forked from GKO-org/dashlordTest
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
update: https://france-services.gouv.fr
- Loading branch information
1 parent
ce73092
commit 9b913d5
Showing
9 changed files
with
1,265 additions
and
1,231 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
{"url":"https://france-services.gouv.fr","algorithm_version":3,"end_time":"Wed, 17 Jul 2024 15:19:21 GMT","grade":"B+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Access-Control-Allow-Headers":"DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range","Access-Control-Allow-Methods":"GET, POST, OPTIONS","Access-Control-Allow-Origin":"*","Access-Control-Expose-Headers":"Content-Length,Content-Range","Allow":"GET, POST, HEAD","Cache-Control":"max-age=600, public","Connection":"keep-alive","Content-Encoding":"gzip","Content-Security-Policy":"default-src https: 'unsafe-eval' 'unsafe-inline'; object-src https: ; child-src https: platform.twitter.com; img-src https: data:; font-src 'self' data: https:;","Content-Type":"text/html; charset=UTF-8","Content-language":"fr","Date":"Wed, 17 Jul 2024 15:19:17 GMT","ETag":"\"1721204027-gzip\"","Expires":"Wed, 17 Jul 2024 15:29:17 GMT","Last-Modified":"Wed, 17 Jul 2024 08:13:47 GMT","Referrer-Policy":"same-origin","Server":"nginx","Set-Cookie":"visid_incap_3065000=wTU6eST1TCSeOQr5bH+77/Tgl2YAAAAAQUIPAAAAAADNGjwa8RgRp7xcLkpqB26p; expires=Thu, 17 Jul 2025 08:07:14 GMT; HttpOnly; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None, incap_ses_2105_3065000=uwVYfJSKeHbqKG5AcHY2HfXgl2YAAAAARVnOlbQyaPv1ZyPRApVaJg==; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None","Strict-Transport-Security":"max-age=31536000; includeSubDomains; preload","Transfer-Encoding":"chunked","Upgrade-Insecure-Requests":"1","Vary":"Cookie,Accept-Encoding","X-CDN":"Imperva","X-Content-Type-Options":"nosniff","X-Drupal-Cache":"HIT","X-Drupal-Dynamic-Cache":"MISS","X-Frame-Options":"SAMEORIGIN","X-Iinfo":"17-104726139-104583275 pNNy RT(1721229557099 48) q(0 0 0 1) r(2 2) U12","X-Proxy-Cache":"HIT","X-XSS-Protection":"1;mode=block"},"scan_id":53496228,"score":80,"start_time":"Wed, 17 Jul 2024 15:19:17 GMT","state":"FINISHED","status_code":200,"tests_failed":1,"tests_passed":10,"tests_quantity":11,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"child-src":["https:","platform.twitter.com"],"default-src":["https:","'unsafe-inline'","'unsafe-eval'"],"font-src":["https:","'self'","data:"],"img-src":["https:","data:"],"object-src":["https:"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":false,"defaultNone":false,"insecureBaseUri":true,"insecureFormAction":true,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":true,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":true}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"incap_ses_2105_3065000":{"domain":".france-services.gouv.fr","expires":null,"httponly":false,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true},"visid_incap_3065000":{"domain":".france-services.gouv.fr","expires":1752739634,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true}},"sameSite":true},"pass":true,"result":"cookies-secure-with-httponly-sessions-and-samesite","score_description":"All cookies use the Secure flag, session cookies use the HttpOnly flag, and cross-origin restrictions are in place via the SameSite flag","score_modifier":5},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"*","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-public-access","score_description":"Public content is visible via cross-origin resource sharing (CORS) Access-Control-Allow-Origin header","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.france-services.gouv.fr/","redirects":true,"route":["http://france-services.gouv.fr/","https://france-services.gouv.fr/","https://www.france-services.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"same-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=31536000; includeSubDomains; preload","includeSubDomains":true,"max-age":31536000,"preload":true,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":"1;mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"Deprecated X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}} | ||
{"url":"https://france-services.gouv.fr","algorithm_version":3,"end_time":"Wed, 14 Aug 2024 13:21:02 GMT","grade":"B+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Access-Control-Allow-Headers":"DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range","Access-Control-Allow-Methods":"GET, POST, OPTIONS","Access-Control-Allow-Origin":"*","Access-Control-Expose-Headers":"Content-Length,Content-Range","Allow":"GET, POST, HEAD","Cache-Control":"max-age=600, public","Connection":"keep-alive","Content-Encoding":"gzip","Content-Security-Policy":"default-src https: 'unsafe-eval' 'unsafe-inline'; object-src https: ; child-src https: platform.twitter.com; img-src https: data:; font-src 'self' data: https:;","Content-Type":"text/html; charset=UTF-8","Content-language":"fr","Date":"Wed, 14 Aug 2024 13:21:00 GMT","ETag":"\"1723537648-gzip\"","Expires":"Wed, 14 Aug 2024 13:31:00 GMT","Last-Modified":"Tue, 13 Aug 2024 08:27:28 GMT","Referrer-Policy":"same-origin","Server":"nginx","Set-Cookie":"visid_incap_3065000=GzWx3rDuQVKFfJZDXWM96zqvvGYAAAAAQUIPAAAAAAA8DzgZwDtuaNnpRO38wDkG; expires=Thu, 14 Aug 2025 06:56:08 GMT; HttpOnly; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None, incap_ses_724_3065000=0JXPI/4s1VlpglP1WioMCjuvvGYAAAAALmYKgJbc5WSmtuYR0BD9iw==; path=/; Domain=.france-services.gouv.fr; Secure; SameSite=None","Strict-Transport-Security":"max-age=31536000; includeSubDomains; preload","Transfer-Encoding":"chunked","Upgrade-Insecure-Requests":"1","Vary":"Cookie,Accept-Encoding","X-CDN":"Imperva","X-Content-Type-Options":"nosniff","X-Drupal-Cache":"HIT","X-Drupal-Dynamic-Cache":"HIT","X-Frame-Options":"SAMEORIGIN","X-Iinfo":"12-31619046-31587345 pNNy RT(1723641659720 45) q(0 0 0 0) r(2 2) U12","X-Proxy-Cache":"HIT","X-XSS-Protection":"1;mode=block"},"scan_id":54448254,"score":80,"start_time":"Wed, 14 Aug 2024 13:20:59 GMT","state":"FINISHED","status_code":200,"tests_failed":1,"tests_passed":9,"tests_quantity":10,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"child-src":["https:","platform.twitter.com"],"default-src":["https:","'unsafe-inline'","'unsafe-eval'"],"font-src":["https:","'self'","data:"],"img-src":["https:","data:"],"object-src":["https:"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":false,"defaultNone":false,"insecureBaseUri":true,"insecureFormAction":true,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":true,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":true}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"incap_ses_724_3065000":{"domain":".france-services.gouv.fr","expires":null,"httponly":false,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true},"visid_incap_3065000":{"domain":".france-services.gouv.fr","expires":1755154568,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":"None","secure":true}},"sameSite":true},"pass":true,"result":"cookies-secure-with-httponly-sessions-and-samesite","score_description":"All cookies use the Secure flag, session cookies use the HttpOnly flag, and cross-origin restrictions are in place via the SameSite flag","score_modifier":5},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"*","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-public-access","score_description":"Public content is visible via cross-origin resource sharing (CORS) Access-Control-Allow-Origin header","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.france-services.gouv.fr/","redirects":true,"route":["http://france-services.gouv.fr/","https://france-services.gouv.fr/","https://www.france-services.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"same-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=31536000; includeSubDomains; preload","includeSubDomains":true,"max-age":31536000,"preload":true,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":"1;mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"Deprecated X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}} |
2 changes: 1 addition & 1 deletion
2
...y9mcmFuY2Utc2VydmljZXMuZ291di5mcg==/lhr-aHR0cHM6Ly9mcmFuY2Utc2VydmljZXMuZ291di5mci8=.html
Large diffs are not rendered by default.
Oops, something went wrong.
2,450 changes: 1,242 additions & 1,208 deletions
2,450
results/aHR0cHM6Ly9mcmFuY2Utc2VydmljZXMuZ291di5mcg==/lhr.json
Large diffs are not rendered by default.
Oops, something went wrong.
2 changes: 1 addition & 1 deletion
2
results/aHR0cHM6Ly9mcmFuY2Utc2VydmljZXMuZ291di5mcg==/nmapvuln.gnmap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
# Nmap 7.92 scan initiated Wed Jul 17 15:22:16 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr | ||
# Nmap 7.92 scan initiated Wed Aug 14 13:23:59 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr |
2 changes: 1 addition & 1 deletion
2
results/aHR0cHM6Ly9mcmFuY2Utc2VydmljZXMuZ291di5mcg==/nmapvuln.nmap
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
# Nmap 7.92 scan initiated Wed Jul 17 15:22:16 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr | ||
# Nmap 7.92 scan initiated Wed Aug 14 13:23:59 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln france-services.gouv.fr |
4 changes: 2 additions & 2 deletions
4
results/aHR0cHM6Ly9mcmFuY2Utc2VydmljZXMuZ291di5mcg==/nmapvuln.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.