https://mon.franceconnect.gouv.fr

environ 3 heures

startup

Copie d'écran de https://mon.franceconnect.gouv.fr

Nmap

Scan Summary :

A

severity	service	vulnerability
info	http (port:80)
info	http (port:443)

Consulter le rapport détaillé

Mozilla HTTP observatory

Scan Summary :

C

Impact	Description	Documentation
-25	Content Security Policy (CSP) header not implemented	Implement one, see MDN's Content Security Policy (CSP) documentation.
-20	`X-Frame-Options` (XFO) header not implemented.	Documentation for x-frame-options-sameorigin-or-deny
-5	`X-Content-Type-Options` header not implemented.	Documentation for x-content-type-options-nosniff

Rapport détaillé

SSL

Scan Summary :

B

Grade capped to B. Forward Secrecy (FS) is not supported

Expiration : 28/07/2025

Rapport détaillé

Scan OWASPenviron 3 heures

risk	name
Medium (High)	Content Security Policy (CSP) Header Not Set
Medium (Medium)	Missing Anti-clickjacking Header
Low (Medium)	Insufficient Site Isolation Against Spectre Vulnerability
Low (Medium)	Permissions Policy Header Not Set
Low (Medium)	X-Content-Type-Options Header Missing
Informational (High)	Sec-Fetch-Dest Header is Missing
Informational (High)	Sec-Fetch-Mode Header is Missing
Informational (High)	Sec-Fetch-Site Header is Missing
Informational (High)	Sec-Fetch-User Header is Missing
Informational (Medium)	Modern Web Application
Informational (Medium)	Storable and Cacheable Content
Informational (Low)	Re-examine Cache-control Directives

Rapport détaillé