Skip to content

Commit

Permalink
update: https://mon-suivi-justice.beta.gouv.fr
Browse files Browse the repository at this point in the history
  • Loading branch information
@DashlordBetaGouvBot
DashlordBetaGouvBot committed Dec 12, 2021
1 parent d01b6e1 commit 2bf4a8b
Show file tree
Hide file tree
Showing 14 changed files with 1,457 additions and 1,456 deletions.
2 changes: 1 addition & 1 deletion results/aHR0cHM6Ly9tb24tc3VpdmktanVzdGljZS5iZXRhLmdvdXYuZnI=/http.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"url":"https://mon-suivi-justice.beta.gouv.fr","algorithm_version":2,"end_time":"Sun, 05 Dec 2021 08:10:19 GMT","grade":"B-","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Cache-Control":"max-age=0, private, must-revalidate","Connection":"keep-alive","Content-Encoding":"gzip","Content-Type":"text/html; charset=utf-8","Date":"Sun, 05 Dec 2021 08:10:18 GMT","ETag":"W/\"41746021648fa75981458c3776b4a674\"","Link":"</assets/application_static-fcd2b9c527b6af00353d0a724635225239c7aa56865e558e37c4693eb6cedd41.css>; rel=preload; as=style; nopush,</packs/js/application_static-d9aa363832b204d25416.js>; rel=preload; as=script; nopush","Referrer-Policy":"strict-origin-when-cross-origin","Server":"openresty","Set-Cookie":"_mon_suivi_justice_session=Z6qgM8kZ%2FC9s%2FXAmvKlxui1AFAQAuyiE8BOU%2FTV%2BqlUZdYNrSR74w%2F1WSTvDUClJatJEZqDtdCtMBfXyDnyA5dcgjLlWtIfdDYDsSL5ZBSMXCS7pCFvhaEeEUf%2FxO5pyRjWsBdWRjTCNEqylKjuHGx1mgkJIPM88seLb9ZoxkKqcgKn5fDJbUJHk6k8%2BrBv1IfX2g2HA9i5GCQhwGAWIXtosYOht9jaZSWt20WBTVdANZ6i8ao8DGFsAuv54Yg2eNxJf4gqGF3CWXfIM1%2Fznc1UYGH9mpkg60vHlufvvXWFE4w%3D%3D--armGU%2B6GMMyojD8W--WJ6tl8%2BDsL7cRkSnu8oOyg%3D%3D; path=/; HttpOnly; SameSite=Lax","Strict-Transport-Security":"max-age=31536000","Transfer-Encoding":"chunked","Vary":"Accept","X-Content-Type-Options":"nosniff","X-Download-Options":"noopen","X-Frame-Options":"SAMEORIGIN","X-Permitted-Cross-Domain-Policies":"none","X-Request-ID":"1d426c5d-2c82-4ff3-90a1-29db59434a57, 1d426c5d-2c82-4ff3-90a1-29db59434a57","X-Runtime":"0.006498","X-XSS-Protection":"1; mode=block"},"scan_id":23121513,"score":65,"start_time":"Sun, 05 Dec 2021 08:10:13 GMT","state":"FINISHED","status_code":200,"tests_failed":2,"tests_passed":10,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"_mon_suivi_justice_session":{"domain":"mon-suivi-justice.beta.gouv.fr","expires":null,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":"Lax","secure":false}},"sameSite":null},"pass":false,"result":"cookies-session-without-secure-flag-but-protected-by-hsts","score_description":"Session cookie set without the Secure flag, but transmission over HTTP prevented by HSTS","score_modifier":-10},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://mon-suivi-justice.beta.gouv.fr/","redirects":true,"route":["http://mon-suivi-justice.beta.gouv.fr/","https://mon-suivi-justice.beta.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"strict-origin-when-cross-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=31536000","includeSubDomains":false,"max-age":31536000,"preload":false,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}}
{"url":"https://mon-suivi-justice.beta.gouv.fr","algorithm_version":2,"end_time":"Sun, 12 Dec 2021 08:20:52 GMT","grade":"B-","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Cache-Control":"max-age=0, private, must-revalidate","Connection":"keep-alive","Content-Encoding":"gzip","Content-Type":"text/html; charset=utf-8","Date":"Sun, 12 Dec 2021 08:20:51 GMT","ETag":"W/\"f039ef04850fe654cd8ac3ba36c2a173\"","Link":"</assets/application_static-fcd2b9c527b6af00353d0a724635225239c7aa56865e558e37c4693eb6cedd41.css>; rel=preload; as=style; nopush,</packs/js/application_static-5b38cfa0d7756a8acd75.js>; rel=preload; as=script; nopush","Referrer-Policy":"strict-origin-when-cross-origin","Server":"openresty","Set-Cookie":"_mon_suivi_justice_session=LbKzPBWo7sEObo5D8hjdk54QFxtaStF7t0ojQd8XppNtCqas5gQUizAa5xtwJvouFwOm60OVJJZqFrrtGMSZYiarEb6g5HMlvHyRR%2BzBbSVL6NezLhwVlxpWZq%2B6jDeor6LIlYNMcwagcFni90QQNkijbLLEXvM08vlp9yokx3AMEml0nrfvBbFdQbRdhpn%2F%2BU3fSutxOz%2B2UxVol5dMnVh62lB9%2FntmjwrgF36rgxj%2BEdTKLqMWWNw0Up%2FDnUE0ZoauwgD4TTWTZojIkKghJXp5WqLx9gTfFN3az0V%2BKHxOxw%3D%3D--cJMBWr3u703sPgM3--0Oxdrrhf%2BJDdU4vve0OgfQ%3D%3D; path=/; HttpOnly; SameSite=Lax","Strict-Transport-Security":"max-age=31536000","Transfer-Encoding":"chunked","Vary":"Accept","X-Content-Type-Options":"nosniff","X-Download-Options":"noopen","X-Frame-Options":"SAMEORIGIN","X-Permitted-Cross-Domain-Policies":"none","X-Request-ID":"0fbb87f2-a5e1-4c23-b015-ecf94c06fbe2, 0fbb87f2-a5e1-4c23-b015-ecf94c06fbe2","X-Runtime":"0.007928","X-XSS-Protection":"1; mode=block"},"scan_id":23235601,"score":65,"start_time":"Sun, 12 Dec 2021 08:20:48 GMT","state":"FINISHED","status_code":200,"tests_failed":2,"tests_passed":10,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"_mon_suivi_justice_session":{"domain":"mon-suivi-justice.beta.gouv.fr","expires":null,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":"Lax","secure":false}},"sameSite":null},"pass":false,"result":"cookies-session-without-secure-flag-but-protected-by-hsts","score_description":"Session cookie set without the Secure flag, but transmission over HTTP prevented by HSTS","score_modifier":-10},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://mon-suivi-justice.beta.gouv.fr/","redirects":true,"route":["http://mon-suivi-justice.beta.gouv.fr/","https://mon-suivi-justice.beta.gouv.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"strict-origin-when-cross-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=31536000","includeSubDomains":false,"max-age":31536000,"preload":false,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}}
2 changes: 1 addition & 1 deletion results/aHR0cHM6Ly9tb24tc3VpdmktanVzdGljZS5iZXRhLmdvdXYuZnI=/lhr.html
View file

Large diffs are not rendered by default.

1,773 changes: 887 additions & 886 deletions results/aHR0cHM6Ly9tb24tc3VpdmktanVzdGljZS5iZXRhLmdvdXYuZnI=/lhr.json
View file

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions results/aHR0cHM6Ly9tb24tc3VpdmktanVzdGljZS5iZXRhLmdvdXYuZnI=/nmapvuln.gnmap
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Nmap 7.91 scan initiated Sun Dec 5 08:14:10 2021 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln mon-suivi-justice.beta.gouv.fr
# Nmap 7.91 scan initiated Sun Dec 12 08:26:38 2021 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln mon-suivi-justice.beta.gouv.fr
Host: 148.253.96.193 (ows-148-253-96-193.cloudgouv-eu-west-1.compute.outscale.com) Status: Up
Host: 148.253.96.193 (ows-148-253-96-193.cloudgouv-eu-west-1.compute.outscale.com) Ports: 80/open/tcp//http//OpenResty web app server/, 443/open/tcp//ssl|http//OpenResty web app server/ Ignored State: filtered (998)
# Nmap done at Sun Dec 5 08:14:31 2021 -- 1 IP address (1 host up) scanned in 21.77 seconds
# Nmap done at Sun Dec 12 08:27:05 2021 -- 1 IP address (1 host up) scanned in 27.26 seconds
2 changes: 1 addition & 1 deletion results/aHR0cHM6Ly9tb24tc3VpdmktanVzdGljZS5iZXRhLmdvdXYuZnI=/nmapvuln.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
<h1>Scan Report<br><small>Nmap 7.91</small>
</h1>
<pre style="white-space:pre-wrap; word-wrap:break-word;">nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln mon-suivi-justice.beta.gouv.fr</pre>
<p class="lead">Sun Dec 5 08:14:10 2021 – Sun Dec 5 08:14:31 2021<br>1 hosts scanned.
<p class="lead">Sun Dec 12 08:26:38 2021 – Sun Dec 12 08:27:05 2021<br>1 hosts scanned.
1 hosts up.
0 hosts down.
</p>
Expand Down
6 changes: 3 additions & 3 deletions results/aHR0cHM6Ly9tb24tc3VpdmktanVzdGljZS5iZXRhLmdvdXYuZnI=/nmapvuln.nmap
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Nmap 7.91 scan initiated Sun Dec 5 08:14:10 2021 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln mon-suivi-justice.beta.gouv.fr
# Nmap 7.91 scan initiated Sun Dec 12 08:26:38 2021 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln mon-suivi-justice.beta.gouv.fr
Nmap scan report for mon-suivi-justice.beta.gouv.fr (148.253.96.193)
Host is up (0.081s latency).
Host is up (0.16s latency).
Other addresses for mon-suivi-justice.beta.gouv.fr (not scanned): 185.21.194.105
rDNS record for 148.253.96.193: ows-148-253-96-193.cloudgouv-eu-west-1.compute.outscale.com
Not shown: 998 filtered ports
Expand All @@ -11,4 +11,4 @@ PORT STATE SERVICE VERSION
|_http-server-header: openresty

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Sun Dec 5 08:14:31 2021 -- 1 IP address (1 host up) scanned in 21.77 seconds
# Nmap done at Sun Dec 12 08:27:05 2021 -- 1 IP address (1 host up) scanned in 27.26 seconds
Loading

0 comments on commit 2bf4a8b

Please sign in to comment.