Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
DashlordBetaGouvBot committed Dec 12, 2021
1 parent 975ca18 commit eb514ea
Show file tree
Hide file tree
Showing 15 changed files with 2,491 additions and 2,380 deletions.
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"url":"https://www.monstagedetroisieme.fr","algorithm_version":2,"end_time":"Sun, 05 Dec 2021 06:16:12 GMT","grade":"B","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Cache-Control":"max-age=0, private, must-revalidate","Content-Encoding":"gzip","Content-Type":"text/html; charset=utf-8","Date":"Sun, 05 Dec 2021 06:16:11 GMT","ETag":"W/\"7f597256c87f96822262225a68eee63c\"","Referrer-Policy":"strict-origin-when-cross-origin","Set-Cookie":"_monstage_session=l95YjbXd6vTAg%2BEgHSPZT4Ggt2aN7yozda%2BbTimpc8Fj1kLl83vmZOMtoGI5Vzytrp3nfwh1g2wucIlAXXUiqfD%2FC85XS5vWdSeAU7Xroo5RWW7t1yrC4DFhZBhJlgRPjnb9%2BcN8wz1I60K%2BDng%3D--zK%2Fg%2BMuTk4X8yLIO--hNoAikVu5xowWwASKfVJpg%3D%3D; path=/; secure; HttpOnly","Sozu-Id":"01FP4KRKP6FP3FKYH1V34MWF86","Strict-Transport-Security":"max-age=63072000; includeSubDomains","Transfer-Encoding":"chunked","Vary":"Accept,Accept-Encoding","X-Content-Type-Options":"nosniff","X-Download-Options":"noopen","X-Frame-Options":"SAMEORIGIN","X-Permitted-Cross-Domain-Policies":"none","X-Request-Id":"fbf0ecaf-03d5-4007-b0a7-cbe71678f9ec","X-Runtime":"0.042858","X-XSS-Protection":"1; mode=block"},"scan_id":23120514,"score":70,"start_time":"Sun, 05 Dec 2021 06:14:29 GMT","state":"FINISHED","status_code":200,"tests_failed":2,"tests_passed":10,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"_monstage_session":{"domain":"www.monstagedetroisieme.fr","expires":null,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":false,"secure":true}},"sameSite":false},"pass":true,"result":"cookies-secure-with-httponly-sessions","score_description":"All cookies use the Secure flag and all session cookies use the HttpOnly flag","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.monstagedetroisieme.fr/","redirects":true,"route":["http://www.monstagedetroisieme.fr/","https://www.monstagedetroisieme.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"strict-origin-when-cross-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=63072000; includeSubDomains","includeSubDomains":true,"max-age":63072000,"preload":false,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{"https://d2uvddcac8vf0w.cloudfront.net/packs/js/application-74152bd882379bc05df0.js":{"crossorigin":null,"integrity":null}}},"pass":false,"result":"sri-not-implemented-but-external-scripts-loaded-securely","score_description":"Subresource Integrity (SRI) not implemented, but all external scripts are loaded over HTTPS","score_modifier":-5},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}}
{"url":"https://www.monstagedetroisieme.fr","algorithm_version":2,"end_time":"Sun, 12 Dec 2021 06:21:25 GMT","grade":"B","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"Cache-Control":"max-age=0, private, must-revalidate","Content-Encoding":"gzip","Content-Type":"text/html; charset=utf-8","Date":"Sun, 12 Dec 2021 06:21:24 GMT","ETag":"W/\"0d2abd366ddb2967a94af2fb8bd5940a\"","Referrer-Policy":"strict-origin-when-cross-origin","Set-Cookie":"_monstage_session=rlKh%2B6%2FRpGj7qZSnzuquODOB1KivTb2W%2BfDiiHBayEUWCXH%2B6xfY6uvxaHjGaqF4GQkAJQzKzmYe6bBx9uFzyFELx9XNOEWpNTaeCLXQ1WnyFoUT652WhrOhFIeqNoO1QNbMoTVxZ40Adc4bIKQ%3D--sx8SdBvmTgf%2Fz95K--G7s3d8jpp%2FqkiShHiejbDA%3D%3D; path=/; secure; HttpOnly","Sozu-Id":"01FPPMV6HYATK6JKZSFV45P24T","Strict-Transport-Security":"max-age=63072000; includeSubDomains","Transfer-Encoding":"chunked","Vary":"Accept,Accept-Encoding","X-Content-Type-Options":"nosniff","X-Download-Options":"noopen","X-Frame-Options":"SAMEORIGIN","X-Permitted-Cross-Domain-Policies":"none","X-Request-Id":"497a7ff9-dbf7-4b61-95d8-da24bd724363","X-Runtime":"0.044173","X-XSS-Protection":"1; mode=block"},"scan_id":23234886,"score":70,"start_time":"Sun, 12 Dec 2021 06:21:21 GMT","state":"FINISHED","status_code":200,"tests_failed":2,"tests_passed":10,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":{"_monstage_session":{"domain":"www.monstagedetroisieme.fr","expires":null,"httponly":true,"max-age":null,"path":"/","port":null,"samesite":false,"secure":true}},"sameSite":false},"pass":true,"result":"cookies-secure-with-httponly-sessions","score_description":"All cookies use the Secure flag and all session cookies use the HttpOnly flag","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://www.monstagedetroisieme.fr/","redirects":true,"route":["http://www.monstagedetroisieme.fr/","https://www.monstagedetroisieme.fr/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"strict-origin-when-cross-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=63072000; includeSubDomains","includeSubDomains":true,"max-age":63072000,"preload":false,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{"https://d2uvddcac8vf0w.cloudfront.net/packs/js/application-f97a7e1b35204384888e.js":{"crossorigin":null,"integrity":null}}},"pass":false,"result":"sri-not-implemented-but-external-scripts-loaded-securely","score_description":"Subresource Integrity (SRI) not implemented, but all external scripts are loaded over HTTPS","score_modifier":-5},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"SAMEORIGIN"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}}

Large diffs are not rendered by default.

2,793 changes: 1,437 additions & 1,356 deletions results/aHR0cHM6Ly93d3cubW9uc3RhZ2VkZXRyb2lzaWVtZS5mcg==/lhr.json

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Nmap 7.91 scan initiated Sun Dec 5 06:26:58 2021 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln www.monstagedetroisieme.fr
Host: 185.42.117.109 () Status: Up
Host: 185.42.117.109 () Ports: 80/open/tcp//http///, 443/open/tcp//ssl|https///, 1080/filtered/tcp//socks///, 1081/filtered/tcp//pvuniwien///, 3000/open/tcp//ppp?///, 5001/open/tcp//tcpwrapped///, 5002/open/tcp//ssh//Apache Mina sshd 1.7.0 (protocol 2.0)/, 5225/open/tcp//tcpwrapped///, 5802/open/tcp//tcpwrapped///, 9999/open/tcp//tcpwrapped/// Ignored State: closed (990)
# Nmap done at Sun Dec 5 06:29:43 2021 -- 1 IP address (1 host up) scanned in 165.55 seconds
# Nmap 7.91 scan initiated Sun Dec 12 06:32:11 2021 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln www.monstagedetroisieme.fr
Host: 185.42.117.108 () Status: Up
Host: 185.42.117.108 () Ports: 80/open/tcp//http///, 443/open/tcp//ssl|https///, 1080/filtered/tcp//socks///, 1081/filtered/tcp//pvuniwien///, 3000/open/tcp//ppp?///, 5001/open/tcp//tcpwrapped///, 5002/open/tcp//ssh//Apache Mina sshd 1.7.0 (protocol 2.0)/, 5225/open/tcp//tcpwrapped///, 5802/open/tcp//tcpwrapped///, 9999/open/tcp//tcpwrapped/// Ignored State: closed (990)
# Nmap done at Sun Dec 12 06:34:57 2021 -- 1 IP address (1 host up) scanned in 165.74 seconds
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@
<h1>Scan Report<br><small>Nmap 7.91</small>
</h1>
<pre style="white-space:pre-wrap; word-wrap:break-word;">nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln www.monstagedetroisieme.fr</pre>
<p class="lead">Sun Dec 5 06:26:58 2021 – Sun Dec 5 06:29:43 2021<br>1 hosts scanned.
<p class="lead">Sun Dec 12 06:32:11 2021 – Sun Dec 12 06:34:57 2021<br>1 hosts scanned.
1 hosts up.
0 hosts down.
</p>
Expand All @@ -76,7 +76,7 @@ <h2 id="scannedhosts" class="target">Scanned Hosts</h2>
</tr></thead>
<tbody><tr>
<td><span class="label label-success">up</span></td>
<td>185.42.117.109</td>
<td>185.42.117.108</td>
<td>www.monstagedetroisieme.fr</td>
<td>8</td>
<td>0</td>
Expand All @@ -91,8 +91,8 @@ <h2 id="scannedhosts" class="target">Scanned Hosts</h2>
});
</script><h2 id="onlinehosts" class="target">Online Hosts</h2>
<div class="panel panel-default">
<div class="panel-heading clickable" data-toggle="collapse" data-target="#185-42-117-109"><h3 class="panel-title">185.42.117.109 - www.monstagedetroisieme.fr</h3></div>
<div class="panel-body collapse in" id="185-42-117-109">
<div class="panel-heading clickable" data-toggle="collapse" data-target="#185-42-117-108"><h3 class="panel-title">185.42.117.108 - www.monstagedetroisieme.fr</h3></div>
<div class="panel-body collapse in" id="185-42-117-108">
<h4>Hostnames</h4>
<ul><li>www.monstagedetroisieme.fr (user)</li></ul>
<h4>Ports</h4>
Expand Down Expand Up @@ -172,19 +172,23 @@ <h4>Ports</h4>
<a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version="></a><h5>fingerprint-strings</h5>
<pre style="white-space:pre-wrap; word-wrap:break-word;">
Kerberos:
\xb9
-5Alj
_/xV
*\x07
za[,
/7TM
zxxY
n&gt;P}
Y&gt;9B
SMBProgNeg:
gB20B%
l@/%
\x9f
OD&amp;2F6
-8)w
A&gt;WZ
TLSSessionReq:
r2)joFf)Fm
)cIoR|
zB_t-
J-T5
}zK@p
XR&amp;$v
&lt;?wvM.
k|/h</pre>
]Ni&lt; V
Jo8G
k1.T"
)Q(o</pre>
</td></tr>
<tr class="success">
<td title="Port">5001</td>
Expand Down Expand Up @@ -254,7 +258,7 @@ <h2 id="openservices" class="target">Open Services</h2>
</tr></thead>
<tbody>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>80</td>
<td>tcp</td>
<td>http</td>
Expand All @@ -264,7 +268,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td></td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>443</td>
<td>tcp</td>
<td>https</td>
Expand All @@ -274,7 +278,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td></td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>3000</td>
<td>tcp</td>
<td>ppp</td>
Expand All @@ -284,7 +288,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td></td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>5001</td>
<td>tcp</td>
<td>tcpwrapped</td>
Expand All @@ -294,7 +298,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td></td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>5002</td>
<td>tcp</td>
<td>ssh</td>
Expand All @@ -304,7 +308,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td>protocol 2.0</td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>5225</td>
<td>tcp</td>
<td>tcpwrapped</td>
Expand All @@ -314,7 +318,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td></td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>5802</td>
<td>tcp</td>
<td>tcpwrapped</td>
Expand All @@ -324,7 +328,7 @@ <h2 id="openservices" class="target">Open Services</h2>
<td></td>
</tr>
<tr>
<td>185.42.117.109 - www.monstagedetroisieme.fr</td>
<td>185.42.117.108 - www.monstagedetroisieme.fr</td>
<td>9999</td>
<td>tcp</td>
<td>tcpwrapped</td>
Expand Down
Loading

0 comments on commit eb514ea

Please sign in to comment.