Pulse

monitoring app365.fr

Grafana

https://grafana.app365.fr
Démarré 09/07/2026 16:00:49Terminé 09/07/2026 16:01:0616777 msStatut : PARTIALTrigger : schedule:cmph3vjhe0000q7za8x3o6j3g

Résumé

{
  "seo": {
    "ok": true,
    "lang": "en-US",
    "score": 77,
    "title": "Grafana",
    "h1Count": 0,
    "finalUrl": "https://grafana.app365.fr/login",
    "imgTotal": 1,
    "robotsOk": true,
    "canonical": null,
    "sitemapOk": true,
    "ogComplete": false,
    "jsonLdCount": 0,
    "titleLength": 7,
    "imgWithoutAlt": 0,
    "descriptionLength": 0
  },
  "tls": {
    "ok": true,
    "host": "grafana.app365.fr",
    "cipher": "TLS_AES_128_GCM_SHA256",
    "issuer": "YE2",
    "subject": "grafana.app365.fr",
    "validTo": "2026-10-03T15:27:27.000Z",
    "protocol": "TLSv1.3",
    "daysToExpiry": 86
  },
  "deps": {
    "ok": true,
    "detected": [
      "1.1 Caddy"
    ],
    "versionedCount": 1
  },
  "ports": {
    "ok": true,
    "host": "grafana.app365.fr",
    "scanned": 30,
    "services": {
      "22": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
      "80": "http Caddy httpd",
      "443": "ssl/http Caddy httpd"
    },
    "openPorts": [
      22,
      80,
      443
    ]
  },
  "uptime": {
    "ok": true,
    "method": "HEAD",
    "finalUrl": "https://grafana.app365.fr/login",
    "httpStatus": 200,
    "redirected": true,
    "responseTimeMs": 34
  },
  "headers": {
    "ok": true,
    "score": 78,
    "server": null,
    "headers": {
      "Referrer-Policy": "no-referrer",
      "X-Frame-Options": "deny",
      "Permissions-Policy": null,
      "X-Content-Type-Options": "nosniff",
      "Content-Security-Policy": null,
      "Strict-Transport-Security": "max-age=31536000; includeSubDomains"
    },
    "httpStatus": 200
  }
}

Findings (10)

UPTIME
  • INFORedirection vers https://grafana.app365.fr/loginUPTIME_REDIRECT

    https://grafana.app365.fr → https://grafana.app365.fr/login

    evidence
    {
      "to": "https://grafana.app365.fr/login",
      "from": "https://grafana.app365.fr"
    }
HEADERS
  • MEDIUMContent-Security-Policy absentSEC_HEADER_CSP

    Une CSP réduit le risque d'XSS. À définir au moins avec default-src.

    evidence
    {
      "value": null,
      "header": "Content-Security-Policy",
      "recommend": "Définir une CSP restrictive"
    }
  • INFOPermissions-Policy absentSEC_HEADER_PERMISSIONS

    Optionnel mais recommandé pour restreindre les API navigateur.

    evidence
    {
      "value": null,
      "header": "Permissions-Policy",
      "recommend": "geolocation=(), microphone=(), camera=()"
    }
SEO
  • MEDIUMAucun <h1> sur la pageSEO_NO_H1
  • MEDIUMMeta description manquanteSEO_MISSING_DESCRIPTION
  • LOWLongueur de title hors plage (7 caractères)SEO_TITLE_LENGTH

    Idéal : 30-60 caractères pour éviter la troncature SERP.

    evidence
    {
      "title": "Grafana"
    }
  • LOWBalise canonical absenteSEO_NO_CANONICAL
  • LOWOpen Graph incomplet (manquant : og:title, og:description, og:image)SEO_INCOMPLETE_OG

    Améliore les previews sur réseaux sociaux.

    evidence
    {
      "missing": [
        "og:title",
        "og:description",
        "og:image"
      ]
    }
PORTS
  • HIGHPort 22/ssh ouvert publiquementPORT_OPEN_REMOTE

    Accès à distance exposé. À limiter par firewall ou désactiver si non utilisé.

    evidence
    {
      "port": 22,
      "service": "ssh OpenSSH 9.2p1 Debian 2+deb12u10 (protocol 2.0)",
      "category": "REMOTE"
    }
DEPS
  • LOWVersion divulguée via Via: 1.1 CaddyDEPS_VERSION_DISCLOSURE

    Exposer une version aide les attaquants à cibler les CVE connus. À masquer côté serveur ou reverse-proxy.

    evidence
    {
      "value": "1.1 Caddy",
      "header": "via",
      "detected": "1.1 Caddy"
    }