update: https://haute-saone.gouv.fr

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/budget_page.json

@@ -0,0 +1 @@
+{"grade":"F","url":"","uri":""}

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/declaration-a11y.json

@@ -0,0 +1 @@
+{"mention":"Accessibilité : non conforme","declarationUrl":"https://haute-saone.gouv.fr/accessibilite"}

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/declaration-rgpd.json

@@ -0,0 +1 @@
+[{"slug":"ml","mention":"Mentions légales","maxScore":4,"score":3,"missingWords":["éditeur (ou) édité par (ou) editeur (ou) edité par"],"missingTrackers":[],"declarationUrl":"https://haute-saone.gouv.fr/mentions-legales"},{"slug":"pc","mention":"Données personnelles","maxScore":4,"score":1,"missingWords":["finalité","durée de conservation","sous-traitants (ou) sous traitants"],"missingTrackers":[],"declarationUrl":"https://haute-saone.gouv.fr/donnees-personnelles-et-cookies"}]

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/github_repository.json

@@ -0,0 +1 @@
+{"grade":"F","url":"","uri":""}

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/http.json

@@ -0,0 +1 @@
+{"url":"https://haute-saone.gouv.fr","algorithm_version":3,"end_time":"Fri, 16 Feb 2024 22:58:31 GMT","grade":"F","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"accept-ranges":"bytes","age":"0","cache-control":"must-revalidate, no-cache, private","content-encoding":"gzip","content-language":"fr-FR","content-type":"text/html; charset=utf-8","date":"Fri, 16 Feb 2024 22:58:23 GMT","expires":"Fri, 16 Feb 2024 20:58:23 GMT","last-modified":"Fri, 16 Feb 2024 22:58:23 GMT","pragma":"no-cache","served-by":"www.haute-saone.gouv.fr","server":"Apache","set-cookie":"eZSESSID=2u3mai1b4vm2iivic5tbsbgg60; path=/","transfer-encoding":"chunked","vary":"X-User-Hash,Accept-Encoding","x-cache":"Miss"},"scan_id":47704338,"score":0,"start_time":"Fri, 16 Feb 2024 22:58:19 GMT","state":"FINISHED","status_code":200,"tests_failed":6,"tests_passed":5,"tests_quantity":11,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"numPolicies":0,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"eZSESSID":{"domain":"www.haute-saone.gouv.fr","expires":null,"httponly":false,"max-age":null,"path":"/","port":null,"samesite":false,"secure":false}},"sameSite":null},"pass":false,"result":"cookies-session-without-secure-flag","score_description":"Session cookie set without using the Secure flag or set over HTTP","score_modifier":-40},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":"https://http-observatory.security.mozilla.org","clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-implemented-with-restricted-access","score_description":"Content is visible via cross-origin resource sharing (CORS) files or headers, but is restricted to specific domains","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.haute-saone.gouv.fr/","redirects":true,"route":["http://haute-saone.gouv.fr/","http://www.haute-saone.gouv.fr/","https://www.haute-saone.gouv.fr/"],"status_code":200},"pass":false,"result":"redirection-not-to-https-on-initial-redirection","score_description":"Redirects to HTTPS eventually, but initial redirection is to another HTTP URL","score_modifier":-10},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":null,"http":false,"meta":false},"pass":true,"result":"referrer-policy-not-implemented","score_description":"Referrer-Policy header not implemented","score_modifier":0},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":null,"includeSubDomains":false,"max-age":null,"preload":false,"preloaded":false},"pass":false,"result":"hsts-not-implemented","score_description":"HTTP Strict Transport Security (HSTS) header not implemented","score_modifier":-20},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":null},"pass":false,"result":"x-content-type-options-not-implemented","score_description":"X-Content-Type-Options header not implemented","score_modifier":-5},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":null},"pass":false,"result":"x-frame-options-not-implemented","score_description":"X-Frame-Options (XFO) header not implemented","score_modifier":-20},"x-xss-protection":{"expectation":"x-xss-protection-disabled","name":"x-xss-protection","output":{"data":null},"pass":true,"result":"x-xss-protection-not-implemented","score_description":"Deprecated X-XSS-Protection header not implemented","score_modifier":0}}}

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/nmapvuln.gnmap

@@ -0,0 +1,4 @@
+# Nmap 7.92 scan initiated Fri Feb 16 23:00:22 2024 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln haute-saone.gouv.fr
+Host: 77.159.252.140 (140.252.159.77.rev.sfr.net)	Status: Up
+Host: 77.159.252.140 (140.252.159.77.rev.sfr.net)	Ports: 80/open/tcp//http//Apache/, 113/closed/tcp//ident///, 443/open/tcp//ssl|https//Apache/, 2000/open/tcp//cisco-sccp?///, 5060/open/tcp//sip?///	Ignored State: filtered (995)
+# Nmap done at Fri Feb 16 23:03:10 2024 -- 1 IP address (1 host up) scanned in 168.13 seconds

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/nmapvuln.html

@@ -0,0 +1,327 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<meta name="referrer" content="no-referrer">
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
+<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous">
+<link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous">
+<script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script><script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script><script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script><script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script><style>
+          .target:before {
+            content: "";
+            display: block;
+            height: 50px;
+            margin: -20px 0 0;
+          }
+          @media only screen and (min-width:1900px) {
+            .container {
+              width: 1800px;
+              }
+          }
+          .footer {
+            margin-top:60px;
+            padding-top:60px;
+            width: 100%;
+            height: 180px;
+            background-color: #f5f5f5;
+          }
+          .clickable {
+            cursor: pointer;
+          }
+          .panel-heading > h3:before {
+            font-family: 'Glyphicons Halflings';
+            content: "\e114"; /* glyphicon-chevron-down */
+            padding-right: 1em;
+          }
+          .panel-heading.collapsed > h3:before {
+            content: "\e080"; /* glyphicon-chevron-right */
+          }
+        </style>
+<title>Scan Report Nmap 7.92</title>
+</head>
+<body>
+<nav class="navbar navbar-default navbar-fixed-top"><div class="container-fluid">
+<div class="navbar-header">
+<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false"><span class="sr-only">Toggle navigation</span><span class="icon-bar"></span><span class="icon-bar"></span><span class="icon-bar"></span></button><a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a>
+</div>
+<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1"><ul class="nav navbar-nav">
+<li><a href="#scannedhosts">Scanned Hosts</a></li>
+<li><a href="#onlinehosts">Online Hosts</a></li>
+<li><a href="#openservices">Open Services</a></li>
+</ul></div>
+</div></nav><div class="container">
+<div class="jumbotron">
+<h1>Scan Report<br><small>Nmap 7.92</small>
+</h1>
+<pre style="white-space:pre-wrap; word-wrap:break-word;">nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln haute-saone.gouv.fr</pre>
+<p class="lead">Fri Feb 16 23:00:22 2024 – Fri Feb 16 23:03:10 2024<br>1 hosts scanned.
+              1 hosts up.
+              0 hosts down.
+            </p>
+<div class="progress">
+<div class="progress-bar progress-bar-success" style="width:100%;">1<span class="sr-only"></span>
+</div>
+<div class="progress-bar progress-bar-danger" style="width:0%;">0<span class="sr-only"></span>
+</div>
+</div>
+</div>
+<h2 id="scannedhosts" class="target">Scanned Hosts</h2>
+<div class="table-responsive"><table id="table-overview" class="table table-striped dataTable" role="grid">
+<thead><tr>
+<th>State</th>
+<th>Address</th>
+<th>Hostname</th>
+<th>TCP (open)</th>
+<th>UDP (open)</th>
+</tr></thead>
+<tbody><tr>
+<td><span class="label label-success">up</span></td>
+<td>77.159.252.140</td>
+<td>haute-saone.gouv.fr</td>
+<td>4</td>
+<td>0</td>
+</tr></tbody>
+</table></div>
+<script>
+            $(document).ready(function() {
+              $('#table-overview').DataTable();
+            });
+            $('#table-overview').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+          </script><h2 id="onlinehosts" class="target">Online Hosts</h2>
+<div class="panel panel-default">
+<div class="panel-heading clickable" data-toggle="collapse" data-target="#77-159-252-140"><h3 class="panel-title">77.159.252.140 - haute-saone.gouv.fr</h3></div>
+<div class="panel-body collapse in" id="77-159-252-140">
+<h4>Hostnames</h4>
+<ul>
+<li>haute-saone.gouv.fr (user)</li>
+<li>140.252.159.77.rev.sfr.net (PTR)</li>
+</ul>
+<h4>Ports</h4>
+<div class="table-responsive"><table class="table table-bordered">
+<thead><tr>
+<th>Port</th>
+<th>Protocol</th>
+<th>State<br>Reason</th>
+<th>Service</th>
+<th>Product</th>
+<th>Version</th>
+<th>Extra Info</th>
+</tr></thead>
+<tbody>
+<tr class="success">
+<td title="Port">80</td>
+<td title="Protocol">tcp</td>
+<td title="State / Reason">open<br>syn-ack</td>
+<td title="Service">http</td>
+<td title="Product">Apache</td>
+<td title="Version"></td>
+<td title="Extra Info"></td>
+</tr>
+<tr><td colspan="7">
+<a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version="></a><h5>http-server-header</h5>
+<pre style="white-space:pre-wrap; word-wrap:break-word;">Apache</pre>
+<h5>fingerprint-strings</h5>
+<pre style="white-space:pre-wrap; word-wrap:break-word;">
+  FourOhFourRequest, GetRequest: 
+    HTTP/1.1 403 Forbidden
+    date: Fri, 16 Feb 2024 23:00:34 GMT
+    server: Apache
+    cache-control: no-cache
+    content-type: text/html
+    age: 0
+    x-cache: Miss
+    content-length: 94
+    keep-alive: timeout=5, max=100
+    connection: close
+    &lt;html&gt;&lt;body&gt;&lt;h1&gt;403 Forbidden&lt;/h1&gt;
+    Request forbidden by administrative rules.
+    &lt;/body&gt;&lt;/html&gt;
+  HTTPOptions: 
+    HTTP/1.1 403 Forbidden
+    date: Fri, 16 Feb 2024 23:00:34 GMT
+    server: Apache
+    cache-control: no-cache
+    content-type: text/html
+    age: 0
+    x-cache: Miss
+    connection: close
+    &lt;html&gt;&lt;body&gt;&lt;h1&gt;403 Forbidden&lt;/h1&gt;
+    Request forbidden by administrative rules.
+    &lt;/body&gt;&lt;/html&gt;
+  RTSPRequest: 
+    HTTP/1.1 400 Bad Request
+    date: Fri, 16 Feb 2024 23:00:34 GMT
+    server: Apache
+    content-length: 226
+    content-type: text/html; charset=iso-8859-1
+    connection: close
+    &lt;!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"&gt;
+    &lt;html&gt;&lt;head&gt;
+    &lt;title&gt;400 Bad Request&lt;/title&gt;
+    &lt;/head&gt;&lt;body&gt;
+    &lt;h1&gt;Bad Request&lt;/h1&gt;
+    &lt;p&gt;Your browser sent a request that this server could not understand.&lt;br /&gt;
+    &lt;/p&gt;
+    &lt;/body&gt;&lt;/html&gt;
+  X11Probe: 
+    HTTP/1.0 400 Bad request
+    cache-control: no-cache
+    content-type: text/html
+    &lt;html&gt;&lt;body&gt;&lt;h1&gt;400 Bad request&lt;/h1&gt;
+    Your browser sent an invalid request.
+    &lt;/body&gt;&lt;/html&gt;</pre>
+</td></tr>
+<tr class="active">
+<td>113</td>
+<td>tcp</td>
+<td>closed<br>reset</td>
+<td>ident</td>
+<td></td>
+<td></td>
+<td></td>
+</tr>
+<tr class="success">
+<td title="Port">443</td>
+<td title="Protocol">tcp</td>
+<td title="State / Reason">open<br>syn-ack</td>
+<td title="Service">https</td>
+<td title="Product">Apache</td>
+<td title="Version"></td>
+<td title="Extra Info"></td>
+</tr>
+<tr><td colspan="7">
+<a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version="></a><h5>http-server-header</h5>
+<pre style="white-space:pre-wrap; word-wrap:break-word;">Apache</pre>
+<h5>fingerprint-strings</h5>
+<pre style="white-space:pre-wrap; word-wrap:break-word;">
+  FourOhFourRequest, GetRequest, HTTPOptions: 
+    HTTP/1.1 403 Forbidden
+    date: Fri, 16 Feb 2024 23:00:40 GMT
+    server: Apache
+    cache-control: no-cache
+    content-type: text/html
+    age: 0
+    x-cache: Miss
+    connection: close
+    &lt;html&gt;&lt;body&gt;&lt;h1&gt;403 Forbidden&lt;/h1&gt;
+    Request forbidden by administrative rules.
+    &lt;/body&gt;&lt;/html&gt;
+  RPCCheck, tor-versions: 
+    HTTP/1.0 400 Bad request
+    cache-control: no-cache
+    content-type: text/html
+    &lt;html&gt;&lt;body&gt;&lt;h1&gt;400 Bad request&lt;/h1&gt;
+    Your browser sent an invalid request.
+    &lt;/body&gt;&lt;/html&gt;
+  RTSPRequest: 
+    HTTP/1.1 400 Bad Request
+    date: Fri, 16 Feb 2024 23:00:45 GMT
+    server: Apache
+    content-length: 226
+    content-type: text/html; charset=iso-8859-1
+    connection: close
+    &lt;!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"&gt;
+    &lt;html&gt;&lt;head&gt;
+    &lt;title&gt;400 Bad Request&lt;/title&gt;
+    &lt;/head&gt;&lt;body&gt;
+    &lt;h1&gt;Bad Request&lt;/h1&gt;
+    &lt;p&gt;Your browser sent a request that this server could not understand.&lt;br /&gt;
+    &lt;/p&gt;
+    &lt;/body&gt;&lt;/html&gt;</pre>
+</td></tr>
+<tr class="success">
+<td title="Port">2000</td>
+<td title="Protocol">tcp</td>
+<td title="State / Reason">open<br>syn-ack</td>
+<td title="Service">cisco-sccp</td>
+<td title="Product"></td>
+<td title="Version"></td>
+<td title="Extra Info"></td>
+</tr>
+<tr><td colspan="7"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version="></a></td></tr>
+<tr class="success">
+<td title="Port">5060</td>
+<td title="Protocol">tcp</td>
+<td title="State / Reason">open<br>syn-ack</td>
+<td title="Service">sip</td>
+<td title="Product"></td>
+<td title="Version"></td>
+<td title="Extra Info"></td>
+</tr>
+<tr><td colspan="7"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version="></a></td></tr>
+</tbody>
+</table></div>
+</div>
+</div>
+<h2 id="openservices" class="target">Open Services</h2>
+<div class="table-responsive"><table id="table-services" class="table table-striped dataTable" role="grid">
+<thead><tr>
+<th>Address</th>
+<th>Port</th>
+<th>Protocol</th>
+<th>Service</th>
+<th>Product</th>
+<th>Version</th>
+<th>CPE</th>
+<th>Extra info</th>
+</tr></thead>
+<tbody>
+<tr>
+<td>77.159.252.140 - haute-saone.gouv.fr</td>
+<td>80</td>
+<td>tcp</td>
+<td>http</td>
+<td>Apache</td>
+<td></td>
+<td></td>
+<td></td>
+</tr>
+<tr>
+<td>77.159.252.140 - haute-saone.gouv.fr</td>
+<td>443</td>
+<td>tcp</td>
+<td>https</td>
+<td>Apache</td>
+<td></td>
+<td></td>
+<td></td>
+</tr>
+<tr>
+<td>77.159.252.140 - haute-saone.gouv.fr</td>
+<td>2000</td>
+<td>tcp</td>
+<td>cisco-sccp</td>
+<td></td>
+<td></td>
+<td></td>
+<td></td>
+</tr>
+<tr>
+<td>77.159.252.140 - haute-saone.gouv.fr</td>
+<td>5060</td>
+<td>tcp</td>
+<td>sip</td>
+<td></td>
+<td></td>
+<td></td>
+<td></td>
+</tr>
+</tbody>
+</table></div>
+<script>
+            $(document).ready(function() {
+              $('#table-services').DataTable();
+            });
+            $('#table-services').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+          </script>
+</div>
+<footer class="footer"><div class="container"><p class="text-muted">
+              This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br>
+              Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br>
+              Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br></p></div></footer>
+</body>
+</html>

results/aHR0cHM6Ly9oYXV0ZS1zYW9uZS5nb3V2LmZy/nmapvuln.json

@@ -0,0 +1 @@
+{"host":"haute-saone.gouv.fr","protocol":"tcp","closed_ports":"995","open_ports":[{"service":{"name":"http","product":"Apache","id":"80","vulnerabilities":[]}},{"service":{"name":"ident","id":"113","vulnerabilities":[]}},{"service":{"name":"https","product":"Apache","id":"443","vulnerabilities":[]}},{"service":{"name":"cisco-sccp","id":"2000","vulnerabilities":[]}},{"service":{"name":"sip","id":"5060","vulnerabilities":[]}}],"grade":"B"}