EuroGrants
https://eurogrants.app365.frDémarré 09/07/2026 15:00:31Terminé 09/07/2026 15:00:4615638 msStatut : PARTIALTrigger : schedule:cmph3vjhe0000q7za8x3o6j3g
Résumé
{
"seo": {
"ok": true,
"lang": "fr",
"score": 88,
"title": "EuroGrants — Veille subventions EU",
"h1Count": 1,
"finalUrl": "https://eurogrants.app365.fr/",
"imgTotal": 0,
"robotsOk": false,
"canonical": null,
"sitemapOk": false,
"ogComplete": false,
"jsonLdCount": 0,
"titleLength": 34,
"imgWithoutAlt": 0,
"descriptionLength": 81
},
"tls": {
"ok": true,
"host": "eurogrants.app365.fr",
"cipher": "TLS_AES_128_GCM_SHA256",
"issuer": "E8",
"subject": "eurogrants.app365.fr",
"validTo": "2026-08-19T19:55:17.000Z",
"protocol": "TLSv1.3",
"daysToExpiry": 41
},
"deps": {
"ok": true,
"detected": [
"Next.js",
"1.1 Caddy",
"Next.js"
],
"versionedCount": 1
},
"ports": {
"ok": true,
"host": "eurogrants.app365.fr",
"scanned": 30,
"services": {
"22": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
"80": "http Caddy httpd",
"443": "ssl/http Caddy httpd"
},
"openPorts": [
22,
80,
443
]
},
"uptime": {
"ok": true,
"method": "HEAD",
"finalUrl": "https://eurogrants.app365.fr/",
"httpStatus": 200,
"redirected": true,
"responseTimeMs": 129
},
"headers": {
"ok": true,
"score": 89,
"server": null,
"headers": {
"Referrer-Policy": "strict-origin-when-cross-origin",
"X-Frame-Options": "DENY",
"Permissions-Policy": "geolocation=(), microphone=(), camera=()",
"X-Content-Type-Options": "nosniff",
"Content-Security-Policy": null,
"Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload"
},
"httpStatus": 200
}
}Findings (10)
UPTIME
- INFORedirection vers https://eurogrants.app365.fr/
UPTIME_REDIRECThttps://eurogrants.app365.fr → https://eurogrants.app365.fr/
evidence
{ "to": "https://eurogrants.app365.fr/", "from": "https://eurogrants.app365.fr" }
HEADERS
- MEDIUMContent-Security-Policy absent
SEC_HEADER_CSPUne CSP réduit le risque d'XSS. À définir au moins avec default-src.
evidence
{ "value": null, "header": "Content-Security-Policy", "recommend": "Définir une CSP restrictive" }
SEO
- LOWOpen Graph incomplet (manquant : og:title, og:description, og:image)
SEO_INCOMPLETE_OGAméliore les previews sur réseaux sociaux.
evidence
{ "missing": [ "og:title", "og:description", "og:image" ] } - LOWrobots.txt absent ou inaccessible
SEO_NO_ROBOTSStatut 404 sur https://eurogrants.app365.fr/robots.txt
- LOWsitemap.xml absent
SEO_NO_SITEMAPPas de sitemap à https://eurogrants.app365.fr/sitemap.xml et aucune référence dans robots.txt.
- LOWBalise canonical absente
SEO_NO_CANONICAL
PORTS
- HIGHPort 22/ssh ouvert publiquement
PORT_OPEN_REMOTEAccès à distance exposé. À limiter par firewall ou désactiver si non utilisé.
evidence
{ "port": 22, "service": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)", "category": "REMOTE" }
DEPS
- LOWVersion divulguée via Via: 1.1 Caddy
DEPS_VERSION_DISCLOSUREExposer une version aide les attaquants à cibler les CVE connus. À masquer côté serveur ou reverse-proxy.
evidence
{ "value": "1.1 Caddy", "header": "via", "detected": "1.1 Caddy" } - INFOFramework divulgué via X-Powered-By: Next.js
DEPS_FRAMEWORK_DISCLOSUREevidence
{ "value": "Next.js", "header": "x-powered-by" } - INFONext.js détecté
DEPS_FRAMEWORK_HTMLSignature détectée dans le HTML servi.
evidence
{ "match": "<script src=\"/_next/static/", "framework": "Next.js" }