Diagnostics

Metrics

http

ident

odmr

https

resvc

orbix-loc-ssl

active-net

netmpi

radmin

vnc-3

X11:6

unknown

A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.

CAA Record

This template searches for missing HTTP security headers. The impact of these missing headers can vary.


HTTP Missing Security Headers

Extract the issuer's organization from the target's certificate. Issuers are entities which sign and distribute certificates.


Detect SSL Certificate Issuer

Extract the Subject Alternative Name (SAN) from the target's certificate. SAN facilitates the usage of additional hostnames with the same certificate.


SSL DNS Names

TLS version detection is a security process used to determine the version of the Transport Layer Security (TLS) protocol used by a computer or server.
It is important to detect the TLS version in order to ensure secure communication between two computers or servers.


TLS Version - Detect

HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.

HSTS

Vulnerable JS Library

Absence of Anti-CSRF Tokens

Content Security Policy (CSP) Header Not Set

Cookie without SameSite Attribute

Dangerous JS Functions

Insufficient Site Isolation Against Spectre Vulnerability

Permissions Policy Header Not Set

Base64 Disclosure

Information Disclosure - Suspicious Comments

Modern Web Application

Non-Storable Content

Re-examine Cache-control Directives

Sec-Fetch-Dest Header is Missing

Sec-Fetch-Mode Header is Missing

Sec-Fetch-Site Header is Missing

Sec-Fetch-User Header is Missing

Session Management Response Identified

Storable and Cacheable Content

User Controllable HTML Element Attribute (Potential XSS)

severity	service	vulnerability
info	http (port:80)
info	ident (port:113)
info	odmr (port:366)
info	https (port:443)
info	resvc (port:691)
info	orbix-loc-ssl (port:3077)
info	active-net (port:3323)
info	netmpi (port:3827)
info	radmin (port:4899)
info	vnc-3 (port:5903)
info	X11:6 (port:6006)
info	unknown (port:50300)
info	unknown (port:55056)

Impact	Description	Documentation
-25	Content Security Policy (CSP) header not implemented	Implement one, see MDN's Content Security Policy (CSP) documentation.

https://finess.esante.gouv.fr

Nmap

Mozilla HTTP observatory

SSL

Expiration : 24/02/2026

Scan OWASP7 jours

Nuclei22 jours

risk	name
High (Medium)	Vulnerable JS Library
Medium (High)	Content Security Policy (CSP) Header Not Set
Medium (Low)	Absence of Anti-CSRF Tokens
Low (Medium)	Cookie without SameSite Attribute
Low (Medium)	Insufficient Site Isolation Against Spectre Vulnerability
Low (Medium)	Permissions Policy Header Not Set
Low (Low)	Dangerous JS Functions
Informational (High)	Sec-Fetch-Dest Header is Missing
Informational (High)	Sec-Fetch-Mode Header is Missing
Informational (High)	Sec-Fetch-Site Header is Missing
Informational (High)	Sec-Fetch-User Header is Missing
Informational (Medium)	Base64 Disclosure
Informational (Medium)	Modern Web Application
Informational (Medium)	Non-Storable Content
Informational (Medium)	Session Management Response Identified
Informational (Medium)	Storable and Cacheable Content
Informational (Low)	Information Disclosure - Suspicious Comments
Informational (Low)	Re-examine Cache-control Directives
Informational (Low)	User Controllable HTML Element Attribute (Potential XSS)

Séverité	Name	Matcher
info	CAA Record	caa-fingerprint
info	HTTP Missing Security Headers	permissions-policy
info	HTTP Missing Security Headers	x-permitted-cross-domain-policies
info	HTTP Missing Security Headers	clear-site-data
info	HTTP Missing Security Headers	cross-origin-embedder-policy
info	HTTP Missing Security Headers	cross-origin-opener-policy
info	HTTP Missing Security Headers	cross-origin-resource-policy
info	HTTP Missing Security Headers	content-security-policy
info	Detect SSL Certificate Issuer	ssl-issuer
info	SSL DNS Names	ssl-dns-names
info	TLS Version - Detect	tls-version