Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
DashlordBetaGouvBot committed Aug 14, 2024
1 parent ce73092 commit 9b913d5
Show file tree
Hide file tree
Showing 9 changed files with 1,265 additions and 1,231 deletions.
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"url":"https://france-services.gouv.fr","algorithm_version":3,"end_time":"Wed, 17 Jul 2024 15:19:21 GMT","grade":"B+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Access-Control-Allow-Headers":"DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range","Access-Control-Allow-Methods":"GET, POST, OPTIONS","Access-Control-Allow-Origin":"*","Access-Control-Expose-Headers":"Content-Length,Content-Range","Allow":"GET, POST, HEAD","Cache-Control":"max-age=600, public","Connection":"keep-alive","Content-Encoding":"gzip","Content-Security-Policy":"default-src https: 'unsafe-eval' 'unsafe-inline'; object-src https: ; child-src https: platform.twitter.com; img-src https: data:; font-src 'self' data: https:;","Content-Type":"text/html; charset=UTF-8","Content-language":"fr","Date":"Wed, 17 Jul 2024 15:19:17 GMT","ETag":"\"1721204027-gzip\"","Expires":"Wed, 17 Jul 2024 15:29:17 GMT","Last-Modified":"Wed, 17 Jul 2024 08:13:47 GMT","Referrer-Policy":"same-origin","Server":"nginx","Set-Cookie":"visid_incap_3065000=wTU6eST1TCSeOQr5bH+77/Tgl2YAAAAAQUIPAAAAAADNGjwa8RgRp7xcLkpqB26p; expires=Thu, 17 Jul 2025 08:07:14 GMT; HttpOnly; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None, incap_ses_2105_3065000=uwVYfJSKeHbqKG5AcHY2HfXgl2YAAAAARVnOlbQyaPv1ZyPRApVaJg==; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None","Strict-Transport-Security":"max-age=31536000; includeSubDomains; preload","Transfer-Encoding":"chunked","Upgrade-Insecure-Requests":"1","Vary":"Cookie,Accept-Encoding","X-CDN":"Imperva","X-Content-Type-Options":"nosniff","X-Drupal-Cache":"HIT","X-Drupal-Dynamic-Cache":"MISS","X-Frame-Options":"SAMEORIGIN","X-Iinfo":"17-104726139-104583275 pNNy RT(1721229557099 48) q(0 0 0 1) r(2 2) U12","X-Proxy-Cache":"HIT","X-XSS-Protection":"1;mode=block"},"scan_id":53496228,"score":80,"start_time":"Wed, 17 Jul 2024 15:19:17 GMT","state":"FINISHED","status_code":200,"tests_failed":1,"tests_passed":10,"tests_quantity":11,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"child-src":["https:","platform.twitter.com"],"default-src":["https:","'unsafe-inline'","'unsafe-eval'"],"font-src":["https:","'self'","data:"],"img-src":["https:","data:"],"object-src":["https:"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":false,"defaultNone":false,"insecureBaseUri":true,"insecureFormAction":true,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":true,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":true}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"incap_ses_2105_3065000":{"domain":".france-services.gouv.fr","expires":null,"httponly":false,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true},"visid_incap_3065000":{"domain":".france-services.gouv.fr","expires":1752739634,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true}},"sameSite":true},"pass":true,"result":"cookies-secure-with-httponly-sessions-and-samesite","score_description":"All cookies use the Secure flag, session cookies use the HttpOnly flag, and cross-origin restrictions are in place via the SameSite flag","score_modifier":5},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"*","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-public-access","score_description":"Public content is visible via cross-origin resource sharing (CORS) Access-Control-Allow-Origin header","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.france-services.gouv.fr/","redirects":true,"route":["http://france-services.gouv.fr/","https://france-services.gouv.fr/","https://www.france-services.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"same-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=31536000; includeSubDomains; preload","includeSubDomains":true,"max-age":31536000,"preload":true,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":"1;mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"Deprecated X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}}
{"url":"https://france-services.gouv.fr","algorithm_version":3,"end_time":"Wed, 14 Aug 2024 13:21:02 GMT","grade":"B+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Access-Control-Allow-Headers":"DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range","Access-Control-Allow-Methods":"GET, POST, OPTIONS","Access-Control-Allow-Origin":"*","Access-Control-Expose-Headers":"Content-Length,Content-Range","Allow":"GET, POST, HEAD","Cache-Control":"max-age=600, public","Connection":"keep-alive","Content-Encoding":"gzip","Content-Security-Policy":"default-src https: 'unsafe-eval' 'unsafe-inline'; object-src https: ; child-src https: platform.twitter.com; img-src https: data:; font-src 'self' data: https:;","Content-Type":"text/html; charset=UTF-8","Content-language":"fr","Date":"Wed, 14 Aug 2024 13:21:00 GMT","ETag":"\"1723537648-gzip\"","Expires":"Wed, 14 Aug 2024 13:31:00 GMT","Last-Modified":"Tue, 13 Aug 2024 08:27:28 GMT","Referrer-Policy":"same-origin","Server":"nginx","Set-Cookie":"visid_incap_3065000=GzWx3rDuQVKFfJZDXWM96zqvvGYAAAAAQUIPAAAAAAA8DzgZwDtuaNnpRO38wDkG; expires=Thu, 14 Aug 2025 06:56:08 GMT; HttpOnly; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None, incap_ses_724_3065000=0JXPI/4s1VlpglP1WioMCjuvvGYAAAAALmYKgJbc5WSmtuYR0BD9iw==; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None","Strict-Transport-Security":"max-age=31536000; includeSubDomains; preload","Transfer-Encoding":"chunked","Upgrade-Insecure-Requests":"1","Vary":"Cookie,Accept-Encoding","X-CDN":"Imperva","X-Content-Type-Options":"nosniff","X-Drupal-Cache":"HIT","X-Drupal-Dynamic-Cache":"HIT","X-Frame-Options":"SAMEORIGIN","X-Iinfo":"12-31619046-31587345 pNNy RT(1723641659720 45) q(0 0 0 0) r(2 2) U12","X-Proxy-Cache":"HIT","X-XSS-Protection":"1;mode=block"},"scan_id":54448254,"score":80,"start_time":"Wed, 14 Aug 2024 13:20:59 GMT","state":"FINISHED","status_code":200,"tests_failed":1,"tests_passed":9,"tests_quantity":10,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"child-src":["https:","platform.twitter.com"],"default-src":["https:","'unsafe-inline'","'unsafe-eval'"],"font-src":["https:","'self'","data:"],"img-src":["https:","data:"],"object-src":["https:"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":false,"defaultNone":false,"insecureBaseUri":true,"insecureFormAction":true,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":true,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":true}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"incap_ses_724_3065000":{"domain":".france-services.gouv.fr","expires":null,"httponly":false,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true},"visid_incap_3065000":{"domain":".france-services.gouv.fr","expires":1755154568,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true}},"sameSite":true},"pass":true,"result":"cookies-secure-with-httponly-sessions-and-samesite","score_description":"All cookies use the Secure flag, session cookies use the HttpOnly flag, and cross-origin restrictions are in place via the SameSite flag","score_modifier":5},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"*","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-public-access","score_description":"Public content is visible via cross-origin resource sharing (CORS) Access-Control-Allow-Origin header","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.france-services.gouv.fr/","redirects":true,"route":["http://france-services.gouv.fr/","https://france-services.gouv.fr/","https://www.france-services.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"same-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=31536000; includeSubDomains; preload","includeSubDomains":true,"max-age":31536000,"preload":true,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":"1;mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"Deprecated X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}}

Large diffs are not rendered by default.

2,450 changes: 1,242 additions & 1,208 deletions results/aHR0cHM6Ly9mcmFuY2Utc2VydmljZXMuZ291di5mcg==/lhr.json

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -1 +1 @@
# Nmap 7.92 scan initiated Wed Jul 17 15:22:16 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr
# Nmap 7.92 scan initiated Wed Aug 14 13:23:59 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr
Original file line number Diff line number Diff line change
@@ -1 +1 @@
# Nmap 7.92 scan initiated Wed Jul 17 15:22:16 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr
# Nmap 7.92 scan initiated Wed Aug 14 13:23:59 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE nmaprun>
<?xml-stylesheet href="file:///usr/bin/../share/nmap/nmap.xsl" type="text/xsl"?>
<!-- Nmap 7.92 scan initiated Wed Jul 17 15:22:16 2024 as: nmap -sV -&#45;script vulners -&#45;script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr -->
<nmaprun scanner="nmap" args="nmap -sV -&#45;script vulners -&#45;script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr" start="1721229736" startstr="Wed Jul 17 15:22:16 2024" version="7.92" xmloutputversion="1.05">
<!-- Nmap 7.92 scan initiated Wed Aug 14 13:23:59 2024 as: nmap -sV -&#45;script vulners -&#45;script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr -->
<nmaprun scanner="nmap" args="nmap -sV -&#45;script vulners -&#45;script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr" start="1723641839" startstr="Wed Aug 14 13:23:59 2024" version="7.92" xmloutputversion="1.05">
<scaninfo type="syn" protocol="tcp" numservices="1000" services="1,3-4,6-7,9,13,17,19-26,30,32-33,37,42-43,49,53,70,79-85,88-90,99-100,106,109-111,113,119,125,135,139,143-144,146,161,163,179,199,211-212,222,254-256,259,264,280,301,306,311,340,366,389,406-407,416-417,425,427,443-445,458,464-465,481,497,500,512-515,524,541,543-545,548,554-555,563,587,593,616-617,625,631,636,646,648,666-668,683,687,691,700,705,711,714,720,722,726,749,765,777,783,787,800-801,808,843,873,880,888,898,900-903,911-912,981,987,990,992-993,995,999-1002,1007,1009-1011,1021-1100,1102,1104-1108,1110-1114,1117,1119,1121-1124,1126,1130-1132,1137-1138,1141,1145,1147-1149,1151-1152,1154,1163-1166,1169,1174-1175,1183,1185-1187,1192,1198-1199,1201,1213,1216-1218,1233-1234,1236,1244,1247-1248,1259,1271-1272,1277,1287,1296,1300-1301,1309-1311,1322,1328,1334,1352,1417,1433-1434,1443,1455,1461,1494,1500-1501,1503,1521,1524,1533,1556,1580,1583,1594,1600,1641,1658,1666,1687-1688,1700,1717-1721,1723,1755,1761,1782-1783,1801,1805,1812,1839-1840,1862-1864,1875,1900,1914,1935,1947,1971-1972,1974,1984,1998-2010,2013,2020-2022,2030,2033-2035,2038,2040-2043,2045-2049,2065,2068,2099-2100,2103,2105-2107,2111,2119,2121,2126,2135,2144,2160-2161,2170,2179,2190-2191,2196,2200,2222,2251,2260,2288,2301,2323,2366,2381-2383,2393-2394,2399,2401,2492,2500,2522,2525,2557,2601-2602,2604-2605,2607-2608,2638,2701-2702,2710,2717-2718,2725,2800,2809,2811,2869,2875,2909-2910,2920,2967-2968,2998,3000-3001,3003,3005-3007,3011,3013,3017,3030-3031,3052,3071,3077,3128,3168,3211,3221,3260-3261,3268-3269,3283,3300-3301,3306,3322-3325,3333,3351,3367,3369-3372,3389-3390,3404,3476,3493,3517,3527,3546,3551,3580,3659,3689-3690,3703,3737,3766,3784,3800-3801,3809,3814,3826-3828,3851,3869,3871,3878,3880,3889,3905,3914,3918,3920,3945,3971,3986,3995,3998,4000-4006,4045,4111,4125-4126,4129,4224,4242,4279,4321,4343,4443-4446,4449,4550,4567,4662,4848,4899-4900,4998,5000-5004,5009,5030,5033,5050-5051,5054,5060-5061,5080,5087,5100-5102,5120,5190,5200,5214,5221-5222,5225-5226,5269,5280,5298,5357,5405,5414,5431-5432,5440,5500,5510,5544,5550,5555,5560,5566,5631,5633,5666,5678-5679,5718,5730,5800-5802,5810-5811,5815,5822,5825,5850,5859,5862,5877,5900-5904,5906-5907,5910-5911,5915,5922,5925,5950,5952,5959-5963,5987-5989,5998-6007,6009,6025,6059,6100-6101,6106,6112,6123,6129,6156,6346,6389,6502,6510,6543,6547,6565-6567,6580,6646,6666-6669,6689,6692,6699,6779,6788-6789,6792,6839,6881,6901,6969,7000-7002,7004,7007,7019,7025,7070,7100,7103,7106,7200-7201,7402,7435,7443,7496,7512,7625,7627,7676,7741,7777-7778,7800,7911,7920-7921,7937-7938,7999-8002,8007-8011,8021-8022,8031,8042,8045,8080-8090,8093,8099-8100,8180-8181,8192-8194,8200,8222,8254,8290-8292,8300,8333,8383,8400,8402,8443,8500,8600,8649,8651-8652,8654,8701,8800,8873,8888,8899,8994,9000-9003,9009-9011,9040,9050,9071,9080-9081,9090-9091,9099-9103,9110-9111,9200,9207,9220,9290,9415,9418,9485,9500,9502-9503,9535,9575,9593-9595,9618,9666,9876-9878,9898,9900,9917,9929,9943-9944,9968,9998-10004,10009-10010,10012,10024-10025,10082,10180,10215,10243,10566,10616-10617,10621,10626,10628-10629,10778,11110-11111,11967,12000,12174,12265,12345,13456,13722,13782-13783,14000,14238,14441-14442,15000,15002-15004,15660,15742,16000-16001,16012,16016,16018,16080,16113,16992-16993,17877,17988,18040,18101,18988,19101,19283,19315,19350,19780,19801,19842,20000,20005,20031,20221-20222,20828,21571,22939,23502,24444,24800,25734-25735,26214,27000,27352-27353,27355-27356,27715,28201,30000,30718,30951,31038,31337,32768-32785,33354,33899,34571-34573,35500,38292,40193,40911,41511,42510,44176,44442-44443,44501,45100,48080,49152-49161,49163,49165,49167,49175-49176,49400,49999-50003,50006,50300,50389,50500,50636,50800,51103,51493,52673,52822,52848,52869,54045,54328,55055-55056,55555,55600,56737-56738,57294,57797,58080,60020,60443,61532,61900,62078,63331,64623,64680,65000,65129,65389"/>
<verbose level="0"/>
<debugging level="0"/>
Expand Down
Loading

0 comments on commit 9b913d5

Please sign in to comment.