Ouvivre
https://ouvivre.app365.frRésumé
{
"seo": {
"ok": true,
"lang": null,
"score": 49,
"title": null,
"h1Count": 0,
"finalUrl": "https://ouvivre.app365.fr/",
"imgTotal": 0,
"robotsOk": false,
"canonical": null,
"sitemapOk": false,
"ogComplete": false,
"jsonLdCount": 0,
"titleLength": 0,
"imgWithoutAlt": 0,
"descriptionLength": 0
},
"tls": {
"ok": true,
"host": "ouvivre.app365.fr",
"cipher": "TLS_AES_128_GCM_SHA256",
"issuer": "YE2",
"subject": "ouvivre.app365.fr",
"validTo": "2026-10-04T07:17:26.000Z",
"protocol": "TLSv1.3",
"daysToExpiry": 86
},
"deps": {
"ok": true,
"detected": [
"Caddy"
],
"versionedCount": 0
},
"ports": {
"ok": true,
"host": "ouvivre.app365.fr",
"scanned": 30,
"services": {
"22": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
"80": "http Caddy httpd",
"443": "ssl/http Caddy httpd"
},
"openPorts": [
22,
80,
443
]
},
"uptime": {
"ok": true,
"method": "HEAD",
"finalUrl": "https://ouvivre.app365.fr/",
"httpStatus": 502,
"redirected": true,
"responseTimeMs": 3023
},
"headers": {
"ok": true,
"score": 28,
"server": "Caddy",
"headers": {
"Referrer-Policy": null,
"X-Frame-Options": null,
"Permissions-Policy": null,
"X-Content-Type-Options": null,
"Content-Security-Policy": null,
"Strict-Transport-Security": null
},
"httpStatus": 502
}
}Findings (19)
- CRITICALErreur serveur 502
UPTIME_5XXHEAD https://ouvivre.app365.fr → 502 Bad Gateway
evidence
{ "method": "HEAD", "status": 502, "finalUrl": "https://ouvivre.app365.fr/" } - MEDIUMRéponse lente (3023 ms)
UPTIME_SLOWSeuil d'alerte : 3000 ms
evidence
{ "elapsedMs": 3023 }
- HIGHHSTS absent
SEC_HEADER_HSTSSans HSTS, un visiteur peut être redirigé vers HTTP.
evidence
{ "value": null, "header": "Strict-Transport-Security", "recommend": "max-age=31536000; includeSubDomains; preload" } - MEDIUMX-Frame-Options absent
SEC_HEADER_X_FRAMERisque de clickjacking. Mettre DENY ou SAMEORIGIN.
evidence
{ "value": null, "header": "X-Frame-Options", "recommend": "DENY ou SAMEORIGIN" } - MEDIUMContent-Security-Policy absent
SEC_HEADER_CSPUne CSP réduit le risque d'XSS. À définir au moins avec default-src.
evidence
{ "value": null, "header": "Content-Security-Policy", "recommend": "Définir une CSP restrictive" } - LOWX-Content-Type-Options absent
SEC_HEADER_X_CTORecommandé : nosniff.
evidence
{ "value": null, "header": "X-Content-Type-Options", "recommend": "nosniff" } - LOWReferrer-Policy absent
SEC_HEADER_REFERRERRecommandé : strict-origin-when-cross-origin.
evidence
{ "value": null, "header": "Referrer-Policy", "recommend": "strict-origin-when-cross-origin" } - INFOPermissions-Policy absent
SEC_HEADER_PERMISSIONSOptionnel mais recommandé pour restreindre les API navigateur.
evidence
{ "value": null, "header": "Permissions-Policy", "recommend": "geolocation=(), microphone=(), camera=()" }
- HIGHBalise <title> manquante
SEO_MISSING_TITLE - MEDIUMMeta viewport absent
SEO_NO_VIEWPORTRecommandé : <meta name="viewport" content="width=device-width, initial-scale=1">
- MEDIUMAucun <h1> sur la page
SEO_NO_H1 - MEDIUMMeta description manquante
SEO_MISSING_DESCRIPTION - LOWBalise canonical absente
SEO_NO_CANONICAL - LOWrobots.txt absent ou inaccessible
SEO_NO_ROBOTSStatut 502 sur https://ouvivre.app365.fr/robots.txt
- LOWOpen Graph incomplet (manquant : og:title, og:description, og:image)
SEO_INCOMPLETE_OGAméliore les previews sur réseaux sociaux.
evidence
{ "missing": [ "og:title", "og:description", "og:image" ] } - LOWAttribut <html lang> absent
SEO_NO_LANGRecommandé pour l'accessibilité et le SEO international.
- LOWsitemap.xml absent
SEO_NO_SITEMAPPas de sitemap à https://ouvivre.app365.fr/sitemap.xml et aucune référence dans robots.txt.
- HIGHPort 22/ssh ouvert publiquement
PORT_OPEN_REMOTEAccès à distance exposé. À limiter par firewall ou désactiver si non utilisé.
evidence
{ "port": 22, "service": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)", "category": "REMOTE" }
- INFOFramework divulgué via Server: Caddy
DEPS_FRAMEWORK_DISCLOSUREevidence
{ "value": "Caddy", "header": "server" }