From d1a1e7fdd5763e9c6e7703ee0f4791cf3ea12a1d Mon Sep 17 00:00:00 2001 From: DashlordBetaGouvBot Date: Sun, 1 May 2022 10:37:50 +0000 Subject: [PATCH] update: https://cassiopee.fabnum.fr/ --- .../http.json | 2 +- .../lhr.html | 2 +- .../lhr.json | 1770 ++++++++--------- .../nmapvuln.gnmap | 4 +- .../nmapvuln.html | 16 +- .../nmapvuln.nmap | 150 +- .../nmapvuln.xml | 21 +- .../nuclei.json | 146 +- .../stats.json | 1 - .../testssl.csv | 4 +- .../testssl.html | 8 +- .../testssl.json | 6 +- .../thirdparties.json | 16 +- .../zap.html | 180 +- .../zap.json | 59 +- 15 files changed, 1302 insertions(+), 1083 deletions(-) delete mode 100644 results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/stats.json diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/http.json b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/http.json index ae21b5cc1bb..873afc14d7c 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/http.json +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/http.json @@ -1 +1 @@ -{"url":"https://cassiopee.fabnum.fr/","algorithm_version":2,"end_time":"Sun, 24 Apr 2022 10:12:30 GMT","grade":"D+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"accept-ranges":"none","content-encoding":"gzip","content-type":"text/html; charset=utf-8","date":"Sun, 24 Apr 2022 10:12:28 GMT","etag":"\"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"","keep-alive":"timeout=5","transfer-encoding":"chunked","vary":"Accept-Encoding","x-frame-options":"DENY"},"scan_id":26003637,"score":40,"start_time":"Sun, 24 Apr 2022 10:12:26 GMT","state":"FINISHED","status_code":200,"tests_failed":4,"tests_passed":8,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://cassiopee.fabnum.fr:443/","redirects":true,"route":["http://cassiopee.fabnum.fr/","https://cassiopee.fabnum.fr:443/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":null,"http":false,"meta":false},"pass":true,"result":"referrer-policy-not-implemented","score_description":"Referrer-Policy header not implemented","score_modifier":0},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":null,"includeSubDomains":false,"max-age":null,"preload":false,"preloaded":false},"pass":false,"result":"hsts-not-implemented","score_description":"HTTP Strict Transport Security (HSTS) header not implemented","score_modifier":-20},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":null},"pass":false,"result":"x-content-type-options-not-implemented","score_description":"X-Content-Type-Options header not implemented","score_modifier":-5},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"DENY"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":null},"pass":false,"result":"x-xss-protection-not-implemented","score_description":"X-XSS-Protection header not implemented","score_modifier":-10}}} \ No newline at end of file +{"url":"https://cassiopee.fabnum.fr/","algorithm_version":2,"end_time":"Sun, 01 May 2022 10:24:56 GMT","grade":"D+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"accept-ranges":"none","content-encoding":"gzip","content-type":"text/html; charset=utf-8","date":"Sun, 01 May 2022 10:24:54 GMT","etag":"\"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"","keep-alive":"timeout=5","transfer-encoding":"chunked","vary":"Accept-Encoding","x-frame-options":"DENY"},"scan_id":26149015,"score":40,"start_time":"Sun, 01 May 2022 10:24:52 GMT","state":"FINISHED","status_code":200,"tests_failed":4,"tests_passed":8,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":null,"http":false,"meta":false,"policy":null},"pass":false,"result":"csp-not-implemented","score_description":"Content Security Policy (CSP) header not implemented","score_modifier":-25},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://cassiopee.fabnum.fr:443/","redirects":true,"route":["http://cassiopee.fabnum.fr/","https://cassiopee.fabnum.fr:443/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":null,"http":false,"meta":false},"pass":true,"result":"referrer-policy-not-implemented","score_description":"Referrer-Policy header not implemented","score_modifier":0},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":null,"includeSubDomains":false,"max-age":null,"preload":false,"preloaded":false},"pass":false,"result":"hsts-not-implemented","score_description":"HTTP Strict Transport Security (HSTS) header not implemented","score_modifier":-20},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{}},"pass":true,"result":"sri-not-implemented-but-all-scripts-loaded-from-secure-origin","score_description":"Subresource Integrity (SRI) not implemented, but all scripts are loaded from a similar origin","score_modifier":0},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":null},"pass":false,"result":"x-content-type-options-not-implemented","score_description":"X-Content-Type-Options header not implemented","score_modifier":-5},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"DENY"},"pass":true,"result":"x-frame-options-sameorigin-or-deny","score_description":"X-Frame-Options (XFO) header set to SAMEORIGIN or DENY","score_modifier":0},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":null},"pass":false,"result":"x-xss-protection-not-implemented","score_description":"X-XSS-Protection header not implemented","score_modifier":-10}}} \ No newline at end of file diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/lhr.html b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/lhr.html index 03ade9ba809..1bd3c32967f 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/lhr.html +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/lhr.html @@ -7751,7 +7751,7 @@ //# sourceURL=compiled-reportrenderer.js - + - - + - + diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/nuclei.json b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/nuclei.json index 7fa050451db..8fbbf465802 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/nuclei.json +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/nuclei.json @@ -22,9 +22,36 @@ "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:50 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.162890029Z", + "timestamp": "2022-05-01T10:28:50.676345125Z", + "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", + "matcher-status": true, + "matched-line": null + }, + { + "template": "technologies/tech-detect.yaml", + "template-url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/technologies/tech-detect.yaml", + "template-id": "tech-detect", + "info": { + "name": "Wappalyzer Technology Detection", + "author": [ + "hakluke" + ], + "tags": [ + "tech" + ], + "reference": null, + "severity": "info" + }, + "matcher-name": "nuxt.js", + "type": "http", + "host": "https://cassiopee.fabnum.fr/", + "matched-at": "https://cassiopee.fabnum.fr/", + "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:51 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "ip": "195.154.70.159", + "timestamp": "2022-05-01T10:28:52.079534845Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -51,14 +78,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "cross-origin-resource-policy", + "matcher-name": "permission-policy", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459006437Z", + "timestamp": "2022-05-01T10:28:55.255686273Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -85,14 +112,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "access-control-allow-credentials", + "matcher-name": "x-permitted-cross-domain-policies", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459160938Z", + "timestamp": "2022-05-01T10:28:55.255810475Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -119,14 +146,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "access-control-max-age", + "matcher-name": "referrer-policy", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.45930334Z", + "timestamp": "2022-05-01T10:28:55.255847176Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -153,14 +180,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "content-security-policy", + "matcher-name": "clear-site-data", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459358941Z", + "timestamp": "2022-05-01T10:28:55.25836232Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -187,14 +214,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "permission-policy", + "matcher-name": "cross-origin-opener-policy", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459403241Z", + "timestamp": "2022-05-01T10:28:55.258481822Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -221,14 +248,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "x-content-type-options", + "matcher-name": "access-control-expose-headers", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459443841Z", + "timestamp": "2022-05-01T10:28:55.258545023Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -255,14 +282,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "cross-origin-embedder-policy", + "matcher-name": "content-security-policy", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459488542Z", + "timestamp": "2022-05-01T10:28:55.258612124Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -289,14 +316,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "strict-transport-security", + "matcher-name": "cross-origin-embedder-policy", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459552743Z", + "timestamp": "2022-05-01T10:28:55.258670425Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -323,14 +350,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "access-control-expose-headers", + "matcher-name": "access-control-allow-origin", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459594143Z", + "timestamp": "2022-05-01T10:28:55.258754327Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -357,14 +384,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "access-control-allow-methods", + "matcher-name": "strict-transport-security", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.459639444Z", + "timestamp": "2022-05-01T10:28:55.258781027Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -391,14 +418,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "clear-site-data", + "matcher-name": "cross-origin-resource-policy", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.462612875Z", + "timestamp": "2022-05-01T10:28:55.258812128Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -425,14 +452,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "cross-origin-opener-policy", + "matcher-name": "x-content-type-options", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.462705576Z", + "timestamp": "2022-05-01T10:28:55.258847828Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -459,14 +486,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "x-permitted-cross-domain-policies", + "matcher-name": "access-control-allow-credentials", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.462751176Z", + "timestamp": "2022-05-01T10:28:55.258875629Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -493,14 +520,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "referrer-policy", + "matcher-name": "access-control-max-age", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.462798377Z", + "timestamp": "2022-05-01T10:28:55.258905929Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -527,14 +554,14 @@ "reference": null, "severity": "info" }, - "matcher-name": "access-control-allow-origin", + "matcher-name": "access-control-allow-methods", "type": "http", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:35 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 01 May 2022 10:28:55 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:35.462852677Z", + "timestamp": "2022-05-01T10:28:55.25893263Z", "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", "matcher-status": true, "matched-line": null @@ -561,34 +588,33 @@ "TLS13" ], "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:36.740861589Z", + "timestamp": "2022-05-01T10:28:59.486986938Z", "matcher-status": true, "matched-line": null }, { - "template": "technologies/tech-detect.yaml", - "template-url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/technologies/tech-detect.yaml", - "template-id": "tech-detect", + "template": "ssl/ssl-dns-names.yaml", + "template-url": "https://github.com/projectdiscovery/nuclei-templates/blob/master/ssl/ssl-dns-names.yaml", + "template-id": "ssl-dns-names", "info": { - "name": "Wappalyzer Technology Detection", + "name": "SSL DNS Names", "author": [ - "hakluke" + "pdteam" ], "tags": [ - "tech" + "ssl" ], "reference": null, "severity": "info" }, - "matcher-name": "nuxt.js", - "type": "http", + "type": "ssl", "host": "https://cassiopee.fabnum.fr/", "matched-at": "https://cassiopee.fabnum.fr/", - "request": "GET / HTTP/1.1\r\nHost: cassiopee.fabnum.fr\r\nUser-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n", - "response": "HTTP/1.1 200 OK\r\nConnection: close\r\nTransfer-Encoding: chunked\r\nAccept-Ranges: none\r\nContent-Type: text/html; charset=utf-8\r\nDate: Sun, 24 Apr 2022 10:16:36 GMT\r\nEtag: \"fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA\"\r\nKeep-Alive: timeout=5\r\nVary: Accept-Encoding\r\nX-Frame-Options: DENY\r\n\r\n\n\n \n Cassiopée\n \n \n
Loading...
\n \n\n", + "extracted-results": [ + "cassiopee.fabnum.fr" + ], "ip": "195.154.70.159", - "timestamp": "2022-04-24T10:16:37.85494898Z", - "curl-command": "curl -X 'GET' -d '' -H 'Accept: */*' -H 'Accept-Language: en' -H 'User-Agent: Nuclei - Open-source project (github.com/projectdiscovery/nuclei)' 'https://cassiopee.fabnum.fr/'", + "timestamp": "2022-05-01T10:32:09.97929879Z", "matcher-status": true, "matched-line": null } diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/stats.json b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/stats.json deleted file mode 100644 index 014bfaec517..00000000000 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/stats.json +++ /dev/null @@ -1 +0,0 @@ -{"grade":"A","url":"https://cassiopee.fabnum.fr/","uri":"stats"} \ No newline at end of file diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.csv b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.csv index 0359c827de9..945a72b5fb0 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.csv +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.csv @@ -48,7 +48,7 @@ "cert_trust","cassiopee.fabnum.fr/195.154.70.159","443","OK","Ok via SAN and CN (SNI mandatory)","","" "cert_chain_of_trust","cassiopee.fabnum.fr/195.154.70.159","443","OK","passed.","","" "cert_certificatePolicies_EV","cassiopee.fabnum.fr/195.154.70.159","443","INFO","no","","" -"cert_expirationStatus","cassiopee.fabnum.fr/195.154.70.159","443","OK","43 >= 30 days","","" +"cert_expirationStatus","cassiopee.fabnum.fr/195.154.70.159","443","OK","36 >= 30 days","","" "cert_notBefore","cassiopee.fabnum.fr/195.154.70.159","443","INFO","2022-03-09 04:39","","" "cert_notAfter","cassiopee.fabnum.fr/195.154.70.159","443","OK","2022-06-07 04:39","","" "cert_extlifeSpan","cassiopee.fabnum.fr/195.154.70.159","443","OK","certificate has no extended life time according to browser forum","","" @@ -77,7 +77,7 @@ "intermediate_cert_badOCSP","cassiopee.fabnum.fr/195.154.70.159","443","OK","intermediate certificate(s) is/are ok","","" "HTTP_status_code","cassiopee.fabnum.fr/195.154.70.159","443","INFO","200 OK ('/')","","" "HTTP_clock_skew","cassiopee.fabnum.fr/195.154.70.159","443","INFO","0 seconds from localtime","","" -"HTTP_headerTime","cassiopee.fabnum.fr/195.154.70.159","443","INFO","1650795255","","" +"HTTP_headerTime","cassiopee.fabnum.fr/195.154.70.159","443","INFO","1651400798","","" "HSTS","cassiopee.fabnum.fr/195.154.70.159","443","LOW","not offered","","" "HPKP","cassiopee.fabnum.fr/195.154.70.159","443","INFO","No support for HTTP Public Key Pinning","","" "banner_server","cassiopee.fabnum.fr/195.154.70.159","443","INFO","No Server banner line in header, interesting!","","" diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.html b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.html index 58e360a8ea8..3b8a1931dcc 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.html +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.html @@ -21,11 +21,11 @@ ########################################################### Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers] - on fv-az154-793:/home/testssl/bin/openssl.Linux.x86_64 + on fv-az212-290:/home/testssl/bin/openssl.Linux.x86_64 (built: "Jan 18 17:12:17 2019", platform: "linux-x86_64") - Start 2022-04-24 10:13:22 -->> 195.154.70.159:443 (cassiopee.fabnum.fr) <<-- + Start 2022-05-01 10:25:45 -->> 195.154.70.159:443 (cassiopee.fabnum.fr) <<-- rDNS (195.154.70.159): 195-154-70-159.lb.fr-par.scw.cloud. Service detected: HTTP @@ -113,7 +113,7 @@ Trust (hostname) Ok via SAN and CN (SNI mandatory) Chain of trust Ok EV cert (experimental) no - Certificate Validity (UTC) 43 >= 30 days (2022-03-09 04:39 --> 2022-06-07 04:39) + Certificate Validity (UTC) 36 >= 30 days (2022-03-09 04:39 --> 2022-06-07 04:39) ETS/"eTLS", visibility info not present Certificate Revocation List -- OCSP URI http://r3.o.lencr.org @@ -220,7 +220,7 @@ Overall Grade A Grade cap reasons Grade capped to A. HSTS is not offered - Done 2022-04-24 10:14:59 [ 99s] -->> 195.154.70.159:443 (cassiopee.fabnum.fr) <<-- + Done 2022-05-01 10:27:20 [ 97s] -->> 195.154.70.159:443 (cassiopee.fabnum.fr) <<-- diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.json b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.json index 9cc9899209d..36180a89f8d 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.json +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/testssl.json @@ -353,7 +353,7 @@ "ip" : "cassiopee.fabnum.fr/195.154.70.159", "port" : "443", "severity" : "OK", - "finding" : "43 >= 30 days" + "finding" : "36 >= 30 days" } , { "id" : "cert_notBefore", @@ -556,7 +556,7 @@ "ip" : "cassiopee.fabnum.fr/195.154.70.159", "port" : "443", "severity" : "INFO", - "finding" : "1650795255" + "finding" : "1651400798" } , { "id" : "HSTS", @@ -1119,6 +1119,6 @@ "ip" : "cassiopee.fabnum.fr/195.154.70.159", "port" : "443", "severity" : "INFO", - "finding" : "99" + "finding" : "97" } ] diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/thirdparties.json b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/thirdparties.json index 064de291dbe..421cb96aa28 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/thirdparties.json +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/thirdparties.json @@ -1,6 +1,20 @@ { "trackers": [], "cookies": [ + { + "name": "auth.redirect", + "value": "%2F", + "domain": "cassiopee.fabnum.fr", + "path": "/", + "expires": -1, + "size": 16, + "httpOnly": false, + "secure": false, + "session": true, + "sameParty": false, + "sourceScheme": "Secure", + "sourcePort": 443 + }, { "name": "auth.strategy", "value": "customRefresh", @@ -23,7 +37,7 @@ "accept-ranges": "none", "vary": "Accept-Encoding", "content-encoding": "gzip", - "date": "Sun, 24 Apr 2022 10:13:01 GMT" + "date": "Sun, 01 May 2022 10:25:26 GMT" }, "endpoints": [ { diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.html b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.html index 25002e362c6..76ca3651646 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.html +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.html @@ -127,7 +127,7 @@

- Generated on Sun, 24 Apr 2022 10:11:38 + Generated on Sun, 1 May 2022 10:24:05

@@ -160,7 +160,7 @@

Summary of Alerts

Low
-
4
+
5
@@ -198,10 +198,15 @@

Alerts

Medium 2 + + Dangerous JS Functions + Low + 1 + Permissions Policy Header Not Set Low - 5 + 6 Strict-Transport-Security Header Not Set @@ -221,12 +226,12 @@

Alerts

Base64 Disclosure Informational - 2 + 3 Information Disclosure - Suspicious Comments Informational - 2 + 3 Modern Web Application @@ -383,6 +388,85 @@

Alert Detail

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
Low
Dangerous JS Functions
Description +
A dangerous JS function seems to be in use that would leave the site vulnerable.
+ +
URLhttps://cassiopee.fabnum.fr/_nuxt/9690f2e.js
MethodGET
Parameter
Attack
Evidenceeval
Instances1
Solution +
See the references for security advice on the use of these functions.
+ +
Reference + https://angular.io/guide/security + +
CWE Id749
WASC Id
Plugin Id10110
+
+ + + + + + + + + + + + + + + + + + + + + + @@ -533,7 +643,7 @@

Alert Detail

- + @@ -1133,7 +1243,7 @@

Alert Detail

- + + + + + + + + + + + + + + + + + + + + + + @@ -1425,7 +1561,7 @@

Alert Detail

- + @@ -1528,9 +1664,35 @@

Alert Detail

+ + + + + + + + + + + + + + + + + + + + + - + diff --git a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.json b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.json index 135fecbeab0..f86116fcd22 100644 --- a/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.json +++ b/results/aHR0cHM6Ly9jYXNzaW9wZWUuZmFibnVtLmZyLw==/zap.json @@ -1,6 +1,6 @@ { "@version": "2.11.1", - "@generated": "Sun, 24 Apr 2022 10:11:39", + "@generated": "Sun, 1 May 2022 10:24:05", "site":[ { "@name": "https://cassiopee.fabnum.fr", @@ -41,6 +41,32 @@ "wascid": "15", "sourceid": "1" }, + { + "pluginid": "10110", + "alertRef": "10110", + "alert": "Dangerous JS Functions", + "name": "Dangerous JS Functions", + "riskcode": "1", + "confidence": "1", + "riskdesc": "Low (Low)", + "desc": "

A dangerous JS function seems to be in use that would leave the site vulnerable.

", + "instances":[ + { + "uri": "https://cassiopee.fabnum.fr/_nuxt/9690f2e.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "eval" + } + ], + "count": "1", + "solution": "

See the references for security advice on the use of these functions.

", + "otherinfo": "", + "reference": "

https://angular.io/guide/security

", + "cweid": "749", + "wascid": "-1", + "sourceid": "29" + }, { "pluginid": "10063", "alertRef": "10063", @@ -72,6 +98,13 @@ "attack": "", "evidence": "" }, + { + "uri": "https://cassiopee.fabnum.fr/_nuxt/9690f2e.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "" + }, { "uri": "https://cassiopee.fabnum.fr/_nuxt/bc5fbea.js", "method": "GET", @@ -87,7 +120,7 @@ "evidence": "" } ], - "count": "5", + "count": "6", "solution": "

Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.

", "otherinfo": "", "reference": "

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy

https://developers.google.com/web/updates/2018/06/feature-policy

https://scotthelme.co.uk/a-new-security-header-feature-policy/

https://w3c.github.io/webappsec-feature-policy/

https://www.smashingmagazine.com/2018/12/feature-policy/

", @@ -256,7 +289,7 @@ "evidence": "" }, { - "uri": "https://cassiopee.fabnum.fr/_nuxt/4970446.js", + "uri": "https://cassiopee.fabnum.fr/_nuxt/9690f2e.js", "method": "GET", "param": "X-Content-Type-Options", "attack": "", @@ -330,6 +363,13 @@ "attack": "", "evidence": "fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA" }, + { + "uri": "https://cassiopee.fabnum.fr/_nuxt/9690f2e.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "UklGRiQAAABXRUJQVlA4IBgAAAAwAQCdASoBAAEAAwA0JaQAA3AA/vuUAAA=" + }, { "uri": "https://cassiopee.fabnum.fr/sitemap.xml", "method": "GET", @@ -338,7 +378,7 @@ "evidence": "fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA" } ], - "count": "2", + "count": "3", "solution": "

Manually confirm that the Base64 data does not leak sensitive information, and that the data cannot be aggregated/used to exploit other vulnerabilities.

", "otherinfo": "

}\uFFFD\u0705\\x0018\\x0003\uFFFD\\\\x000f\\x0016E$\uFFFDMk\uFFFD\uFFFD\\x001f\uFFFD\\x0003\uFFFD@

", "reference": "

http://projects.webappsec.org/w/page/13246936/Information%20Leakage

", @@ -369,9 +409,16 @@ "param": "", "attack": "", "evidence": "query" + }, + { + "uri": "https://cassiopee.fabnum.fr/_nuxt/9690f2e.js", + "method": "GET", + "param": "", + "attack": "", + "evidence": "bug" } ], - "count": "2", + "count": "3", "solution": "

Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.

", "otherinfo": "

The following pattern was used: \\bQUERY\\b and was detected in the element starting with: \"(window.webpackJsonp=window.webpackJsonp||[]).push([[5],[,,,,,,function(t,e,n){\"use strict\";n.r(e),function(t,n){var r=Object.fr\", see evidence field for the suspicious comment/snippet.

", "reference": "", @@ -443,7 +490,7 @@ "reference": "

https://tools.ietf.org/html/rfc7234

https://tools.ietf.org/html/rfc7231

http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html (obsoleted by rfc7234)

", "cweid": "524", "wascid": "13", - "sourceid": "6" + "sourceid": "7" }, { "pluginid": "10015",
Alert Detail
URLhttps://cassiopee.fabnum.fr/_nuxt/9690f2e.js
MethodGET
Parameter
Attack
Evidence
URL
Instances56
Solution
URLhttps://cassiopee.fabnum.fr/_nuxt/4970446.jshttps://cassiopee.fabnum.fr/_nuxt/9690f2e.js
Alert Detail fe6-3IUYA7pcDxZFJMNNa9n0H7ED/EA
URLhttps://cassiopee.fabnum.fr/_nuxt/9690f2e.js
MethodGET
Parameter
Attack
EvidenceUklGRiQAAABXRUJQVlA4IBgAAAAwAQCdASoBAAEAAwA0JaQAA3AA/vuUAAA=
URL
Instances23
Solution query
URLhttps://cassiopee.fabnum.fr/_nuxt/9690f2e.js
MethodGET
Parameter
Attack
Evidencebug
Instances23
Solution