] java.lang.NoSuchMethodError: org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getHelper()Lorg/zaproxy/zap/extension/pscan/PassiveScanData;
470[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.getUsers(UsernameIdorScanner.java:77)
471[zap.out] 	at org.zaproxy.zap.extension.pscanrules.UsernameIdorScanner.scanHttpResponseReceive(UsernameIdorScanner.java:88)
472[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
473[zap.out] 24529 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-AspNet-Version Response Header Scanner failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
474[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
475[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XAspNetVersionScanner.scanHttpResponseReceive(XAspNetVersionScanner.java:60)
476[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
477[zap.out] 24529 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner X-Debug-Token Information Leak failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
478[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
479[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.responseHasHeader(XDebugTokenScanner.java:119)
480[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XDebugTokenScanner.scanHttpResponseReceive(XDebugTokenScanner.java:65)
481[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
482[zap.out] 24530 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) failed on record 11 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
483[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
484[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.isXPoweredByHeaderExist(XPoweredByHeaderInfoLeakScanner.java:83)
485[zap.out] 	at org.zaproxy.zap.extension.pscanrules.XPoweredByHeaderInfoLeakScanner.scanHttpResponseReceive(XPoweredByHeaderInfoLeakScanner.java:62)
486[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
487[zap.out] 24542 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner CSP Scanner failed on record 12 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io
488[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
489[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentSecurityPolicyScanner.scanHttpResponseReceive(ContentSecurityPolicyScanner.java:95)
490[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
491[zap.out] 24542 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Content-Type Header Missing failed on record 12 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io
492[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
493[zap.out] 	at org.zaproxy.zap.extension.pscanrules.ContentTypeMissingScanner.scanHttpResponseReceive(ContentTypeMissingScanner.java:49)
494[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
495[zap.out] 24561 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie No HttpOnly Flag failed on record 12 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io
496[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
497[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieHttpOnlyScanner.scanHttpResponseReceive(CookieHttpOnlyScanner.java:60)
498[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
499[zap.out] 24562 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Cookie Without SameSite Attribute failed on record 12 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.io
500[zap.out] java.lang.NoSuchMethodError: org.parosproxy.paros.network.HttpResponseHeader.getHeaderValues(Ljava/lang/String;)Ljava/util/List;
501[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.checkCookies(CookieSameSiteScanner.java:63)
502[zap.out] 	at org.zaproxy.zap.extension.pscanrules.CookieSameSiteScanner.scanHttpResponseReceive(CookieSameSiteScanner.java:58)
503[zap.out] 	at org.zaproxy.zap.extension.pscan.PassiveScanThread.run(PassiveScanThread.java:199)
504[zap.out] 24562 [ZAP-PassiveScanner] ERROR org.zaproxy.zap.extension.pscan.PassiveScanThread  - Scanner Weak Authentication Method failed on record 12 from History table: GET http://dast-4422333-dast-default.34.67.11.220.nip.ioTotal of 4 URLs
505PASS: Cookie No HttpOnly Flag [10010]
506PASS: Cookie Without Secure Flag [10011]
507PASS: Incomplete or No Cache-control and Pragma HTTP Header Set [10015]
508PASS: Cross-Domain JavaScript Source File Inclusion [10017]
509PASS: Content-Type Header Missing [10019]
510PASS: X-Frame-Options Header Scanner [10020]
511PASS: X-Content-Type-Options Header Missing [10021]
512PASS: Information Disclosure - Debug Error Messages [10023]
513PASS: Information Disclosure - Sensitive Information in URL [10024]
514PASS: Information Disclosure - Sensitive Information in HTTP Referrer Header [10025]
515PASS: HTTP Parameter Override [10026]
516PASS: Information Disclosure - Suspicious Comments [10027]
517PASS: Open Redirect [10028]
518PASS: Cookie Poisoning [10029]
519PASS: User Controllable Charset [10030]
520PASS: User Controllable HTML Element Attribute (Potential XSS) [10031]
521PASS: Viewstate Scanner [10032]
522PASS: Directory Browsing [10033]
523PASS: Heartbleed OpenSSL Vulnerability (Indicative) [10034]
524PASS: Strict-Transport-Security Header Scanner [10035]
525PASS: Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s) [10037]
526PASS: Content Security Policy (CSP) Header Not Set [10038]
527PASS: X-Backend-Server Header Information Leak [10039]
528PASS: Secure Pages Include Mixed Content [10040]
529PASS: HTTP to HTTPS Insecure Transition in Form Post [10041]
530PASS: HTTPS to HTTP Insecure Transition in Form Post [10042]
531PASS: User Controllable JavaScript Event (XSS) [10043]
532PASS: Big Redirect Detected (Potential Sensitive Information Leak) [10044]
533PASS: Retrieved from Cache [10050]
534PASS: X-ChromeLogger-Data (XCOLD) Header Information Leak [10052]
535PASS: Cookie Without SameSite Attribute [10054]
536PASS: CSP Scanner [10055]
537PASS: X-Debug-Token Information Leak [10056]
538PASS: Username Hash Found [10057]
539PASS: X-AspNet-Version Response Header Scanner [10061]
540PASS: PII Scanner [10062]
541PASS: Timestamp Disclosure [10096]
542PASS: Hash Disclosure [10097]
543PASS: Cross-Domain Misconfiguration [10098]
544PASS: Weak Authentication Method [10105]
545PASS: Reverse Tabnabbing [10108]
546PASS: Absence of Anti-CSRF Tokens [10202]
547PASS: Private IP Disclosure [2]
548PASS: Session ID in URL Rewrite [3]
549PASS: Script Passive Scan Rules [50001]
550PASS: Insecure JSF ViewState [90001]
551PASS: Charset Mismatch [90011]
552PASS: Application Error Disclosure [90022]
553PASS: Loosely Scoped Cookie [90033]
554WARN-NEW: Server Leaks Version Information via "Server" HTTP Response Header Field [10036] x 4 
555	http://dast-4422333-dast-default.34.67.11.220.nip.io/
556	http://dast-4422333-dast-default.34.67.11.220.nip.io/robots.txt
557	http://dast-4422333-dast-default.34.67.11.220.nip.io/sitemap.xml
558	http://dast-4422333-dast-default.34.67.11.220.nip.io
559FAIL-NEW: 0	FAIL-INPROG: 0	WARN-NEW: 1	WARN-INPROG: 0	INFO: 0	IGNORE: 0	PASS: 49
 560  Uploading artifacts...  
  00:02
561gl-dast-report.json: found 1 matching files        
562Uploading artifacts to coordinator... ok            id=37081928 responseStatus=201 Created token=_Pxgx9r3
563Job succeeded
Admin message

Admin message
