Grafana
https://grafana.app365.frDémarré 09/07/2026 15:00:48Terminé 09/07/2026 15:01:0516606 msStatut : PARTIALTrigger : schedule:cmph3vjhe0000q7za8x3o6j3g
Résumé
{
"seo": {
"ok": true,
"lang": "en-US",
"score": 77,
"title": "Grafana",
"h1Count": 0,
"finalUrl": "https://grafana.app365.fr/login",
"imgTotal": 1,
"robotsOk": true,
"canonical": null,
"sitemapOk": true,
"ogComplete": false,
"jsonLdCount": 0,
"titleLength": 7,
"imgWithoutAlt": 0,
"descriptionLength": 0
},
"tls": {
"ok": true,
"host": "grafana.app365.fr",
"cipher": "TLS_AES_128_GCM_SHA256",
"issuer": "YE2",
"subject": "grafana.app365.fr",
"validTo": "2026-10-03T15:27:27.000Z",
"protocol": "TLSv1.3",
"daysToExpiry": 86
},
"deps": {
"ok": true,
"detected": [
"1.1 Caddy"
],
"versionedCount": 1
},
"ports": {
"ok": true,
"host": "grafana.app365.fr",
"scanned": 30,
"services": {
"22": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
"80": "http Caddy httpd",
"443": "ssl/http Caddy httpd"
},
"openPorts": [
22,
80,
443
]
},
"uptime": {
"ok": true,
"method": "HEAD",
"finalUrl": "https://grafana.app365.fr/login",
"httpStatus": 200,
"redirected": true,
"responseTimeMs": 32
},
"headers": {
"ok": true,
"score": 78,
"server": null,
"headers": {
"Referrer-Policy": "no-referrer",
"X-Frame-Options": "deny",
"Permissions-Policy": null,
"X-Content-Type-Options": "nosniff",
"Content-Security-Policy": null,
"Strict-Transport-Security": "max-age=31536000; includeSubDomains"
},
"httpStatus": 200
}
}Findings (10)
UPTIME
- INFORedirection vers https://grafana.app365.fr/login
UPTIME_REDIRECThttps://grafana.app365.fr → https://grafana.app365.fr/login
evidence
{ "to": "https://grafana.app365.fr/login", "from": "https://grafana.app365.fr" }
HEADERS
- MEDIUMContent-Security-Policy absent
SEC_HEADER_CSPUne CSP réduit le risque d'XSS. À définir au moins avec default-src.
evidence
{ "value": null, "header": "Content-Security-Policy", "recommend": "Définir une CSP restrictive" } - INFOPermissions-Policy absent
SEC_HEADER_PERMISSIONSOptionnel mais recommandé pour restreindre les API navigateur.
evidence
{ "value": null, "header": "Permissions-Policy", "recommend": "geolocation=(), microphone=(), camera=()" }
SEO
- MEDIUMAucun <h1> sur la page
SEO_NO_H1 - MEDIUMMeta description manquante
SEO_MISSING_DESCRIPTION - LOWLongueur de title hors plage (7 caractères)
SEO_TITLE_LENGTHIdéal : 30-60 caractères pour éviter la troncature SERP.
evidence
{ "title": "Grafana" } - LOWBalise canonical absente
SEO_NO_CANONICAL - LOWOpen Graph incomplet (manquant : og:title, og:description, og:image)
SEO_INCOMPLETE_OGAméliore les previews sur réseaux sociaux.
evidence
{ "missing": [ "og:title", "og:description", "og:image" ] }
PORTS
- HIGHPort 22/ssh ouvert publiquement
PORT_OPEN_REMOTEAccès à distance exposé. À limiter par firewall ou désactiver si non utilisé.
evidence
{ "port": 22, "service": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)", "category": "REMOTE" }
DEPS
- LOWVersion divulguée via Via: 1.1 Caddy
DEPS_VERSION_DISCLOSUREExposer une version aide les attaquants à cibler les CVE connus. À masquer côté serveur ou reverse-proxy.
evidence
{ "value": "1.1 Caddy", "header": "via", "detected": "1.1 Caddy" }