Pulse

monitoring app365.fr

tcauto

https://tcauto.app365.fr
Démarré 09/07/2026 16:00:16Terminé 09/07/2026 16:00:3215320 msStatut : PARTIALTrigger : schedule:cmph3vjhe0000q7za8x3o6j3g

Résumé

{
  "seo": {
    "ok": true,
    "lang": "fr",
    "score": 97,
    "title": "tcauto — Voiture thermique vs électrique",
    "h1Count": 1,
    "finalUrl": "https://tcauto.app365.fr/",
    "imgTotal": 0,
    "robotsOk": true,
    "canonical": null,
    "sitemapOk": true,
    "ogComplete": true,
    "jsonLdCount": 0,
    "titleLength": 40,
    "imgWithoutAlt": 0,
    "descriptionLength": 104
  },
  "tls": {
    "ok": true,
    "host": "tcauto.app365.fr",
    "cipher": "TLS_AES_128_GCM_SHA256",
    "issuer": "E8",
    "subject": "tcauto.app365.fr",
    "validTo": "2026-08-16T10:19:50.000Z",
    "protocol": "TLSv1.3",
    "daysToExpiry": 37
  },
  "deps": {
    "ok": true,
    "detected": [
      "Next.js",
      "1.1 Caddy",
      "Next.js"
    ],
    "versionedCount": 1
  },
  "ports": {
    "ok": true,
    "host": "tcauto.app365.fr",
    "scanned": 30,
    "services": {
      "22": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
      "80": "http Caddy httpd",
      "443": "ssl/http Caddy httpd"
    },
    "openPorts": [
      22,
      80,
      443
    ]
  },
  "uptime": {
    "ok": true,
    "method": "HEAD",
    "finalUrl": "https://tcauto.app365.fr/",
    "httpStatus": 200,
    "redirected": true,
    "responseTimeMs": 22
  },
  "headers": {
    "ok": true,
    "score": 89,
    "server": null,
    "headers": {
      "Referrer-Policy": "strict-origin-when-cross-origin",
      "X-Frame-Options": "DENY",
      "Permissions-Policy": "geolocation=(), microphone=(), camera=()",
      "X-Content-Type-Options": "nosniff",
      "Content-Security-Policy": null,
      "Strict-Transport-Security": "max-age=31536000; includeSubDomains; preload"
    },
    "httpStatus": 200
  }
}

Findings (7)

UPTIME
  • INFORedirection vers https://tcauto.app365.fr/UPTIME_REDIRECT

    https://tcauto.app365.fr → https://tcauto.app365.fr/

    evidence
    {
      "to": "https://tcauto.app365.fr/",
      "from": "https://tcauto.app365.fr"
    }
HEADERS
  • MEDIUMContent-Security-Policy absentSEC_HEADER_CSP

    Une CSP réduit le risque d'XSS. À définir au moins avec default-src.

    evidence
    {
      "value": null,
      "header": "Content-Security-Policy",
      "recommend": "Définir une CSP restrictive"
    }
SEO
  • LOWBalise canonical absenteSEO_NO_CANONICAL
PORTS
  • HIGHPort 22/ssh ouvert publiquementPORT_OPEN_REMOTE

    Accès à distance exposé. À limiter par firewall ou désactiver si non utilisé.

    evidence
    {
      "port": 22,
      "service": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
      "category": "REMOTE"
    }
DEPS
  • LOWVersion divulguée via Via: 1.1 CaddyDEPS_VERSION_DISCLOSURE

    Exposer une version aide les attaquants à cibler les CVE connus. À masquer côté serveur ou reverse-proxy.

    evidence
    {
      "value": "1.1 Caddy",
      "header": "via",
      "detected": "1.1 Caddy"
    }
  • INFOFramework divulgué via X-Powered-By: Next.jsDEPS_FRAMEWORK_DISCLOSURE
    evidence
    {
      "value": "Next.js",
      "header": "x-powered-by"
    }
  • INFONext.js détectéDEPS_FRAMEWORK_HTML

    Signature détectée dans le HTML servi.

    evidence
    {
      "match": "<script src=\"/_next/static/",
      "framework": "Next.js"
    }