Paramètres d'affichage

Choisissez un thème pour personnaliser l'apparence du site.

https://www.demarches-simplifiees.fr

Dématérialiser n’importe quelle démarche administrative en quelques minutes
environ 6 heures

dinum_produits_interministeriels

fiche beta.gouv.fr

Copie d'écran de https://www.demarches-simplifiees.fr

Nmap

Scan Summary :

B

severityservicevulnerability

info

http (port:80)

info

ident (port:113)

info

https (port:443)
Consulter le rapport détaillé

Mozilla HTTP observatory

Scan Summary :

B

ImpactDescriptionDocumentation

-20

Content Security Policy (CSP) implemented unsafely. This includes 'unsafe-inline' or data: inside script-src, overly broad sources such as https: inside object-src or script-src, or not restricting the sources for object-src or script-src.

Remove unsafe-inline and data: from script-src, overly broad sources from object-src and script-src, and ensure object-src and script-src are set.

-5

Cookies set without using the Secure flag, but transmission over HTTP prevented by HSTS.

Documentation for cookies-secure-with-httponly-sessions

Rapport détaillé

SSL

Scan Summary :

T


Grade capped to T. Issues with chain of trust (self signed CA in chain)


Expiration : 24/06/2025

Rapport détaillé

Scan OWASPenviron 6 heures

riskname

Medium (High)

CSP: Failure to Define Directive with No Fallback

Medium (High)

CSP: Wildcard Directive

Medium (High)

CSP: script-src unsafe-eval

Medium (High)

CSP: script-src unsafe-inline

Medium (High)

CSP: style-src unsafe-inline

Medium (High)

Content Security Policy (CSP) Header Not Set

Low (Medium)

Application Error Disclosure

Low (Medium)

Cookie Without Secure Flag

Low (Medium)

Insufficient Site Isolation Against Spectre Vulnerability

Low (Medium)

Permissions Policy Header Not Set

Low (Medium)

X-Content-Type-Options Header Missing

Low (Low)

Full Path Disclosure

Low (Low)

Timestamp Disclosure - Unix

Informational (High)

Sec-Fetch-Dest Header is Missing

Informational (High)

Sec-Fetch-Mode Header is Missing

Informational (High)

Sec-Fetch-Site Header is Missing

Informational (High)

Sec-Fetch-User Header is Missing

Informational (Medium)

Base64 Disclosure

Informational (Medium)

Information Disclosure - Sensitive Information in URL

Informational (Medium)

Modern Web Application

Informational (Medium)

Non-Storable Content

Informational (Medium)

Session Management Response Identified

Informational (Medium)

Storable and Cacheable Content

Informational (Low)

Authentication Request Identified

Informational (Low)

Information Disclosure - Suspicious Comments

Informational (Low)

Re-examine Cache-control Directives

Informational (Low)

User Controllable HTML Element Attribute (Potential XSS)

Rapport détaillé