ZAP Scanning Report

Site: https://mes-adresses.data.gouv.fr

Generated on Sun, 20 Apr 2025 07:34:20

ZAP Version: 2.16.1

ZAP by Checkmarx

Summary of Alerts

Risk Level	Number of Alerts
High	0
Medium	2
Low	6
Informational	11
False Positives:	0

Summary of Sequences

For each step: result (Pass/Fail) - risk (of highest alert(s) for the step, if any).

Alerts

Name	Risk Level	Number of Instances
Content Security Policy (CSP) Header Not Set	Medium	8
Missing Anti-clickjacking Header	Medium	6
Dangerous JS Functions	Low	1
Insufficient Site Isolation Against Spectre Vulnerability	Low	11
Permissions Policy Header Not Set	Low	11
Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)	Low	8
Timestamp Disclosure - Unix	Low	22
X-Content-Type-Options Header Missing	Low	11
Base64 Disclosure	Informational	11
Information Disclosure - Sensitive Information in URL	Informational	1
Information Disclosure - Suspicious Comments	Informational	6
Modern Web Application	Informational	8
Non-Storable Content	Informational	3
Re-examine Cache-control Directives	Informational	3
Sec-Fetch-Dest Header is Missing	Informational	3
Sec-Fetch-Mode Header is Missing	Informational	3
Sec-Fetch-Site Header is Missing	Informational	3
Sec-Fetch-User Header is Missing	Informational	3
Storable and Cacheable Content	Informational	8

Alert Detail

Medium	Content Security Policy (CSP) Header Not Set
Description	Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page — covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new?demo=1
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new?email=zaproxy%40example.com&nom=ZAP
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/sitemap.xml
Method	GET
Parameter
Attack
Evidence
Other Info
Instances	8
Solution	Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.
Reference	https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy https://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html https://www.w3.org/TR/CSP/ https://w3c.github.io/webappsec-csp/ https://web.dev/articles/csp https://caniuse.com/#feat=contentsecuritypolicy https://content-security-policy.com/
CWE Id	693
WASC Id	15
Plugin Id	10038

Medium	Missing Anti-clickjacking Header
Description	The response does not protect against 'ClickJacking' attacks. It should include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	x-frame-options
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter	x-frame-options
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter	x-frame-options
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	x-frame-options
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new?demo=1
Method	GET
Parameter	x-frame-options
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new?email=zaproxy%40example.com&nom=ZAP
Method	GET
Parameter	x-frame-options
Attack
Evidence
Other Info
Instances	6
Solution	Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app. If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
CWE Id	1021
WASC Id	15
Plugin Id	10020

Low	Dangerous JS Functions
Description	A dangerous JS function seems to be in use that would leave the site vulnerable.

URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	eval(
Other Info
Instances	1
Solution	See the references for security advice on the use of these functions.
Reference	https://angular.io/guide/security
CWE Id	749
WASC Id
Plugin Id	10110

Low	Insufficient Site Isolation Against Spectre Vulnerability
Description	Cross-Origin-Resource-Policy header is an opt-in header designed to counter side-channels attacks like Spectre. Resource should be specifically set as shareable amongst different origins.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Cross-Origin-Resource-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/webpack-d5b311616cc32ac9.js
Method	GET
Parameter	Cross-Origin-Resource-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/css/212ba31df1f483a0.css
Method	GET
Parameter	Cross-Origin-Resource-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter	Cross-Origin-Resource-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Cross-Origin-Resource-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Cross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter	Cross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Cross-Origin-Embedder-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Cross-Origin-Opener-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter	Cross-Origin-Opener-Policy
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Cross-Origin-Opener-Policy
Attack
Evidence
Other Info
Instances	11
Solution	Ensure that the application/web server sets the Cross-Origin-Resource-Policy header appropriately, and that it sets the Cross-Origin-Resource-Policy header to 'same-origin' for all web pages. 'same-site' is considered as less secured and should be avoided. If resources must be shared, set the header to 'cross-origin'. If possible, ensure that the end user uses a standards-compliant and modern web browser that supports the Cross-Origin-Resource-Policy header (https://caniuse.com/mdn-http_headers_cross-origin-resource-policy).
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy
CWE Id	693
WASC Id	14
Plugin Id	90004

Low	Permissions Policy Header Not Set
Description	Permissions Policy Header is an added layer of security that helps to restrict from unauthorized access or usage of browser/client features by web resources. This policy ensures the user privacy by limiting or specifying the features of the browsers can be used by the web resources. Permissions Policy provides a set of standard HTTP headers that allow website owners to limit which features of browsers can be used by the page such as camera, microphone, location, full screen etc.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/framework-6aec168087f9e1ce.js
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/pages/index-6b9d601053f60fea.js
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/webpack-d5b311616cc32ac9.js
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/fzJhI6JcWiLnnRDcjul0c/_buildManifest.js
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/fzJhI6JcWiLnnRDcjul0c/_ssgManifest.js
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/sitemap.xml
Method	GET
Parameter
Attack
Evidence
Other Info
Instances	11
Solution	Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy https://developer.chrome.com/blog/feature-policy/ https://scotthelme.co.uk/a-new-security-header-feature-policy/ https://w3c.github.io/webappsec-feature-policy/ https://www.smashingmagazine.com/2018/12/feature-policy/
CWE Id	693
WASC Id	15
Plugin Id	10063

Low	Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)
Description	The web/application server is leaking information via one or more "X-Powered-By" HTTP response headers. Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/new?demo=1
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/new?email=zaproxy%40example.com&nom=ZAP
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
URL	https://mes-adresses.data.gouv.fr/sitemap.xml
Method	GET
Parameter
Attack
Evidence	X-Powered-By: Next.js
Other Info
Instances	8
Solution	Ensure that your web server, application server, load balancer, etc. is configured to suppress "X-Powered-By" headers.
Reference	https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/08-Fingerprint_Web_Application_Framework https://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
CWE Id	497
WASC Id	13
Plugin Id	10037

Low	Timestamp Disclosure - Unix
Description	A timestamp was disclosed by the application/web server. - Unix

URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1444681467
Other Info	1444681467, which evaluates to: 2015-10-12 20:24:27.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1473231341
Other Info	1473231341, which evaluates to: 2016-09-07 06:55:41.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1502002290
Other Info	1502002290, which evaluates to: 2017-08-06 06:51:30.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1518500249
Other Info	1518500249, which evaluates to: 2018-02-13 05:37:29.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1530992060
Other Info	1530992060, which evaluates to: 2018-07-07 19:34:20.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1560198380
Other Info	1560198380, which evaluates to: 2019-06-10 20:26:20.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1700485571
Other Info	1700485571, which evaluates to: 2023-11-20 13:06:11.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1732584193
Other Info	1732584193, which evaluates to: 2024-11-26 01:23:13.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1732584194
Other Info	1732584194, which evaluates to: 2024-11-26 01:23:14.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1735328473
Other Info	1735328473, which evaluates to: 2024-12-27 19:41:13.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1770035416
Other Info	1770035416, which evaluates to: 2026-02-02 12:30:16.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1804603682
Other Info	1804603682, which evaluates to: 2027-03-09 14:48:02.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1839030562
Other Info	1839030562, which evaluates to: 2028-04-11 01:49:22.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1859775393
Other Info	1859775393, which evaluates to: 2028-12-07 04:16:33.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1873313359
Other Info	1873313359, which evaluates to: 2029-05-12 20:49:19.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1894986606
Other Info	1894986606, which evaluates to: 2030-01-18 17:10:06.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1926607734
Other Info	1926607734, which evaluates to: 2031-01-19 16:48:54.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1958414417
Other Info	1958414417, which evaluates to: 2032-01-22 20:00:17.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	1990404162
Other Info	1990404162, which evaluates to: 2033-01-27 02:02:42.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	2022574463
Other Info	2022574463, which evaluates to: 2034-02-03 10:14:23.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	2054922799
Other Info	2054922799, which evaluates to: 2035-02-12 19:53:19.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/main-786e6dbae0cca730.js
Method	GET
Parameter
Attack
Evidence	1540483477
Other Info	1540483477, which evaluates to: 2018-10-25 16:04:37.
Instances	22
Solution	Manually confirm that the timestamp data is not sensitive, and that the data cannot be aggregated to disclose exploitable patterns.
Reference	https://cwe.mitre.org/data/definitions/200.html
CWE Id	497
WASC Id	13
Plugin Id	10096

Low	X-Content-Type-Options Header Missing
Description	The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/framework-6aec168087f9e1ce.js
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/pages/index-6b9d601053f60fea.js
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/webpack-d5b311616cc32ac9.js
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/css/212ba31df1f483a0.css
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/fzJhI6JcWiLnnRDcjul0c/_buildManifest.js
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/_next/static/fzJhI6JcWiLnnRDcjul0c/_ssgManifest.js
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	x-content-type-options
Attack
Evidence
Other Info	This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type. At "High" threshold this scan rule will not alert on client or server error responses.
Instances	11
Solution	Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to 'nosniff' for all web pages. If possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.
Reference	https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85) https://owasp.org/www-community/Security_Headers
CWE Id	693
WASC Id	15
Plugin Id	10021

Informational	Base64 Disclosure
Description	Base64 encoded data was disclosed by the application/web server. Note: in the interests of performance not all base64 strings in the response were analyzed individually, the entire response should be looked at by the analyst/security team/developer(s).

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter
Attack
Evidence	leftRotate360InAnimation_flx4dq
Other Info	��F�Z��Љ��)��*'��q��
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/ab69aadd-44d5df7bc03897a8.js
Method	GET
Parameter
Attack
Evidence	Greek_Geodetic_Reference_System_1987
Other Info	��׭��y��zw�,��;
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/pages/_app-29e2d848d323f6c4.js
Method	GET
Parameter
Attack
Evidence	ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
Other Info	�Q� ��0ӏA�QU�a��qן��Y��ۯ��]�㞻�߿
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter
Attack
Evidence	leftRotate360InAnimation_flx4dq
Other Info	��F�Z��Љ��)��*'��q��
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter
Attack
Evidence	leftRotate360InAnimation_flx4dq
Other Info	��F�Z��Љ��)��*'��q��
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter
Attack
Evidence	/_next/static/fzJhI6JcWiLnnRDcjul0c/_buildManifest
Other Info	��쵫bs��&:%Ţ.y� ��G?��'޲
URL	https://mes-adresses.data.gouv.fr/new?demo=1
Method	GET
Parameter
Attack
Evidence	/_next/static/fzJhI6JcWiLnnRDcjul0c/_buildManifest
Other Info	��쵫bs��&:%Ţ.y� ��G?��'޲
URL	https://mes-adresses.data.gouv.fr/new?email=zaproxy%40example.com&nom=ZAP
Method	GET
Parameter
Attack
Evidence	/_next/static/fzJhI6JcWiLnnRDcjul0c/_buildManifest
Other Info	��쵫bs��&:%Ţ.y� ��G?��'޲
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter
Attack
Evidence	leftRotate360InAnimation_flx4dq
Other Info	��F�Z��Љ��)��*'��q��
URL	https://mes-adresses.data.gouv.fr/sitemap.xml
Method	GET
Parameter
Attack
Evidence	leftRotate360InAnimation_flx4dq
Other Info	��F�Z��Љ��)��*'��q��
URL	https://mes-adresses.data.gouv.fr/static/images/mes-adresses.svg
Method	GET
Parameter
Attack
Evidence	iVBORw0KGgoAAAANSUhEUgAAAMIAAABnCAYAAABSMJ1sAAAKJ2lDQ1BJQ0MgUHJvZmlsZQAASImVlgdUU8kax+fem14IkIB0Qu9IJ4BAQg9FihTBRkxCqAFCFbGzuJQVRUSaIuCqgIJrAWQtiAULi4CK3QVZBJR1sSAqKnuRXX373jnvvPfdM/f7ne/OfDPzzZxz/wCQBbykpHhYGoAEcaokyNOFuTQ8gol/AhBAB2TgAEg8fkoSJyDAF6D2t/+nvR0A0Jy/aTKX6z+//1eTEQhT+ABAASgnCFL4CSh3oMzmJ0lSAYDn+mhlpCbNsTbKDAm6QJRZcyya57k1MVbPc+SXPsFBriijYwgUHk8iAoC0EY0z0/kiNEbah7KZWBAjRrkXZSd+NE8AABmtAjBOSEic40Uo66/+lzyif+Rc/TUnjyf6yvN7+WJ0Dl8oYUZY2Jozham8+ESxWPh/VuZ/sIT4tL/nmzsBSpTEIwj1c3VSARzAB0IgAUwQASyALTBHaRykAh6IB4lAjD7jqcLM1LnBrolJayQxouhUJgc9QSGTK+abGjMtzMzRKs/dh/kpXqt8mQUyMP0Wiy8EwHYxAIjFt5jgPABtaFPAf4vp5AFAewlA6xt+miR9PoaZe2EBCdAAAygCNaAF9IEJulYb9N6xgTvwBv4gGISDlehOokECupcMkA02gVxQALaDXaACVIM6cAgcAcdAKzgNzoPL4DroBbfBAzAIRsBzMAneghkIgvAQFaJDipA6pAMZQRYQC3KC3CFfKAgKhyIhESSG0qBsaAtUABVDFVANVA/9BJ2CzkNXoT7oHjQEjUOvoA8wAlNgBqwK68ILYRbMgX3gYHgFLIKT4Sw4B94Gl8G18GG4BT4PX4dvw4Pwc3gKAQgZkUc0EBOEhbgi/kgEEoVIkPVIPlKK1CJNSDvShdxEBpEJ5D0Gh6FjmBgTjAPGCxOC4WOSMesxhZgKzCFMC+Yi5iZmCDOJ+YylYlWwRlh7LBe7FCvCZmBzsaXYA9iT2EvY29gR7FscDieP08PZ4rxw4bhY3FpcIW4PrhnXgevDDeOm8Hi8It4I74j3x/PwqfhcfDn+MP4cvh8/gn9HIBPUCRYED0IEQUzYTCglNBDOEvoJo4QZojRRh2hP9CcKiGuIRcT9xHbiDeIIcYYkQ9IjOZKCSbGkTaQyUhPpEukh6TWZTNYk25EDyTHkjeQy8lHyFfIQ+T1FlmJIcaUsp6RRtlEOUjoo9yivqVSqLpVNjaCmUrdR66kXqI+p76ToUqZSXCmB1AapSqkWqX6pFzQiTYfGoa2kZdFKacdpN2gT0kRpXWlXaZ70eulK6VPSd6SnZOgy5jL+MgkyhTINMldlxmTxsrqy7rIC2RzZOtkLssN0hK5Fd6Xz6Vvo++mX6CMMHEOPwWXEMgoYRxg9jEk5WTkruVC5TLlKuTNyg/KIvK48Vz5evkj+mPyA/IcFqgs4C4QL8hY0LehfMK2grMBWECrkKzQr3Fb4oMhUdFeMU9yh2Kr4SAmjZKgUqJShtFfpktKEMkPZQZmvnK98TPm+CqxiqBKkslalTqVbZUpVTdVTNUm1XPWC6oSavBpbLVatRO2s2rg6Xd1JPUa9RP2c+jOmHJPDjGeWMS8yJzVUNLw00jRqNHo0ZjT1NEM0N2s2az7SImmxtKK0SrQ6tSa11bX9tLO1G7Xv6xB1WDrROrt1unSmdfV0w3S36rbqjukp6HH1svQa9R7qU/Wd9ZP1a/VvGeAMWAZxBnsMeg1hQ2vDaMNKwxtGsJGNUYzRHqM+Y6yxnbHYuNb4jgnFhGOSbtJoMmQqb+prutm01fTFQu2FEQt3LOxa+NnM2izebL/ZA3NZc2/zzebt5q8sDC34FpUWtyyplh6WGyzbLF9aGVkJrfZa3bWmW/tZb7XutP5kY2sjsWmyGbfVto20rbK9w2KwAliFrCt2WDsXuw12p+3e29vYp9ofs//DwcQhzqHBYWyR3iLhov2Lhh01HXmONY6DTkynSKd9ToPOGs4851rnJ2wttoB9gD3KMeDEcg5zXriYuUhcTrpMu9q7rnPtcEPcPN3y3XrcZd1D3CvcH3toeog8Gj0mPa0913p2eGG9fLx2eN3hqnL53HrupLet9zrviz4UnyU+FT5PfA19Jb7tfrCft99Ov4eLdRaLF7f6A3+u/07/RwF6AckBPwfiAgMCKwOfBpkHZQd1LaEvWbWkYcnbYJfgouAHIfohaSGdobTQ5aH1odNhbmHFYYNLFy5dt/R6uFJ4THhbBD4iNOJAxNQy92W7lo0st16eu3xghd6KzBVXVyqtjF95ZhVtFW/V8UhsZFhkQ+RHnj+vlje1mru6avUk35W/m/9cwBaUCMaFjsJi4WiUY1Rx1JjIUbRTNB7tHF0aPRHjGlMR8zLWK7Y6djrOP+5g3Gx8WHxzAiEhMuGUWFYcJ76YqJaYmdiXZJSUmzSYbJ+8K3lS4iM5kAKlrEhpS2WgP97uNP2079KG0p3SK9PfZYRmHM+UyRRndq8xXJO3ZjTLI+vHtZi1/LWd2RrZm7KH1nHW1ayH1q9e37lBa0POhpGNnhsPbSJtitv0y2azzcWb32wJ29Keo5qzMWf4O8/vGnOlciW5d7Y6bK3+HvN9zPc9eZZ55Xmf8wX51wrMCkoLPhbyC6/9YP5D2Q+z26K29RTZFO3djtsu3j6ww3nHoWKZ4qzi4Z1+O1tKmCX5JW92rdp1tdSqtHo3aXfa7sEy37K2cu3y7eUfK6Irble6VDZXqVTlVU3vEezp38ve21StWl1Q/WFfzL67NZ41LbW6taV1uLr0uqf7Q/d3/cj6sf6A0oGCA58Oig8OHgo6dLHetr6+QaWhqBFuTGscP7z8cO8RtyNtTSZNNc3yzQVHwdG0o89+ivxp4JjPsc7jrONNJ3ROVJ2kn8xvgVrWtEy2RrcOtoW39Z3yPtXZ7tB+8mfTnw+e1jhdeUbuTNFZ0tmcs7Pnss5NdSR1TJwXnR/uXNX54MLSC7cuBl7sueRz6cplj8sXujhd5644Xjl91f7qqWusa63Xba63dFt3n/zF+peTPTY9LTdsb7T12vW29y3qO9vv3H/+ptvNy7e4t67fXny7byBk4O6d5XcG7wrujt2Lv/fyfvr9mQcbH2If5j+SflT6WOVx7a8GvzYP2gyeGXIb6n6y5MmDYf7w899Sfvs4kvOU+rR0VH20fsxi7PS4x3jvs2XPRp4nPZ+ZyP1d5veqF/ovTvzB/qN7cunkyEvJy9lXha8VXx98Y/Wmcypg6vHbhLcz0/nvFN8des963/Uh7MPoTMZH/MeyTwaf2j/7fH44mzA7m8ST8L5IAQRtcFQUAK8OAkANR+UTqstIy+b12l/6Bvpb9bzO/8bTb74y6uc13RezAaCuA4DgjQD4or4c9bpoo7EBmJOawWwAW1p+bX9ZSpSlxXwumjsAeO3Z2cliAIhOAHxaMjv74dzs7CdjVLdUAnDCdV4nftExElTGWKYy90wNELg1/67R/gSxmcJKTjmNHAAAADhlWElmTU0AKgAAAAgAAYdpAAQAAAABAAAAGgAAAAAAAqACAAQAAAABAAAAwqADAAQAAAABAAAAZwAAAAB4yMixAAAj5ElEQVR4Ae2dB5gUxRKA68g5S84iAiJgQESUpKBiBEXMGDA9c9aHilkMKIoBUVTMioIZFRUUCUZAAUEFRECQnDPMq7+h5s3u7d3teXu4uzf1fbsz013T013dVV1d01WTceeQ8Z6EkC8UKFe6mPQ6sqlUr1w6X8rPbaE7Vq2RDUNfF2/jptzemtb4pXqfLBmyX/+QERLczWVKFZN+F7aTC3q0lPJliie49LwVt3XaTFne9XTZsWR53gpKo7urfPmWFEmj9iRFU9rvX0dGDughlcqXSIr6RFeiaPMmsseE92TZEb1k+x8LorML7HWhAtvyfGj44QfVk4+fOCVpmcCaXLh+bak6dbQUrlHVkgr8MWSEBA2BfRvtIe8+cpKULJ4ak2xGieKyY+36BLU+9YsJGSEBfVhWF8WjHu8ppUsWTUBpu6eIjSNGibcuZASjdmqIL6ttkh4HXne41KpaNklrp9XyPNnyzWTxNm9xddz280xZe9fA5K3vv1CzkBHySPSDmteQ805okcdS8vn2jAwpXLeWrLt3kKwf/FI+Pyw1iw9Vozz0W+fW9WTUoFPyUMLuu7VwzWpS/vG7pdLIZ4XzECIpEDJCJD3ivjr3+H1l9FO9kt5CFN2gEsd1kT2+HyVF92senVWgr0NG+Afdf9pRzWRov25SqFDGP7j737+lUNXKUuXrkVLuvpslo1RJKdW7p2SUTM73HruLWuEaIZeU3qtuRXn2tqNE1e6UhozixaT0JWfJ9nkLnMoEc6x7cHBKtykvlQ9nhFxS74U7jpFSJVLHTJpd8zLKlHZMINu3y/YFi7JDTfu8cEbIRRef0a2ZHNKyVi7uSH5UNuKtPPlC2Tx2YvJXNh9rGM4IcRK3Qtni8uj1R8SJnTpoW8Z9U+CZgN4KGSHOMXtLn0OkcvmScWKnDlqJYw4X9h4VdAgZIY4RwLbqy3odEAdmCqIUKiSlLz47BSue2CqHjBAHPZs1rCzFixWOAzM1UUqe0T01K57AWoeMEAcxd+xIb98ltmMXPbBlHJRIX5SQEeLo23mL1sSBldooJY7vktoNyGPtQ0aIg4BLV26QZas2xoGZuiglux+dupVPQM1DRoiTiOOnLIgTMzXRijRtJIUqlEvNyieg1iEjxEnE76an/5vXom32j5Ma6YcWvlmOs08n/LQwTszkRtu8ebMsWbJEFi9eLBs3bpS6deu6XyE1oxbR9wmbk7v6+Va7kBHiJO2kn/4SrEepuON0w4YNMnnyZJkxY4YsXJiZoWvXri19+vSRjDKl4qRG+qGFjBBnn27cvE2m/LpE9m+SWk4tq1atkunTp0utWrWkTZs2UqTIzi7frhvtnn32WVm0aJHUqFHDUWHHilVxUiP90EJGyEWffjvtr5RjhAoVKki7du0iWrl69WoZPny4Y4I6depIt27dXP72ufMj8ArSRbhYzkVvT1T1KJVh69atMm7cOBk0aJAsWLBAihcvLi1atFDfip3OFexELagQzgi56Plf5qZumMR58+bJN99849YJ1uT27dtL69at7VKKd20vW6dM968L0kk4I+Sit3/6bYmsXpeadhXWCI0bN5aGDRv6La5YsaJ/zknpy88TXUREpBWUi5ARctHTm7dsl/7PT8rFHcmDyiIZJth///2lVKmd1iFbOFst2XNU7q7r7bJAHcNo2Lnsbhx0pr5xntStnr5vYVf0vEg2jfw4l5RJXXSiYafNjEDYxRvPOVgmDjtLNky8VlZ9dZX0Pb9twntn1drNcu3DXxA8Lm2h4rCBQtTsggRpMSOcf2ILIewiDjQffT1brh7whfw6b0VC+7Gwhm7ZoaPfGIC4RoR0SfVoFlkRafuiJbK0eWfZsXptVihpk57y30coUayIPHbDEe6DHLz1vbT/p/Lkm5P9DuLl12H6vQLUmSBs3+7JomXrhO3Vcxeukj/+Wi3bc/A5IJ9vHyxevt4x2fPv/Sx1VD264+JDg0WnzblbLwy4TVb1KRhrhpSdEZo2qOzCsBNnaP3GrXLKje+62YCRuEfFUhp76Gg5vkOjiIG5bfsO+XbaIilcOEOqViyteCXdLLJ12w7HDHOUKabPXuZ+o8bPccwSUYBeUO6EqQvlxQ+mKfPskLHPnO4YJBovXa6XHny8bP1+aro0J2Y7UnZGOKBpdfls8Km+pD+j7/s+E5x0+N7yzK1HScVyJYSBPX7KQpm9YKVULFvChW3fq24labFXNccARpWiRQoJDMXvyLYNXPLy1Rvl2Cvekkk/73yJdnS7hkLA3yb1Kwmq2MPXdpYps5ZI7WpJHAXbGpiHY9FWzdKeESBPys0Ih7aq7b5KY98iePvzWXLy9e+4ru7RubG8fM9x8uUPf8rkmUtk89ZtAtMc0ab+P/6AB+8N8EWoX7O8NGtYJQ9DKsVu1dlu00dfyKoLbpAdS1P3RWI8VE+5GYFPM73/6Mn+oJ6qm+B63/ah39a1G7bI1Q99Lk+/PcVPY7dojSplpGGt8nJgsxrSqXVdaayzQr2a5YQ1Rk7AxwC7HbpnTmjpk68MsPraO2Xja+/KjmWJNTgkM5FSZka48vQD5cGrOglqzOffzpPho2fKqx/PkLXrd3784pozW8tt+iXLVqc+7/T9nIgOgxzYrLoco4P8kp77uXVFTvcE81lsw2DpBp5+TmpRpX3cx0XSrW1ZtYcZIekZoZp+o3ioLlCPOWxPp/NfcOfH8sV38yLadNh+teWroWe4NKxHzBQsZge++n0EXlYXxYoWFtSqi05qJR0PrJsVmkv/a+k6tUz9KO+M/U2mDT8/W9xUzVzRvY9sen90qlY/1/VOekbgSzQDrunsFsVDRkzRF1ljZJ2qP9Hw/Su93VogOp3r0ZP+kL5PfCXxulr2Pq65M8mWK/1/k+umLdt03THfzUIwGFamq89o7RbMsZ6Z6mkbhg2XVedfl+rNiLv+Sc0IbVvUkgkvnClr1m9264B3xvwWs2FFCheSvn12vkHmy5ZYjWLBz78vlTc++cXNFuPV/LlyTdZfn2dd0GrvnZ9eZQaYs2BVxHsG1DO2WWDCTTfY9vsfsuKYs2Xb7MhZN93aGWxP0i6WeYs7uO+RTtfvcskb8vv8lcF6R5zzbgBV6PEbu2T7QT+YhB+ARP94whwZoovqcZMXZNpRiqWIGSArYJ9RJTXPphvwNrmgMYH1YVLuNbrs1ANky9bt0vrMYdkygTWCResH42bbZY5HJPpx7Rs5C9TysVfKc7d3kwZqVYoHau5RRu6/smOuF9fxlP1v4/A2ufInr0pG0Zytaf92XRP9/KRjhIP3rSmddMF62HmvxB1Ui3cJvAz7J8Dsw76hWSMvdGuDqpWyd2DnRRrqVyo68cdDn0LVqrgvcMaDm044ScUILFDP0UHJCzIWqPEAA3LEQ92FL1zmBf7WPUQbNm2VQtnsomtUp6LwQi9dYfsfC2RZ2xMK1PrA+jJp5kDG37kn7CuX9R8t6P3xAnt/2v2Dwckz8EEePWmufDJxrtuDlNUzeTN93dkHSdeDG6TtblPavmHYm7J12sysyJDW6UnDCFUqlJKnhk+OmwmqVCgp913ewak1OfUQG+mIX8os88Mvf7stE1/9ON9t1svp3py2W8NE7HJlo1+qQ/FOh8jaux5N9Wb8o/onDSMwUOMF3giPHNDD3/DGdmrs+99ouJWvd1mBTj2yqfvo37D3f44wfcb7jIa1Ksj1vQ+SPt1bZjkLPDNiqvB+47uXe8dbbFLjFaq606qW1JXMp8olDSPE2z7WEM/tcoh5TbdYPDNyqoz9/k/fYcbKeV3fGQB84KOz+hH06tpUZ4PFbtYxnFhHFuvX924j3Ts1zpIBCPZ1xQOfCYv0r5/b+UY7VlmplrZl0g+pVuWE1TelGKFOtXLysL5pHjV+ttw5ZIKbAXKiRJP6lYVFLtKbGSMrQNUaeN0RwpczswKcc14dNUNuHvSl1K5aVia/dq7Uq5HZdxkvNt5t8D6iwwF1siouX9I93XG79bspwrFQ+bJSZJ+94zKH4om29q6B+VKnVCg0pRiha9v6ctRlb2a7sI0mOgOSX3aA6XXILUdla4J978vf5ZoBnzuvtpvOPVhuV880TK/RwNrj4ns+EWIgsYiHcfFjyHdQ7lvX/wlZ++BT4q1Z9//HafSKIg3qSOE960mRRvX110C/jtNCirVuKeqh5L6vzHbrdQ8N1o+PZ46L+v+C0vsspRhh6Ds/5Utv8BEQ3jZX2vXVTDzeiGG0bsNW59sw4otf3cDGVfO9gSdl8kvAoR/17Nc/V8h/dbZg5oBJ2AzYvFH++zB4GzbKyrOulE3vfpKZPtu2ybbf5rrf5sy5YcouCiT97tPd0VOoN6VKFFX/5dX++ws8z1o1rup8GNq2qOl8n0sWj5QbMM99z02UAS995/ZEWV3ZzUowAbZ35zvoQF96aI8C4UWWX7RM2r1G+dXgWOVigcKLrXG9Ss4Ns16N8tKwdgXf+SfWPaSx8D771g9lxpxlESi8mf70yV7SUplod8Ca2x4KmSABhI4UcQkocHcXwZtlXnhd2KOl+yA4aslE/ajHY6/94N4dRNeH3aondNzL+R100fv2Vh/keAFnHFQgXsQ9oT4J0V/brK6+E+N1xyym190BW6fOUN3+6d3xqLR/RsoyQld1sj9WnXV6dmkiDEAAVQWrDr9Y7yWwOj1y3c69Qln1LIz00y6Lj+HM0hhJMMDIMb8KYR9jATPBl8+evtuYgDo4K4+6VoaQdwqkHCOgp+Ogj0dZEHDfPO/2j+TPxZlDmxPX6NJT9lfrTU0X4gVJPv/vtW5nK1u88TfgpRxRL1gkZzXYg88LnsNgMEG8O1iD9/7T822z5sim9wqOF9k/pVO892V4CvEiJzseKlGsQUw4yP2bVM/yBVmytyusX/5TIK0YIf/JFT4hXSmQVNuw05XIYbuSnwIhIyR/H4U13A0UCBkhBpG36UuqSy+9VAYPHhwjN0xKRwqEjBDVq9gOzjnnHJk4caIcc8wxUbnhZbpSIFwsR/XsnDlz3Ef3evXqpX7JoZyIIk/aXvqMMHDgQOHj1MAee+zhVIPsWr18+XJ5/PHH1Q/AkxtuuMH/Lld29yRr3t9//y1DhgwRPsIdDYcddpgcfvjh0cm5vv7www/lu+++kyOOOEIOPTS5vqnwyy+/CL9p06bp2/LIF3TMjvXr1891e1PuBt4jAE888QTvE7x9993XU4bYmRj418+TekoUTz9W7VKVEbw+ffp4ZcqU8XQABTDz73TkyJHennvu6f3xxx8JfYh2vteqVSvX/lGjRnljxozx3n//fe+QQw7x9Ov0CXkWZULfl156yS/vqaee8vr27etf53TywAMPeFWqVPF+/PHHnFBznV+pUiWvRIkSru0fffSRd+edd3oqEL2//vor12X9Gzds2LDBu+SSSzwVNnE9ftmyZd4+++zjde/e3aP/kegO6HA6aujQoZYUcVTp7+23337emjVr/PTzzz/fO+qoo/zrRJzoR7G9RYsWZSqKAcogeOWVVzLlJSIBRtCvTkYUNXny5IQNBP3GsaNvsG1nnHGGxy8ICKHFixcHk9z5iy++6OknYh2DZspMQAKDvkuXLhElwRCJgD///DMRxWRbxvfff+9Vq1YtEyPEejY01q+LOiZYsWKFK9dnhBtvvNF1FJwSLzRt2tS766674kWPC49ZZ9iwYZlwv/zyS+/XX3/NlJ6IBGa0YsWKeeeee65f3G+//eatW7fOv87ryYABAzxVMXIs5thjj/UmTZqUCe+rr77yNm3alCk9EQkMDIRgsC8TxQSPPPKId9lllyWimrkug5mza9eume5bu3atx3gKgs8IRx55pFOLgpl2DlGOO+4474UXXrAkb+nSpY54V155pXfiiSd6HTp0yDTNM3Cvuuoqr0ePHt7TTz/t7p05c6Z33nnnef/5z3+8N99805X73nvveZs3b3a4dAgzT3D6HzdunPfQQw95J510kqe6rF+HWCdbtmzxmKlKlizpHXjggd769etjoUWk/fzzz64tEK1fv36OIerUqROBg+S4/vrrXd7xxx/v2nvBBRf4OGpy9R5++GFP1xMu79RTT/XzODn55JO93r17+2mvv/66B80///xzl7Zx40Y3tdP+s88+O2ImUguWU9F0feF9/fXXfhmxTpixeVbx4sXdIIhHbaV/eS79RPt1zedoTfnQm7bQZyNGjPBOOOEE74033vAfresK167TTz/dtfuxxx7z8yiHco8++mjviy++8NMRMuCpVc4bPXq0S6cc8BkXqOnQ8eOPP/aQ6FdccYXXsWNHTw0Z7r7OnTs7TQSVBgjWwSXoHzTba6+93FgKajnMtqiYlEe5Bj4jlC9f3lXCMqKPGRkZ3muvveYnQxQaScV/+ukn74477nDXRngGMjo2HQxxqbzBhRde6HAhKEQeO3asy3rwwQed1LQGkog0ad++vRvQ3bp189S+b8XEPMJU1Mt+r776aky8YCJ6O/j63sBjUDA7Qqgg0NGnnXaax4B/9NFHvSZNmvjZMDF1ZCCh2t18881uLWMItKdChQq+2gn++PHj3TPpRAMYrYMKlCAwKBggQOvWrb1bb701mJ3pnE63tnO0gZYJMZBw2223uXs+/fRTx5j0CYMFYE2IMKMs+otZ84MPPnB5zFyVK1d2A5aExo0be2p0cXn8UR73qTHCT4MhGKDz58/37r//fq9NmzYuj3UfApVxxtii303ff/vtt105bdu29b799lvv2muvjZhdmdG4FyY1gMb6QXWP8WAAU1esWNHVH0ahbgsXLnTZjhEYyCTGUknAYlCTT+UNGJBIboP77rvPq127trtECteoUcNjEKo1xkO6MrUbwBRIw2hg1jnrrLP8ZJPUVJrGs0YgLTtgUV+uXDlXXzV/RswsWd3Hoh8JymxiENTlSaNtL7/8ssu++uqrvYMPPthQXadxDRMArJtYuBn88MMPrj6///67JXlPPvmkV7VqVf+ak06dOjkmtESYBN2dhSAzCDpwLJ3X8DkyOIsWLeqexwI4nsUu0rdRo0Z+MahgDC4D1DV+QUBthCYIBQCVmjHCusoApg0KDITk3nvv7Q0fPtxDp2/WrJn31ltvGbqbwRgD0cAYQlAjVAG15HlnnnlmBBrrO2ZkA8Yb9VmyZIkluX5BCDMrYBRCsBk4RoAzuWnq1KmW7lbSpp6QH72QpIH//e9/HT4Sr3nz5t4999zjruFCuPGmm27ynnvuuYjKQAwsTdFMR3rZsmW9QYMG+XVAEqJXM6PQyHg6lZtnzZrl9e/f35sxY4ZfVnYn1atXd2pUEAdmnj59up+ElGRNxACnAxncANYz1hcs5gEkKNd0tsG9997r1axZ0y7dEfUq2BG0H6tN8D5mFluHYcVCt40HqDezq0m77O5h0CMEUDuzAhiKwRgE+qN06dL+OgqGYLAGAcYOqoOffPKJow39yVgJ9g8zLeMi2P9W1sUXX+xBLwBhA52C1jxmE8bvlClT7BZn9QrSHGHCbIOgvf3227133nnHx+VEqACSnYJsMUpnovKYWoEuh2pgAEeBb1MkREFimETEwoRUZjCxlrByuN+my+hBDRNS5pgxY+wxHgSwWQdpypSZaOB5PBc1ziQ2hMWCYh2FGgPxUV2CxKYun332mbufQcdgvuWWW9x1kIlYe/Ts2dOvOnisYYJqBLo/9bA6gAzzmVUOJpg9e7ZfRqJOWPfxXCRlLLB6Ra/NYBzWLACaAmZtBIQBwrFUqVKOIS2NwctgNCNEUEuYMGFCpvbbfQhDjA0A6hL1DQrt559/3o23oEoNzY123Ldy5Up3n6nhCEsbr+QLgw29NPp3yimnuFkBJKZNuB0pA1AZdF7ssO3atfNYNMJQBnQYU7q+OHI6LYsjAyodZCpLR5elgRCXBTXA9Im0srVBsPF2X16OqB7oldFt5xppbAAjUzd+qGfkLViwwGWzgIMWMCw6LIt6hAB1Rk0DWrRo4fTiZ555xl0zXaO2oVPbIpL1CWmsT8ykh3TkmUgx7Ppz58519yfqD30bAUZ7YfwgE9ozkNw24C2NI/VF30bis5BGytJXtp5BmKKiIWBs9qRdqMwwDKoui2ED1p/QLBpgMupn2gl9AZ0Y5EYnykLVgV42DtFYYCCT/AgfcOrVq+c0FYQ1aQZONbKL8JiZAli7WNzBlCzA0GlRV4ILs8x3hSmpRoGUc9VUCblbQVUfUYknBxxwgHuuqgRuO4KqQru1HuHD8pcCISPkQF+d8kUXyKJqjKgqILrGEdVtRRd+OdwZZqcSBTKYwlKpwv9GXVWXdDtSVb8U3ebwb1QhfGY+UyBkhHwmcFh8alCgiK68RV93p0Ztw1qGFEgwBdTi6Wb50PMkwYQNi0tNCoSqUWr2W1jrBFMgnBESTNCwuNSkQMgIqdlvYa0TTIGQERJM0LC41KRAQhhBd5KK7jMR3RiVmlQIa13gKeAWy+qiJ+opFZMYugdedFOTHHTQQTHzdaOWqCeYXHTRRaLbjfWzXIVj4oWJeaOAbrgT9ZuIGWnDStbNeaLeeXYZHnNDAd4ss8WXbat6n/vhPoinEz4IpOngjtgnzz0GOLAEt9NaenhMPAXYLWt9xF5/9vXzY6cw25vNPyTxT07/En3zqTrfiDrSOB7SraxOsuseblGPIlGfAvfSQbceu3x1QhHd8irq7OCug3+6z17IB5BOuiXbz9bts6Jbt0V3b4r6O7h09WIS9Ul257p9WdjboxEG3PU111wjuv1W1AFE7r77btFIE6L+uEJMpWjgHt0e7WIykacec/5+IN0OLOpuGBG5Th1SRAMFiPpWuKLU5VB0v7zbT2Rls7GOdurOUw0pnyG6C9XVnThHupXY0ER9EET37btr2kBddeu1u9Ztw6J+Hu5ctyyLOouI+iQLsZRiAe1XN9FYWS5NnX5E99ELszjPNdAt8i4ulW6bFg17416S6vC1bHds0KCB6BZ40S3XEel2wbPVC0wYC9GgLqNuHDDjQ0t1ovJR2H+l/gTumrJ1a76fp74doj4Pbn+W+gv46dBJt167vvUT9UQdfER9PkS36weT3bm6b7rYS1zQHxoOR3S7tcvjGYw76Mo4YzygpdBnujVcdMu5w4v+U29JUVdVFfe7AMcHRXI/29NNFnFfSMc3NQi4apKOr+4YdW7Bg+nyyy93XkuGh+MDe/PBw1MNLyvc+7g26cWecsNhP3kQyGNPe9DJGldF7ufHXnNmLxxYuNYdosHbnb8E6ezljwX4SVhZONgEQQezezaO5zwDpyAlrMNnhmQ/uwEOIXhDxXoWzkmks2ffAAcoey6eeni34cWGTwMBDbIDvLi4NxhxAnyc9vGNMLB+M9dEPOu4j7qbn4ThcqSeeNbhWYjjVTRQPvdSRsuWLf34VobH8/BbCe7xp234KODhhp8G44Qf44Rygq6/lMN4wa2XvKAvtz0DV038XMjHScpAmcCl4TuBiynjgjGlQdUcCuWqEHA4+EvQn9SHvmU2BXxGIOwGD+BnjIDKRCNIw/MqCAwu0qNd/Mz5xHBxhgDPnGrMyQUHFwNdfzgc8qIBP10GSRDwFqNMvN8AGkonkoZDiIGpe0FPMMuzI/fwCzq94INAWtDv2PBxSCEP55Bg2BUcUEjH0Twa8E3GdTQIeG+Bb20gj84P+vwG8e0cBynuCzKCMZLhcDSmxZccoE+pB/fGYjYEGXn8cOaPBTi1GA6OPPhnGOCWG3TgQcjQJwzIIG0Nn+eZY42l4Zdt5eNHHgtw6gEn6NKKmkhasO9hjlj9E4xoAT54gG81Yqox0EEuqCwskNmLxHTLVBwErETRoBJfiBkaBKZywKZFm1KVwXw01KmsALUmOt/KtHu0MaKO96J+raKEt2QxPKbzrECZymWpJPRRNCKHcK2RHPw0O2G6VU8q1x7UEQOjR3RdyddBnykkJu0C7Pk60wmqGOpfdsC0D2iHOhVKBY2oZHM+EsH7DM/SoA8qL6BulZbsH1FFVDq6axUEPq6PoCfQE7UP2qhHoegs4OPRfmsL91Aez1Qne6kfI2Qke3zY1h4Ewo7Sh5SvkUVEZ6Fgtju3cRrsZww6AKqTqeuooRohw6XzZ/1jCYxHFVoCHuAzAluNDWgkDVY/VaHCqsZYln+0waV+vXK76paEUcdpJVbluQldEX2bdQMVR3c2sEFh19FHG9DR6eol5tYc1JHfu+++G4Fig8HqGpG568IIazgqyUT9qUWlp6gaEusWNwDIUL9XP98YyY5+hp6QFhwk5NlzVe1zA5q1GLp2TmD9pLOdo3u/fv1Ew7xkus3qQVBjdYl08VvVV1gY5LYGs5t0thZ+Opu72Kzo2eqJZ9n+UQWnoFPTd9RfQ984oaAzstCHRkNuYFwA0c9yiTH+WGOpC7BodA/R0Cyis41bs0WjUgcA4WLAplGeA/NoNBFR91fL8o82FhgjjFfWeUFzv88I/h16os7qbkYgjQUkXlrRYB3J4q9jx46OIOzXjwbrOBalMAPvHHSq9D2+wA8SMPp+Gh7NKDa7MAPpdOqYkE6kHvY8yjGiGRGiy+bayrIjgwVgMNAZsUD9bl2yzW5cZNcG6hTNzPY8JCYdo/GCYj0qy7S6deu69mI8QLIhnYNgjKD+387sqiFxRP2hRdcMQTR3rmqbqGrnDBMsqAEGZDQwo/DTQASC1gAgNHWN5haoQRqYZEajiAcYZwgfDY3pFrjcg+A0OlkZdm3jj3RdN7jFMHVCeKuKJhpT1u9/cAxf16iiPuZupoqYvXWwOAgultH90CkJ0aJluDAb5lBv+Cw2yAuGJMH5O6g3gmtlEKUgKyCWDWUFA+QaLot0nWbt0h21AQ5fB6ufjiM8ZRAlw8DKjQ5FYvkcdYC6+8wZnwgL2qEuLZYuzT3o3TyLoGYG+DCTphLHkvwjTu7B4GhkELoGfIvVox0c03neL2TXCTo390Wv2aLx1OLm8KgrRgruUeZwwdiCuARaUEHhdVAHefuBB350n2HoCBoVWIiDxw9neVt4Ur4ZUwhokBMQzEBVFxfsy+pAqBjKjaYb/uOkW9CD6LLxLSdAADgWbAIcYjeRFhwLBJU28GcE0x8V2ak3cLcGnnWcjpTUaAeCydFAC3CnxqFcoHvqgi/i5RzTJmBHdxH1Z15fmGmDwLSOqRSOD4JJ/WCZam1wKEFfYqtj9IzAmscAPRYw6Y+pViMkuDTMbmowcOf2pwssZ7ZDemmgL0sWJA2gERv8NE7Q/TFDgx8Eey7lAUgsygiWGcS3c+sntfJYUsyj0Qh8+g6/a8416LDfVm5EiupglbFjx/o/Db7mygyqDiRAo+AYQM3iJR/AzBOkM+ZxZnJmIo2Q53CCf6gzZlpnbYCUBtfqYeVqqKDgbf44spmbNpnZH0R8y9EOAEzvBjYWguMVFUxjcLn+8a1GalN3HKM3RoTJwzpBGj9iaiK5AMyfpGHyw9ymDXDR2zAjBrnVrBxB7nMFBP5Y3asO7cKDINGZVbAoYJrFEqGd6mMjQU1im+WAgGLMEkjeYIQ6pBF1JHwgZjvqhRkTqQNgvrO2BYPCMtMg4cjD6mXR9Yjxw0tGZpHol4jWBsybRK7GHKmqoDPRERcqCFiK7LlIbOqG1CZECabgrID6KsO4e7GUZAeEn+QZunZyaJgViTJHmkluZnmkfzB0DchY/qx+hHwB6BNwyQsCfYPlEPzoyN6YT5ltuI9xhNmW8UNEc/pQhZYLB4n0Z/wFgZhZVgcbTzzLZkSsdwYqZFzcXaycKhz9GLKE3TewsP/MVFi0KJNIfMzMBDlzjEB8TQaH/YgvY4GsqDimMTP3EcyLSoJj+MEjzEJlAB5keTTUAohZ5YJHAi7ReRCOhqm+71QP7NcGlEvHWpnBozXQcJkWKSOIY+fYmWE0U6cgOKbBoF0bFYl2m13bOoVjVuZF2sCgoA3gMY1j26YsAyKuZRVLivohUGIBTEWQMGsDRwIwxwLUCWs7DGPxP2FwwiXCTLTBYjoRN4l6AQTCQt215zC4YWoEHm0iND0CIQgIJ2JcEbw4GhBspKNWISSsXGNGU3WINhg0HdvzeCZ5qGnEyeKaH0KPUKAAY5LyLY97MVebAKUPEGyMK1P7DJe4TIA/I7ir8C9bCiDRiHEKEXl5x3sPnZqzvSfM3EkBBq2aUTOFY08W+vhbLLRzQ4iTAljRsHLozOi2nqBrYoEwU3Jw+0WcRaY9mi6I3aZMaMc6MtkgZIQ89IhOvcKCnkU7C0XMxxEmuTyUnW63shDm/YxaEd3+tWRr3/8AZMl8ESq4qJwAAAAASUVORK5CYII=
Other Info	�PNG IHDR�gR0�l 'iCCPICC ProfileH��TS��ޛ^��tB�H'�@BE��FLB�B��ED�"઀�kd-��Y�u� *{�]}��9��3��\|3�͜s��xX�q�$�Ӆ�4<��@d�H<~J' ��М�i2��?��W�S�@('R� (w��'IR��he�&ͱ6� �@�Ys,��51V�s�>�A�(�cO"��3��"4Fڇ��X#F�e'~4O�0NHH��E(��<��\�5'�'��{�bt_(aFXؚ3��D�X�V��;J��#�suR�B L,�-0Gi��@�>��Թ��Ik$1��T&=A!�+�3-���݇�)^�\|�20��/�v1�ŷ��<mhS��@{ @�~�$}>��{a �(5�� V�ޱ�;�� N�A�� 6�\P��]�T�:p�@+8 ΃��:��0F�s0 ނ��C��:�Ar��!_( �"!$�ҠlhTCP T��CW�>�4�C��0S`� ��á}�`x,��,8��a�>_�oÃ�sx �G4��"�H�H��H>R��"MH;҅�D� �=��c��c�1�1�� !L�"�&f3��bU�FX{,�+�f`s��ؓ�K��['��p�X�Z\!n�ׁ�� x�"��\\|9�0��?�G � BAL�L(%4�� 4Q�hO�' �k�E��v� �q�$C�#9��I��M�2R��!�5�L�$ۑ�1��2�Q��=E�bHq�,��Q�QR:(�(��T�.�M��R�Q��R�R\)��J��~�4"M�ơ��e�Ji�i7h�Di]iWi��z�J�S�w��d�2�2�2 2�2 2We�d񲺲��:��t��Ew��[��#C��e�2 G=�I9Y9+�P�L�J�3r�򈼮<W>^�H��8��4-�_0��V�+4+�V��TtW�Sܡت�H �d��W�҄2C�A��\|L�� b��V�N�[eJUM�S5I�\��ꄚ�[-V�D�ڸ:]�I=F�D��3��Ìg�1/2'5T4�4�4j4z4f4�4C47k6k>�"i��J�:�&�յ��uX:�:�u�t�u�t�t��)�q��S��k�o�Xq{z aCk�h�J�F��Q��>c��ظ�� ńc�n�h2do�k�ٴ��B�w,�Z��,�l��sYso��,-��,��,�,_ZY ��Zݵ�[�Yo��dck#�i��ն��b�X��+vX;� v��ا��!Ρ�al��"��5y�5��NL�H�}N��<�Z�'l-��}�=�1��rs^��H\N�L�ڻ�s�pC�<��z�e�C�+�{hz�<=&=�=�zvxa�\|�vx��r��z��:�>�%>>O\| }%��~��N��u��N�Gz�?�+��eu-�/Y��a��`��!�!i!��ana�a�K.]��z�RxLx[>"4�@��2�e��,�^��\|`�ފ�WW��_yfmo��HldXdC�G�?��7��j�$ߕ��\��ƅ��b�h�cTqԘ�Q�S4�]=�S�2�+�:v:�?�`�l\|X\|s!!2�XV'��ؗd��4�l��+yR�#9��HiKe�?��4��҆ҝ�+��e�fϔ�gv�1\��f4�#�ǵ��ٛ��q�լ�֯^߹AkCΆ��m"m��f��ś�l �Ҟ��1g�;��s�r%�w�:l��}��=y�y�y�� J>��`�C��ۢ��ݎ�.�>��yǡb��~;[J�%�%ov��u�Ԫ�z7iw��2߲�r��+�+nW�T6W�T�UM��T�Z]P�a_̾�5�5-��u��C�w��ҁ�� :t�޶��A��nLk?��p��#mM&M5��G�Ѵ��~��i��ϱ��M'tNT��o�ZִL�F��>��~�gӟ��8]yF�L�Y�ٜ��Mu$uL��\��.^��s��e��8]�8^9}��k�k��m��t[w��=6=-7lo��-�;��˷��^\|�o d��w� �݋��~��b�?�~T�X�q��6��r�~��Ƀa��R~�8��tT}�~�b��x�e�F�'=��]��/N��{r��K��W��_\|c��s`��ۄ�3��z�z��!��L�G�ǲO��?�\|~8�0;�ē�HmpT�@ G��H��_��[��o�2��5��h��l[Z~mYJ��\|.�;x��b�N\|Z2;��'cT�Tp�u^'~�1T�X�2�L �5��JN9�8eXIfMM�i� gx�ȱ#�IDATx��9K�""`@D��bE�0=sև�Y(�QT̊� F@AD@��3̫��y{��7�}�3�]��]�U]]�U�q�񞄐/(W��:��T�\:_��m�;V�� C_o��ޚ��z�,�_��eJ�~��z��e�'��u�LY��tٱdy� J��\|��I��$ES��_GF�!�ʗH��DW�h�&�Ǆ�d��d��u��\|h��Փ��8%i��\�~m�:u��QՒ �1d� �}�!�>r��,��lF��c��>�� !}XVţ�)�KM@i��#F��.d�vj�/�m�^w�ԪZ6Ik��<��d�6oqu��LY{��P��H�א�Nh��R��)\��w��R>?,5�U�<�[��dԠS�P�p�jR��g��")2B$=�:��}e�S��Bݠ�u�=�%E�k�U��CF��Q�dh�nR�P�?��߿�P��R��R%�TI)ջ�d�L��Z�!��ޫnEy��D���Ť�%g��y��s�{ppJ�)/�g�\R�;��R%R�L�]�2ʔvL ۷��CM��pF�E�ѭ�ҲV.�H~T6�<�B�<vb�W6k�q�B��Gĉ�:h[�}S�� !�1{K�C�r��qb�Z�c�t!��zf �$�/>;+����=�5�,ŋ�35QJ��=5+��Z��1w�Ho�%�c=�e�H_��y��ā��(%�� c�CF��KWn�e�6Ɓ��(%��O@�CF��,�35ъ4m$��K��'��!#�I�獵��עm��Y��O'��0N��Fۼy�,Y�D/^,7n��u�_!5�� V��$��G��tÆ 2y�d�1c�,\��k׮-}��2��F��g�nܼM��D�o�ZN-�V��ӧK�Z��M�6R��.߮�}�YY�h�ԨQ�QaǊUqR#��BF�E�~;�c� H�v�"Z�z�j>\|�c�:u�H�n�\��#� �E�X�EoOT�(�a�֭2n�84h�,X�@�/.-Z�Pߊ��D-��_�n��y��7�\|�� K�֭�R�wm/[�L��I8#䢷�m��^��v��7�� -�X��I��]DD��r�ӛ�l��O��Ƀ�"&��T��![8[-�sT��@�hع�nt��q�ԭ��oaW��H6��8��I]t�a�͌@��9X&;K6L�VV}u��=�m�{g��r��_<.m�ⰁB��i1#�b!�"4}=[��:oEB��n١��F�tI�hYi��%��ygٱzmV(i��G(Q��<v��䛓��a��ԙ l��ɢe��s��?�Z-�s�9 �o,^��1��,uT=��C�E�͹[/�MV�)k��6��°gh�ƭrʍ�ـ��G�R{�h9�C��m��v�")\8C�V,�x%�,�u��s�)��^�~��q�Q�^P��)�쐱Ϝ�$/]��\|�l�~j�4'f;RvF8�iu�l𩾤?��>�t��̭GI�r%��=~�B��`�T,[m߫n%i�W5�F��E ��ȶ \��+ޒI?�\|�vt��B��&�+ ��v�)��H�jI��c�V�Ҟ O��Jc�"x��Yr��︮�ѹ��\|�q��Kd��m�Ѧ�?�� E�_��4kX%C�n��n�G_Ȫn�KS�Eb<TO��O3��z��ֵ��}.O�=�Oc�h�e�a��r`�ҩu]i��B��5FN��gNh铯��;e�k�ʎe�58$3�RfF��: j��Γ�gʫϐ��w~��3[�m�%�V�>��ج��uEN��Yl�`��~NjQ�}��EҭmY��!��~�x�.P�9lO��_p��w�"�t�~�嫡g�4�G�,f��}^VŊԪ�Nj%��K�k�:�L�(��M� ??[�T�\ѽ�lzt�V?��NzF�K4��CFL�Ycd��?��+��Z :��ѓ��O\|%�Z�>��3ɖ+��-�t�1��B0V��h�̱��i� �U�_��͈��I�m[Ԓ /�)k�ov�w��aE ��}v�A�˖X�b�Ͽ/�7>��rM�_�g]�j^e��`U�{�3�Y`�M7��☳e��Y7��lO�.�y�;��N��r��zG��nU��d�A?��D�x��q�d�Q�� +`�Q%5Ϧ�6��1��aR�5��d��a�2�5�E��f�e�G$�q�9��W�s�w�jU�j�QFc��o��6��'�JFќ�i�v]��c��)�t�z�y��T�w ��'��þ�Y#/tk��w`�E�W:��C�Bժ�/pƃ�N8I�,P��A�2��r�C݅/\��=D6m�B��kT��B/]a�dY� ��2i�@�߹'�+��-��{��3�A=i�\|2q�ۃ��3y3}��I׃��nSھa؛�u�̬Ȑ��I�U��O�� T()�]��59��_�,��/�-_�8�m��ޜ�[�D�re�_�C�N��ڻM�f��' #0P��vj��h��wY�N=��߰��0}����>�[f9<3b��~㻗{�[lR��Ӫ�ԕ̧�% #��>��r�yM�X<3r��O�a��y]�\|ࣳ��Tg��n�1�XG��n#�;5Β�u�� F;VY��e��V��7��N�r�i5~��9d��r�D��E.қ#+@�x�3��s^5Cn��ԮZV&�v�ԫ��w/6�m�>��u�._�=�q��)±P��Rd��2�≶��R�T(4��k��r�eof��&:�_v��u�-Gek�}��;��=XnW�4L��{>b ��q�c�wP�[�� Y��S�Y��i�" �H�=�I�F��@��B��n)�侯�v�u ֏�g��,�a�;?�Ko��6W��L<ވa�n�V��0�_��U�'e�K��?W�u�`�I�ؼQ��0x6�ʳ��M�~��>۶ɶ��̹a�. $��S�7�JU��<�Z5��\|ڶ��\|�K��0�}�M�/}��DY]��J0�w�;�@_zh��E�_�LڽF��X�b��q�J� �^��Ұv��'�=��>��eƜe(��^�R�hw�� q (pw��e^x]أ�� 8j�D��c��Dׇݪ't��t��V�xgT ^�=�> �_۬��u�,��[��P��F�2BWu�?V�uzvi"@U��X�%�:=r�νBY�,��.��I0��1� ac3��Ϟ�ۘ�:8+��V��w �#��㠏GYp�<��řC��S�W�MM�I>��ng+[��7�Q/X$g5؃��`0A�;X��m��Ȧ� ��?�S��ex �"';Q�AL8��T��Y��+�_�S �!��>!])�T۰ӕ�a��!#$�5� !��K�K/�T#7LJG ��ի��9��8q�s�1Q��e�R \,G��9s�G�z��~ɡ��"O�^��0p�@��{��T��Z�\|�ry��n��.Wv�$k��-C�>� �v�~��ɹ��ﾓ#�8B=4��/��iӦ��t̎��u{S��#O<��}��S�ؙ��ϓzJO?V�R��>}�xeʔ�t0��t�ȑޞ{�� }�v�תU+��Q�Fycƌ��}�C�� yeBߗ^z�/逸��_�t��xU�T�~��ǜPs�_�R%�D��}��w�wz��+�e�7lذ��K<6q=~ٲe�>��u��ݣ��p:j�С�qT��~ޚ5k��?�;ꨣ��D��G��E�e�� x�W2�%"FЯNF5y�� Ʊ�o�mg�q��/�ŋ��/��'b�f�L@��K�.%��?��3�d[��U�V-#�z64֯�:&X�b�+�g�o��u�/4m�Ի뮻�E��Ygذa�p��K��_͔��f�bŊy�{�_�o��[�ο��ɀ<U1r,��c��&M�� 﫯��6mڔ)= �`�/��<�w�e�%��.��k׮��[�v��x ��Gy�S��vQ�;�8�^�$o�ҥ�xW^y�w�'z:t�4�3p���G��O?��9s�w�y�y��7�\|ӕ��{�y�7ov�t3Op�7n��Cy'�t��_�X'[�l�J�,�x��c�E��Ϯ-�_�~�!�ԩ��]��{��8jr�~�aO�.��SO��89�䓽޽{�i��?��s��q�F7��>;b&R�S�t}�}��~�N��yV�� Gm�y.�D�u��hM�Л��g#F��N8��7�� ׮�O?ݵ��(�r�>�h�/��2�U�=z�K��?��W\q�ױcGO �Ν;;M��%�4�k��X j9̶��G�>#�/_�U�2��k��'CI��'�;�p�Fx2:6q��^�p!(D;v��z��Դ��4i߾��ݺu�Ծo��<�T��~��jL�`"z;��cP0;B� �ѧ�v�ǀ��G�&M��01ud ��\|��n-c��B� �� 3�D�� 0( @�֭�[o�5��N��s�� 1�p�m��{>��Sǘ� �`M�0�,��Y�>py�\�+Wv��ƍ{jtqy�Q��1�O�!��~�M�6.�u�q�آ�M��]9m۶��[��k��]�Ѹ&5��Au��`SW�X��F�n.tَ�$�RI�bP�O� �Hn��ϫ]��D רQ�c�5�C�2��H�h`�9묳�d��T�ƳF -;`Q_�\9W_5F�,Y�Ǣ �lb��I�m/��˾�꫽�>�P]�q ��X��>��%yO>��W�jU��N�:9&�D�ݝ� 3:p,��928�-��8��.ҷQ�F~1�`.�5~A@m�&��1º�� {�� >�C�o֬��[o��BP#T��yg�yf�;fd��Y�d�%�~A3+`B�8F�3�i�ԩ��VҦ��>�y��=��B��n�{�@,M�LGzٲe�A��u@�W3��x:��g͚��ߛ1c�_Vv'իWwjTf�>}��dM��3�,�$(�t��լY�.����M�>f[�a�B��7��I��a�#P;��t��: �`��\|� ��X �3-�"��V��_�A/a��<f��)S�g� �a�l��۽w�y��D��l1Jg��Z�.�j`G�oS$DAb�D�Tf0��r�ߦ��A R�1c�1�Yiʔ�h�y<5�$6�łb��Q]�Ħ.�}��A�`��[�u��X{��ӯ:x�a�j�?��:��U&�={�_F�NX��\$e,�zE��`�,�fm�±T�R�!-��`4#DPK�0aB��}C� �� ލ��J ͍vܷr�Jw��K�� 4�w�)��Y$�M�)Pt^��ڵ�X4�PtS��8r:-�#dKG��5�􉴲�A��v_^��m�il#S7~�g�-X��e��0,:,�z�uFMZ�h��g�y�]3]��S�"�� i�O̤�t�H1��s��u�'�}F{a� �3��6�-�#�E�FⳐF��W��A��!`l��]��0�.�a֟�,`2�g� }��F'�BՁ^6�X` ��p�ի�4�5iN5��X�X��,��iQW��w�)�F��s�T �[AUQ�'p�{��n;��B��!#�@_��EȢj��* ��mE~9�f�2��R��F]U�t;RU��oT!\|f>S d�\|&pX\|jP��E_w�Fm�Z�H0��f��$�� KM ��Qj�[X�S �Lа�Ԥ@��oa�L��Lа�Ԥ@BAw��3��Tk]�)��'�)��^tS�t�A1�u��'�\t�E�ۍ��\�cⅉy��n��i�J��y��yvsC�,�ŗm�z��>��>��'�=8��ZzxL<�-k}�^��c�0ۛ�?$�ON�}�:߈:�8ҭ�N��nQ�"Q��A��\|uB����ஃ��^��N�%��[�Ewo��;�t�b�Iv�}Y�ۣ��5�\#��V�D��n�H��BL�h��b2��s�~ �,�n�NRD��V��Pt��Ode��v��S )�!��՝8G��D}D��k�@]u뵻�mâ~�\�,�:��$��b�W7�XY.M�~D��8�5�-�..�n� {�^��lwlР��x�-��v��LѠ.�n0�CKu��Q��uk��>n��I�^��D\|D}>D��ݹ�o��K\�Gt��;��8c<��g�5\t˹Ë�SoIQWU��Er?��Mq_H�75�j��un��/w^K��{��S /+��6�Şr�a?y�cO{��WE��^sf/X��۝��IXY8�A�{6��<� %��g�d?�!xC�z�I��g�({.�zx��ņO ��7q\|��0�~3�D<븏��r��x��Y��U4P>�RF˖-��V��[ ��m�(�ᆟ��r��x��/�=WM�\��I�@��;��)�1�A� �p8�KПԇ�e6\|F ��g��D#H��.ң]��pq�Ϝj��]8�?]I��L��J'��C��{AO0˳#��:��@Z��qH!�`�PH��<�M�u4xo�om ��)�2�1��p4�ŗ�O��b6y�p�8��<�g��t�A��'� m ��c��m��Gp�'�Ҋ�HZ��a�X��h>x�o5b�1�A.�,,�ً�t�T�DѠ_��r��E�R��\|4ԩ��&:�ʴ{�1��~��d1<��@��e�$�Q4"�p��4;a�UO��Gt]��A�)$&��:� ��_v��h�:J��ds>��Ҡ/�n��QET:�k>��'��ڨG��,��~k�P�T'{�#d${\|��҇��EDg�`�;�q�g:��먡!å�g�c �GZ�3[� h$ V?U�ª�X��~�r�ꖄQ�i%V� ]}�uGw6�Aa��G��%��ԑ߻��b��k8�D��E��7�P�W?�Ɏ~��$��sU�s��vN`��{�~�Düd��APcu�t�[�WX��t�~:��ج��g��Q��S�w�_C�8��3�ЇFCn`\��r�1�Xc��ht��,��[�E�R�b��Q��h4Q�W��6#�W�yAs��z��nF �$^Z�`��cǎ� �׏�8�0�t��=��0�~�(6�0�tꘐN��<�1��ʲ#�`0��@�n]��n\d��<$&��b=˴�u��b<@�!��`��!qD��E�A4w�j��j�,�d40��@�� 4u��A�dF��g ��܃�4:Yvm�t]7��0uBx��&S��p_ר�>�n��u�8.��) Ѣe�0�Po�,6��$��;�7�ke� + � e�.�t�f��_��#<e%��ʍEb�u��ڡ.-�.�=��<��f�0��ǒ�#N��hd�\|�գ�y�/d� :7�E�٢��+F �Q�p�؂�ZPA�uPy��~t�a�X��gy[xR�Sh��@U��@�ʍ��[Ѓ��-'@8lb7��6�g�٩7p��u��h��@p�ơ\�{�/��&`Gw�g^_�i��I�`�jmp(A_b�c��=0鏩V#$�4�nj0p��,g�Czi�/K$ ��4N��1C�{.�H,��ķs�'��XṚ�\|��k�5��VnD��`��c��? ��$@��@��%��3�qfrf"��p��3fZgm��a�j��m�8��6��D\|��L�6��Lcp��FjSw�7F��:A?bj"�̟�a��ܦ p��0#�լA�s�Xݫ� љU�(`��c#AMb�倀b�H�`�:�u$\| f;��`��2� ��e��KFf�藈�̛D��3�X��Hl��&D �଀�ø{��d��vrh��2G�Infy�0t �X��~�\|�p�}��ޘO�m��q�ٖ�CDs�P��g��YVO<�fD�wd\�]����7��TX�(�H\|��9s�@\|M��/c��8�13�̋J�c��#�Bedy4��Y�G.�y��T��K�Z��5�p�)#�c�ؙa4S� 8��]�v�]�:�cV�E�� 1�cۦ,"�eK��!PbLE�0kG0�� k;c�?ap�%�L��b:7�z�Bݵ�0�ajm"4=!'b\�8l��V!$�\cFSu�64��x&y�i��B�P�c��-�{1W��l�+S��L�?#��/[ шq yy�{��'��I��Q3�cO��[,�sC��XѰr��趞�kb�0Srp�E�E�=�.�ݦLh�:2� d�<�N��E;E��&�<��n��Z��dk��d�\|*��IEND�B`�
Instances	11
Solution	Manually confirm that the Base64 data does not leak sensitive information, and that the data cannot be aggregated/used to exploit other vulnerabilities.
Reference	https://projects.webappsec.org/w/page/13246936/Information%20Leakage
CWE Id	319
WASC Id	13
Plugin Id	10094

Informational	Information Disclosure - Sensitive Information in URL
Description	The request appeared to contain sensitive information leaked in the URL. This can violate PCI and most organizational compliance policies. You can configure the list of strings for this check to add or remove values specific to your environment.

URL	https://mes-adresses.data.gouv.fr/new?email=zaproxy%40example.com&nom=ZAP
Method	GET
Parameter	email
Attack
Evidence	zaproxy@example.com
Other Info	The URL contains email address(es).
Instances	1
Solution	Do not pass sensitive information in URIs.
Reference
CWE Id	598
WASC Id	13
Plugin Id	10024

Informational	Information Disclosure - Suspicious Comments
Description	The response appears to contain suspicious comments which may help an attacker.

URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/71-471e2f88eca491f7.js
Method	GET
Parameter
Attack
Evidence	select
Other Info	The following pattern was used: \bSELECT\b and was detected in likely comment: "//github.com/date-fns/date-fns/blob/master/docs/upgradeGuide.md#string-arguments"),console.warn(Error().stack)),new Date(NaN))}f", see evidence field for the suspicious comment/snippet.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/ee759108-a104293355af2ca5.js
Method	GET
Parameter
Attack
Evidence	From
Other Info	The following pattern was used: \bFROM\b and was detected in likely comment: "//goo.gl/MqrFmX\n")}},Async.prototype.invokeLater=function(t,r,n){this._lateQueue.push(t,r,n),this._queueTick()},Async.prototype", see evidence field for the suspicious comment/snippet.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/framework-6aec168087f9e1ce.js
Method	GET
Parameter
Attack
Evidence	db
Other Info	The following pattern was used: \bDB\b and was detected in likely comment: "//reactjs.org/docs/error-decoder.html?invariant="+n,a=1;a<arguments.length;a++)t+="&args[]="+encodeURIComponent(arguments[a]);re", see evidence field for the suspicious comment/snippet.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/main-786e6dbae0cca730.js
Method	GET
Parameter
Attack
Evidence	query
Other Info	The following pattern was used: \bQUERY\b and was detected in likely comment: "//"+f+":"+d+(y?"/"+y:"");y.startsWith("http")&&(_=h+"://"+y.split("://")[1]),(o=new window.WebSocket(""+_+r.path)).onopen=functi", see evidence field for the suspicious comment/snippet.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/pages/_app-29e2d848d323f6c4.js
Method	GET
Parameter
Attack
Evidence	query
Other Info	The following pattern was used: \bQUERY\b and was detected in likely comment: "//feross.org/opensource> /o.read=function(e,o,i,a,s){var l,d,f=8s-a-1,p=(1<<f)-1,m=p>>1,g=-7,y=i?s-1:0,b=i?-1:1,v=e[o+y];for(y", see evidence field for the suspicious comment/snippet.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
Method	GET
Parameter
Attack
Evidence	query
Other Info	The following pattern was used: \bQUERY\b and was detected in likely comment: "//a"),e=t.searchParams,r="";return t.pathname="c%20d",e.forEach(function(t,n){e.delete("b"),r+=n+t}),!e.sort\|\|"http://a/c%20d?a=", see evidence field for the suspicious comment/snippet.
Instances	6
Solution	Remove all comments that return information that may help an attacker and fix any underlying problems they refer to.
Reference
CWE Id	615
WASC Id	13
Plugin Id	10027

Informational	Modern Web Application
Description	The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/new?demo=1
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/new?email=zaproxy%40example.com&nom=ZAP
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
URL	https://mes-adresses.data.gouv.fr/sitemap.xml
Method	GET
Parameter
Attack
Evidence	<noscript data-n-css=""></noscript>
Other Info	A noScript tag has been found, which is an indication that the application works differently with JavaScript enabled compared to when it is not.
Instances	8
Solution	This is an informational alert and so no changes are required.
Reference
CWE Id
WASC Id
Plugin Id	10109

Informational	Non-Storable Content
Description	The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.

URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter
Attack
Evidence	no-store
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter
Attack
Evidence	no-store
Other Info
URL	https://mes-adresses.data.gouv.fr/sitemap.xml
Method	GET
Parameter
Attack
Evidence	no-store
Other Info
Instances	3
Solution	The content may be marked as storable by ensuring that the following conditions are satisfied: The request method must be understood by the cache and defined as being cacheable ("GET", "HEAD", and "POST" are currently defined as cacheable) The response status code must be understood by the cache (one of the 1XX, 2XX, 3XX, 4XX, or 5XX response classes are generally understood) The "no-store" cache directive must not appear in the request or response header fields For caching by "shared" caches such as "proxy" caches, the "private" response directive must not appear in the response For caching by "shared" caches such as "proxy" caches, the "Authorization" header field must not appear in the request, unless the response explicitly allows it (using one of the "must-revalidate", "public", or "s-maxage" Cache-Control response directives) In addition to the conditions above, at least one of the following conditions must also be satisfied by the response: It must contain an "Expires" header field It must contain a "max-age" response directive For "shared" caches such as "proxy" caches, it must contain a "s-maxage" response directive It must contain a "Cache Control Extension" that allows it to be cached It must have a status code that is defined as cacheable by default (200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501).
Reference	https://datatracker.ietf.org/doc/html/rfc7234 https://datatracker.ietf.org/doc/html/rfc7231 https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html
CWE Id	524
WASC Id	13
Plugin Id	10049

Informational	Re-examine Cache-control Directives
Description	The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	cache-control
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter	cache-control
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter	cache-control
Attack
Evidence
Other Info
Instances	3
Solution	For secure content, ensure the cache-control HTTP header is set with "no-cache, no-store, must-revalidate". If an asset should be cached consider setting the directives "public, max-age, immutable".
Reference	https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#web-content-caching https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control https://grayduck.mn/2021/09/13/cache-control-recommendations/
CWE Id	525
WASC Id	13
Plugin Id	10015

Informational	Sec-Fetch-Dest Header is Missing
Description	Specifies how and where the data would be used. For instance, if the value is audio, then the requested resource must be audio data and not any other type of resource.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Sec-Fetch-Dest
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Sec-Fetch-Dest
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter	Sec-Fetch-Dest
Attack
Evidence
Other Info
Instances	3
Solution	Ensure that Sec-Fetch-Dest header is included in request headers.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest
CWE Id	352
WASC Id	9
Plugin Id	90005

Informational	Sec-Fetch-Mode Header is Missing
Description	Allows to differentiate between requests for navigating between HTML pages and requests for loading resources like images, audio etc.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Sec-Fetch-Mode
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Sec-Fetch-Mode
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter	Sec-Fetch-Mode
Attack
Evidence
Other Info
Instances	3
Solution	Ensure that Sec-Fetch-Mode header is included in request headers.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode
CWE Id	352
WASC Id	9
Plugin Id	90005

Informational	Sec-Fetch-Site Header is Missing
Description	Specifies the relationship between request initiator's origin and target's origin.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Sec-Fetch-Site
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Sec-Fetch-Site
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter	Sec-Fetch-Site
Attack
Evidence
Other Info
Instances	3
Solution	Ensure that Sec-Fetch-Site header is included in request headers.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site
CWE Id	352
WASC Id	9
Plugin Id	90005

Informational	Sec-Fetch-User Header is Missing
Description	Specifies if a navigation request was initiated by a user.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter	Sec-Fetch-User
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/new
Method	GET
Parameter	Sec-Fetch-User
Attack
Evidence
Other Info
URL	https://mes-adresses.data.gouv.fr/robots.txt
Method	GET
Parameter	Sec-Fetch-User
Attack
Evidence
Other Info
Instances	3
Solution	Ensure that Sec-Fetch-User header is included in user initiated requests.
Reference	https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-User
CWE Id	352
WASC Id	9
Plugin Id	90005

Informational	Storable and Cacheable Content
Description	The response contents are storable by caching components such as proxy servers, and may be retrieved directly from the cache, rather than from the origin server by the caching servers, in response to similar requests from other users. If the response data is sensitive, personal or user-specific, this may result in sensitive information being leaked. In some cases, this may even result in a user gaining complete control of the session of another user, depending on the configuration of the caching components in use in their environment. This is primarily an issue where "shared" caching servers such as "proxy" caches are configured on the local network. This configuration is typically found in corporate or educational environments, for instance.

URL	https://mes-adresses.data.gouv.fr/
Method	GET
Parameter
Attack
Evidence
Other Info	In the absence of an explicitly specified caching lifetime directive in the response, a liberal lifetime heuristic of 1 year was assumed. This is permitted by rfc7234.
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/framework-6aec168087f9e1ce.js
Method	GET
Parameter
Attack
Evidence	max-age=31536000
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/pages/index-6b9d601053f60fea.js
Method	GET
Parameter
Attack
Evidence	max-age=31536000
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/chunks/webpack-d5b311616cc32ac9.js
Method	GET
Parameter
Attack
Evidence	max-age=31536000
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/css/212ba31df1f483a0.css
Method	GET
Parameter
Attack
Evidence	max-age=31536000
Other Info
URL	https://mes-adresses.data.gouv.fr/_next/static/fzJhI6JcWiLnnRDcjul0c/_ssgManifest.js
Method	GET
Parameter
Attack
Evidence	max-age=31536000
Other Info
URL	https://mes-adresses.data.gouv.fr/accessibilite
Method	GET
Parameter
Attack
Evidence
Other Info	In the absence of an explicitly specified caching lifetime directive in the response, a liberal lifetime heuristic of 1 year was assumed. This is permitted by rfc7234.
URL	https://mes-adresses.data.gouv.fr/mentions-legales
Method	GET
Parameter
Attack
Evidence
Other Info	In the absence of an explicitly specified caching lifetime directive in the response, a liberal lifetime heuristic of 1 year was assumed. This is permitted by rfc7234.
Instances	8
Solution	Validate that the response does not contain sensitive, personal or user-specific information. If it does, consider the use of the following HTTP response headers, to limit, or prevent the content being stored and retrieved from the cache by another user: Cache-Control: no-cache, no-store, must-revalidate, private Pragma: no-cache Expires: 0 This configuration directs both HTTP 1.0 and HTTP 1.1 compliant caching servers to not store the response, and to not retrieve the response (without validation) from the cache, in response to a similar request.
Reference	https://datatracker.ietf.org/doc/html/rfc7234 https://datatracker.ietf.org/doc/html/rfc7231 https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html
CWE Id	524
WASC Id	13
Plugin Id	10049

Sequence Details

^{With the associated active scan results.}