generated from SocialGouv/dashlord
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
15 changed files
with
2,324 additions
and
2,109 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| {"url":"https://deces.matchid.io","algorithm_version":2,"end_time":"Sun, 09 Jul 2023 01:20:59 GMT","grade":"C+","hidden":false,"likelihood_indicator":"MEDIUM","response_headers":{"CF-Cache-Status":"DYNAMIC","CF-RAY":"7e3cbf5c784b980b-SJC","Connection":"keep-alive","Content-Encoding":"gzip","Content-Security-Policy":"default-src 'self';script-src 'self' 'unsafe-inline' static.cloudflareinsights.com ajax.cloudflare.com www.googletagmanager.com www.google-analytics.com pagead2.googlesyndication.com partner.googleadservices.com tpc.googlesyndication.com www.googletagservices.com adservice.google.com adservice.google.fr;style-src https: 'self' 'unsafe-inline';font-src 'self' data:;img-src 'self' a.basemaps.cartocdn.com b.basemaps.cartocdn.com c.basemaps.cartocdn.com upload.wikimedia.org pagead2.googlesyndication.com www.google-analytics.com stats.g.doubleclick.net www.google.fr;connect-src 'self' www.data.gouv.fr cloudflareinsights.com www.google-analytics.com region1.analytics.google.com stats.g.doubleclick.net pagead2.googlesyndication.com; frame-src 'self' www.google.com google.com googleads.g.doubleclick.net tpc.googlesyndication.com","Content-Type":"text/html","Date":"Sun, 09 Jul 2023 01:20:58 GMT","Feature-Policy":"geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'self';accelerometer 'self';fullscreen 'self';payment 'none';","Last-Modified":"Thu, 29 Jun 2023 01:07:33 GMT","NEL":"{\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}","Referrer-Policy":"same-origin","Report-To":"{\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=u80GZU6Jp9cvLR9OnaMUDU3wJ%2BwNhyZrvKoklwiu4zWsKdhc1BePKkm6Mw2BROrcVNpPpAqsINvnsX2ERmuDqve3cCbBBZxRZGBm1BhfH7euX2qvsx4ko1PPgmNiGhXLtJENiWRLq5boU0BKm8Mr\"}],\"group\":\"cf-nel\",\"max_age\":604800}","Server":"cloudflare","Strict-Transport-Security":"max-age=15552000; includeSubDomains; preload","Transfer-Encoding":"chunked","X-Content-Type-Options":"nosniff","X-Frame-Options":"*.matchid.io","X-XSS-Protection":"1; mode=block","alt-svc":"h3=\":443\"; ma=86400"},"scan_id":39519615,"score":60,"start_time":"Sun, 09 Jul 2023 01:20:56 GMT","state":"FINISHED","status_code":200,"tests_failed":2,"tests_passed":10,"tests_quantity":12,"details":{"content-security-policy":{"expectation":"csp-implemented-with-no-unsafe","name":"content-security-policy","output":{"data":{"connect-src":["stats.g.doubleclick.net","www.data.gouv.fr","region1.analytics.google.com","cloudflareinsights.com","pagead2.googlesyndication.com","www.google-analytics.com","'self'"],"default-src":["'self'"],"font-src":["'self'","data:"],"frame-src":["www.google.com","google.com","googleads.g.doubleclick.net","tpc.googlesyndication.com","'self'"],"img-src":["a.basemaps.cartocdn.com","stats.g.doubleclick.net","www.google.fr","c.basemaps.cartocdn.com","b.basemaps.cartocdn.com","pagead2.googlesyndication.com","www.google-analytics.com","'self'","upload.wikimedia.org"],"script-src":["www.googletagmanager.com","adservice.google.fr","tpc.googlesyndication.com","adservice.google.com","pagead2.googlesyndication.com","partner.googleadservices.com","static.cloudflareinsights.com","www.googletagservices.com","www.google-analytics.com","'self'","'unsafe-inline'","ajax.cloudflare.com"],"style-src":["'self'","https:","'unsafe-inline'"]},"http":true,"meta":false,"numPolicies":1,"policy":{"antiClickjacking":false,"defaultNone":false,"insecureBaseUri":true,"insecureFormAction":true,"insecureSchemeActive":false,"insecureSchemePassive":false,"strictDynamic":false,"unsafeEval":false,"unsafeInline":true,"unsafeInlineStyle":true,"unsafeObjects":false}},"pass":false,"result":"csp-implemented-with-unsafe-inline","score_description":"Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.","score_modifier":-20},"contribute":{"expectation":"contribute-json-only-required-on-mozilla-properties","name":"contribute","output":{"data":null},"pass":true,"result":"contribute-json-only-required-on-mozilla-properties","score_description":"Contribute.json isn't required on websites that don't belong to Mozilla","score_modifier":0},"cookies":{"expectation":"cookies-secure-with-httponly-sessions","name":"cookies","output":{"data":null,"sameSite":null},"pass":true,"result":"cookies-not-found","score_description":"No cookies detected","score_modifier":0},"cross-origin-resource-sharing":{"expectation":"cross-origin-resource-sharing-not-implemented","name":"cross-origin-resource-sharing","output":{"data":{"acao":null,"clientaccesspolicy":null,"crossdomain":null}},"pass":true,"result":"cross-origin-resource-sharing-not-implemented","score_description":"Content is not visible via cross-origin resource sharing (CORS) files or headers","score_modifier":0},"public-key-pinning":{"expectation":"hpkp-not-implemented","name":"public-key-pinning","output":{"data":null,"includeSubDomains":false,"max-age":null,"numPins":null,"preloaded":false},"pass":true,"result":"hpkp-not-implemented","score_description":"HTTP Public Key Pinning (HPKP) header not implemented","score_modifier":0},"redirection":{"expectation":"redirection-to-https","name":"redirection","output":{"destination":"https://deces.matchid.io/","redirects":true,"route":["http://deces.matchid.io/","https://deces.matchid.io/"],"status_code":200},"pass":true,"result":"redirection-to-https","score_description":"Initial redirection is to HTTPS on same host, final destination is HTTPS","score_modifier":0},"referrer-policy":{"expectation":"referrer-policy-private","name":"referrer-policy","output":{"data":"same-origin","http":true,"meta":false},"pass":true,"result":"referrer-policy-private","score_description":"Referrer-Policy header set to \"no-referrer\", \"same-origin\", \"strict-origin\" or \"strict-origin-when-cross-origin\"","score_modifier":5},"strict-transport-security":{"expectation":"hsts-implemented-max-age-at-least-six-months","name":"strict-transport-security","output":{"data":"max-age=15552000; includeSubDomains; preload","includeSubDomains":true,"max-age":15552000,"preload":true,"preloaded":false},"pass":true,"result":"hsts-implemented-max-age-at-least-six-months","score_description":"HTTP Strict Transport Security (HSTS) header set to a minimum of six months (15768000)","score_modifier":0},"subresource-integrity":{"expectation":"sri-implemented-and-external-scripts-loaded-securely","name":"subresource-integrity","output":{"data":{"https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816":{"crossorigin":"anonymous","integrity":"sha512-jGCTpDpBAYDGNYR5ztKt4BQPGef1P0giN6ZGVUi835kFF88FOmmn8jBQWNgrNd8g/Yu421NdgWhwQoaOPFflDw=="}}},"pass":true,"result":"sri-implemented-and-external-scripts-loaded-securely","score_description":"Subresource Integrity (SRI) is implemented and all scripts are loaded securely","score_modifier":5},"x-content-type-options":{"expectation":"x-content-type-options-nosniff","name":"x-content-type-options","output":{"data":"nosniff"},"pass":true,"result":"x-content-type-options-nosniff","score_description":"X-Content-Type-Options header set to \"nosniff\"","score_modifier":0},"x-frame-options":{"expectation":"x-frame-options-sameorigin-or-deny","name":"x-frame-options","output":{"data":"*.matchid.io"},"pass":false,"result":"x-frame-options-header-invalid","score_description":"X-Frame-Options (XFO) header cannot be recognized","score_modifier":-20},"x-xss-protection":{"expectation":"x-xss-protection-1-mode-block","name":"x-xss-protection","output":{"data":"1; mode=block"},"pass":true,"result":"x-xss-protection-enabled-mode-block","score_description":"X-XSS-Protection header set to \"1; mode=block\"","score_modifier":0}}} |
2 changes: 1 addition & 1 deletion
2
results/aHR0cHM6Ly9kZWNlcy5tYXRjaGlkLmlv/lhr-aHR0cHM6Ly9kZWNlcy5tYXRjaGlkLmlvLw==.html
Large diffs are not rendered by default.
Oops, something went wrong.
3,026 changes: 1,672 additions & 1,354 deletions
3,026
results/aHR0cHM6Ly9kZWNlcy5tYXRjaGlkLmlv/lhr.json
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| # Nmap 7.92 scan initiated Sun Jul 2 01:21:33 2023 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln deces.matchid.io | ||
| # Nmap 7.92 scan initiated Sun Jul 9 01:23:36 2023 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln deces.matchid.io | ||
| Host: 104.21.64.91 () Status: Up | ||
| Host: 104.21.64.91 () Ports: 80/open/tcp//http//Cloudflare http proxy/, 443/open/tcp//ssl|http//Cloudflare http proxy/, 8080/open/tcp//http//Cloudflare http proxy/, 8443/open/tcp//ssl|http//Cloudflare http proxy/ Ignored State: filtered (996) | ||
| # Nmap done at Sun Jul 2 01:22:12 2023 -- 1 IP address (1 host up) scanned in 38.96 seconds | ||
| # Nmap done at Sun Jul 9 01:24:15 2023 -- 1 IP address (1 host up) scanned in 39.42 seconds |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,18 +1,18 @@ | ||
| # Nmap 7.92 scan initiated Sun Jul 2 01:21:33 2023 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln deces.matchid.io | ||
| # Nmap 7.92 scan initiated Sun Jul 9 01:23:36 2023 as: nmap -sV --script vulners --script-args mincvss=5.0 -oA /data/nmapvuln deces.matchid.io | ||
| Nmap scan report for deces.matchid.io (104.21.64.91) | ||
| Host is up (0.0096s latency). | ||
| Host is up (0.0094s latency). | ||
| Other addresses for deces.matchid.io (not scanned): 172.67.179.218 2606:4700:3030::6815:405b 2606:4700:3031::ac43:b3da | ||
| Not shown: 996 filtered tcp ports (no-response) | ||
| PORT STATE SERVICE VERSION | ||
| 80/tcp open http Cloudflare http proxy | ||
| |_http-server-header: cloudflare | ||
| 443/tcp open ssl/http Cloudflare http proxy | ||
| |_http-trane-info: Problem with XML parsing of /evox/about | ||
| |_http-server-header: cloudflare | ||
| |_http-trane-info: Problem with XML parsing of /evox/about | ||
| 8080/tcp open http Cloudflare http proxy | ||
| |_http-server-header: cloudflare | ||
| 8443/tcp open ssl/http Cloudflare http proxy | ||
| |_http-server-header: cloudflare | ||
|
|
||
| Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . | ||
| # Nmap done at Sun Jul 2 01:22:12 2023 -- 1 IP address (1 host up) scanned in 38.96 seconds | ||
| # Nmap done at Sun Jul 9 01:24:15 2023 -- 1 IP address (1 host up) scanned in 39.42 seconds |
Oops, something went wrong.