OOI_database_seed.json

[
  {
    "model": "tools.ooiinformation",
    "pk": "Network",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "A computer network is a group of computers that use a set of common communication protocols over digital interconnections for the purpose of sharing resources located on or provided by the network nodes. The interconnections between nodes are formed from a broad spectrum of telecommunication network technologies, based on physically wired, optical, and wireless radio-frequency methods that may be arranged in a variety of network topologies."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSRecord",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSZone",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "A DNS zone is any distinct, contiguous portion of the domain name space in the Domain Name System (DNS) for which administrative responsibility has been delegated to a single manager."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "CVEFindingType",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "KAT findings are Vulnerabilities and Exposures defined and found by the KAT team of Min VWS"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "IPAddressV6",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. "
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "IPAddressV4",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "An Internet Protocol address (IP address) is a numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.[1][2] An IP address serves two main functions: host or network interface identification and location addressing. Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit number."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "IPPort",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "In computer networking, a port is a communication endpoint. At the software level, within an operating system, a port is a logical construct that identifies a specific process or a type of network service. A port is identified for each transport protocol and address combination by a 16-bit unsigned number, known as the port number. The most common transport protocols that use port numbers are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP)."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "IPService",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "An IP Service is formed of an IP Virtual Connection (IPVC) that links together IPVC End Points at External Interfaces (EIs). EIs are what MEF calls the boundary between what is the responsibility of the service provider and what isn't."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "Service",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "An IP Service is formed of an IP Virtual Connection (IPVC) that links together IPVC End Points at External Interfaces (EIs). EIs are what MEF calls the boundary between what is the responsibility of the service provider and what isn't."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "Software",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "Software is a collection of instructions and data that tell a computer how to work. This is in contrast to physical hardware, from which the system is built and actually performs the work."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "Website",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "A website (also written as web site) is a collection of web pages and related content that is identified by a common domain name and published on at least one web server. Notable examples are wikipedia.org, google.com, and minvws.nl."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSARecord",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. The A record holds the IP4 address of a domain."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSAAAARecord",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. The Aaaa record holds the IP6 address of a domain."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSMXRecord",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. The Mx record directs mail to an email server."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSRecord",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. The Txt record lets an admin store text notes in the record."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFRecord",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. The Spf record is a specific kind of Txt record which stores email authentication information."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismIP",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Spf mechanisms are different ways an address can be entered into the Spf record. The different options are: IPv4, IPv6, hostname, and netblock. These addresses are sometimes accompanied by a qualifier which indicates whether the address should be allowed or rejected. The absence of a qualifier automatically defaults the address to being allowed by the mailserver."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismHostname",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Spf mechanisms are different ways an address can be entered into the Spf record. The different options are: IPv4, IPv6, hostname, and netblock. These addresses are sometimes accompanied by a qualifier which indicates whether the address should be allowed or rejected. The absence of a qualifier automatically defaults the address to being allowed by the mailserver."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismNetBlock",
    "fields": {
      "last_updated": "2021-07-14T14:50:09.835Z",
      "data": {
        "description": "The Spf mechanisms are different ways an address can be entered into the Spf record. The different options are: IPv4, IPv6, hostname, and netblock. These addresses are sometimes accompanied by a qualifier which indicates whether the address should be allowed or rejected. The absence of a qualifier automatically defaults the address to being allowed by the mailserver."
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-500",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The website does not use HTTP Strict Transport Security (HSTS). Via HSTS the browser is configured to only connect via a proper secured HTTPS connection to the website.",
        "impact": "When a browser uses the HTTP protocol, the network connection is not encrypted, so computers in the chain between the web server and the browser can read the data traffic. This makes data and identity theft possible, as well as manipulating data traffic, allowing for all kinds of fraud scenarios. With HSTS, only HTTPS traffic to the website is accepted by the browser.",
        "recommendation": "Set the Strict-Transport-Security HTTP header in all HTTP answers.",
        "source": "https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-501",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The website does not use a Content Security Policy configuration.",
        "impact": "The usage possibility of JavaScript is not limited by the website. If the website contains a cross-site scripting vulnerability, then JavaScript code can be injected into the web page. This code is then executed by the browser of the victim. If a well-established Content Security Policy is active, the attacker can inject JavaScript code into the browser of the victim, but then the code will not get executed by the browser. A good configured Content Security Policy is a strong protection against cross-site scripting vulnerabilities.",
        "recommendation": "1. Set the Content-Security-Policy HTTP header in all HTTP answers. 2. Make sure that when the Content Security Policy is violated by a browser, that this violation is logged and monitored. Point the content security violation variable report-uri to a server-side log script. Implement a process that periodically analyses these logs for programming errors and hack attacks.",
        "source": "https://en.wikipedia.org/wiki/Content_Security_Policy",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-502",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The HTTP header X-Permitted-Cross-Domain- Policies is missing in HTTP responses.",
        "impact": "When the value of this header is not set to master- only, Adobe Flash or Adobe Acrobat (and possibly other software) can also look at cross-domain configuration files hosted at the web server.",
        "recommendation": "Set the HTTP header X-Permitted-Cross- Domain-Policies: none in all HTTP responses. Use value master-only if a Flash or Acrobat cross- domain configuration file is used that is placed in the root of the web server",
        "source": "https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#tab=Headers",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-503",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The cross-site scripting filter of Internet Explorer, Chrome and Safari is not enabled explicitly.",
        "impact": "Reflected cross-site scripting attacks may not be blocked.",
        "recommendation": "Set the HTTP header X-XSS-Protection: 1; mode=block in all HTTP answers.",
        "source": "https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#tab=Headers",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-504",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "HTTP header 'X-Frame-Options' is missing. It is possible that the website can be loaded via an <iframe>.",
        "impact": "There is a change that clickjacking is possible. This is an attack technique in which the website is invisibly loaded. On top of the original website, another malicious website is loaded that contains specially placed buttons or links. When the victim clicks on those buttons or links, the mouse click and thus its corresponding action is performed on the original website (which is made invisible). If the victim is logged in, then this click can perform an unauthorized action.",
        "recommendation": "1. Set the HTTP header <c>X-Frame- Options</c> with value deny (safest) or sameorigin in every HTTP answer for older browsers. 2. Set the frame-ancestors variable in the Content-Security-Policy header for modern browsers. 3. Add JavaScript code to all pages to ensure that these web pages may not be loaded within an <iframe>. In this manner also very old browsers are protected that do not support the HTTP header X-Frame-Options.",
        "source": "https://en.wikipedia.org/wiki/Clickjacking",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-505",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The HTTP header X-DNS-Prefetch-Control is missing.",
        "recommendation": "Set HTTP header X-DNS-Prefetch-Control: off in all HTTP answers.",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-506",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "HTTP header 'Expect-CT' is missing. The Expect-CT header allows sites to opt in to reporting and/or enforcement of Certificate Transparency requirements.",
        "impact": "The Expect-CT header prevents the use of misissued certificates for the website from going unnoticed.",
        "recommendation": "Set HTTP header Expect-CT in all HTTP answers and configure the report-uri variable.",
        "source": "https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-507",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The HTTP header Permissions-Policy is missing. Via this header a website can set limits on what kind of capabilities a web pages is allowed to access in browsers that render them. For example, the header can prohibit the web page from addressing the microphone, camera, location or phone sensors.",
        "impact": "When the website has a cross-site scripting vulnerability, then the attacker exploiting this vulnerability can use all the capabilities of the victim's browser.",
        "recommendation": "Set the Permissions-Policy HTTP header in all HTTP answers.",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-508",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The HTTP header Referrer-Policy is missing in HTTP responses.",
        "impact": "When a website visitor clicks on a link to another website, the user's browser sends through the Referer HTTP header (a part of the URL) to the other website. The website that is linked to will know which website (and webpage, if HTTP was used) the visitor came from. This is a privacy leak for the website visitor. In some cases, sensitive information such as session tokens may leak to websites that are linked to.",
        "recommendation": "Set the header Referrer-Policy: no- referrer in every HTTP answer.",
        "source": "https://scotthelme.co.uk/a-new-security-header-referrer-policy/",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-509",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The HTTP header <c>X-Content-Type- Options</c> is not set. Internet Explorer and Chrome apply MIME type sniffing in order to guess the content type of a document served and ignore the file extension.",
        "impact": "A malicious user of the system could upload a legitimate file containing HTML code to the website (if such functionality exists) with a file extension such as <c>.jpg</c> or <c>.png</c>. If the victim uses Internet Explorer or Chrome and downloads the malicious file, the uploaded HTML code will be executed, even though the file contains an image extension and the server would return an image header such as <c>Content-Type: image/jpeg</c>. This may include a <i>cross-site scripting</i> vulnerability.",
        "recommendation": "Set the HTTP header <c>X-Content-Type- Options: nosniff</c> in at least all web pages that contain user input (and uploads).",
        "source": "http://www.owasp.org/index.php/Cross-site_Scripting_(XSS)",
        "risk": "Very low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-540",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The server supports SSL version 2. This is a protocol that encrypts data traffic through an old and very discouraged protocol which has serious vulnerabilities.",
        "recommendation": "Disable support for SSL version 2.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-541",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The server supports SSL version 3. This is a protocol that encrypts data traffic through an old and very discouraged protocol which has serious vulnerabilities.",
        "recommendation": "Disable support for SSL version 3.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-542",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The server supports TLS version 1.0. This is a protocol that encrypts data traffic through a deprecated and discouraged protocol which has security risks.",
        "recommendation": "Disable support for TLS version 1.0.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-543",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The server supports TLS version 1.1. This is a protocol that encrypts data traffic through a deprecated and discouraged protocol which has security risks.",
        "recommendation": "Disable support for TLS version 1.1.",
        "risk": "Very Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-544",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The server supports TLS version 1.0 and 1,1. These are protocols that encrypts data traffic using deprecated and discouraged protocols that contain security risks.",
        "recommendation": "Disable support for TLS version 1.0 and 1.1.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-545",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "TLS version 1.2 is not supported. This is a current and recommended protocol that securely encrypts data traffic.",
        "recommendation": "Enable support for TLS version 1.2.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-546",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "TLS version 1.3 is not supported. This is a current and recommended protocol that securely encrypts data traffic.",
        "recommendation": "Enable support for TLS version 1.3.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-547",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The encrypted connection provides no protection against downgrade attacks.",
        "recommendation": "Implement TLS_FALLBACK_SCSV.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-560",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "A system administration port is open.",
        "recommendation": "Secure this port",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-561",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "A database port is open.",
        "recommendation": "Secure this port",
        "risk": "High"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-562",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "The firewall may be configured in a riskful manner.",
        "recommendation": "Manually validate whether this open ports should actually be open.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-581",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "This webserver does not have an IPv6 address",
        "recommendation": "Configure IPv6 addresses for this webserver.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-580",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We check if all name servers, that have an AAAA record with IPv6 address, are reachable over IPv6. One or more name servers is not reachable on an IPv6 address.",
        "recommendation": "Check IPv6 addresses for all name servers.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-582",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We check if all web servers, that have an AAAA record with IPv6 address, are reachable over IPv6. In this case the web server(s) is/are not reachable via IPv6.",
        "recommendation": "Configure IPv6 addresses for the web servers",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-583",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We check if we can connect to your name server(s) over IPv6 on any available ports (80 and/or 443). We test all IPv6 addresses that we receive from your name servers. For this website there are not enough name servers accessible via IPv6.",
        "recommendation": "Add an IPv6 address for at least two name servers that have no IPv6 address yet.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-584",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We check if there is at least one AAAA record with IPv6 address for your web server. For this website there is no web server with an IPv6 address available.",
        "recommendation": "Add an IPv6 address for at least one web server that has no IPv6 address yet.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-585",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We compare the web content that we receive from the web server over both IPv6 and IPv4 on any available ports (80 and/or 443). In case there are multiple IPv6 and IPv4 addresses, we pick one IPv6 address and one IPv4 address. If the content difference is not higher than 10%, we expect the main web content to be the same. In this case the websites hosted on IPv4 and IPv6 for the given hostname are not the same.",
        "recommendation": "Make sure both IPv6 and IPv4 addresses point to the same web content.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-600",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We check if your domain, more specifically its SOA record, is DNSSEC signed. The provided domain is not DNSSEC signed.",
        "recommendation": "Enable DNSSEC on your name servers.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-601",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "We check if your domain, more specifically its SOA record, is DNSSEC signed. The provided domain is DNSSEC signed, but the DNSSEC is invalid.",
        "recommendation": "Reconfigure DNSSEC on your name servers.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-606",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "List of vulnerabilities found in the HTTP strict transport security (HSTS) settings of the http header.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-607",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "List of vulnerabilities found in the content security policy (CSP) settings of the http header.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-621",
    "fields": {
      "last_updated": "2021-08-09T14:50:09.835Z",
      "data": {
        "description": "List of vulnerabilities found in outdated javascript libraries.",
        "risk": "Middle"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-640",
    "fields": {
      "last_updated": "2021-09-29T14:46:09.835Z",
      "data": {
        "description": "This software is known to be used as malware.",
        "recommendation": "You probably want to remove this software.",
        "risk": "High"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-641",
    "fields": {
      "last_updated": "2021-09-29T16:46:09.835Z",
      "data": {
        "description": "This software should not be exposed to the Internet.",
        "recommendation": "You probably want to this port to be closed.",
        "risk": "Critical"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-642",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "A verified vulnerability is found.",
        "recommendation": "You want to investigate this: maybe you could close this port or patch/remove the software.",
        "risk": "Critical"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-611",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "SPF record does not have valid syntax.",
        "risk": "High"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-612",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "Parsing an SPF record should require no more than 10 DNS lookups.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-613",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "SPF record exceeds allowed length of 255 characters.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-614",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "An invalid ip address was found in the SPF record.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-615",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "The SPF record contains a redirect loop.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-616",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "The 'all' mechanism should be configured to be fail (='-').",
        "risk": "High"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-617",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "The 'exists' mechanism should not be used.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-618",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "The SPF record contains an include loop.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-619",
    "fields": {
      "last_updated": "2021-09-29T17:24:09.835Z",
      "data": {
        "description": "The 'ptr' mechanism should not be used.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-643",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A Dicom server is exposed.",
        "recommendation": "Validate whether this server should actually be exposed.",
        "risk": "Critical"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-644",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A lot of ports are open which were not open a week ago.",
        "recommendation": "Validate if the firewall config is correct.",
        "risk": "Critical"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismIP|pass",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A pass qualifier means that the SPF record designates the host to be allowed to send"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismHostname|pass",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A pass qualifier means that the SPF record designates the host to be allowed to send"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismNetBlock|pass",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A pass qualifier means that the SPF record designates the host to be allowed to send"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismIP|fail",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A fail qualifier means that the SPF record has designated the host as NOT being allowed to send"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismHostname|fail",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A fail qualifier means that the SPF record has designated the host as NOT being allowed to send"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismNetBlock|fail",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A fail qualifier means that the SPF record has designated the host as NOT being allowed to send"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismIP|softfail",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A softfail qualifier means that the SPF record has designated the host as NOT being allowed to send but is in transition"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismHostname|softfail",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A softfail qualifier means that the SPF record has designated the host as NOT being allowed to send but is in transition"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "DNSSPFMechanismNetBlock|softfail",
    "fields": {
      "last_updated": "2021-11-12T17:24:09.835Z",
      "data": {
        "description": "A softfail qualifier means that the SPF record has designated the host as NOT being allowed to send but is in transition"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-645",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "A leak with severity critical has been found.",
        "recommendation": "Validate if this service is configured correctly, up-to-date and exposed on the correct port.",
        "risk": "Critical"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-646",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "A leak with severity high has been found.",
        "recommendation": "Validate if this service is configured correctly, up-to-date and exposed on the correct port.",
        "risk": "High"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-647",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "A leak with severity medium has been found.",
        "recommendation": "Validate if this service is configured correctly, up-to-date and exposed on the correct port.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-648",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "A leak with severity low has been found.",
        "recommendation": "Validate if this service is configured correctly, up-to-date and exposed on the correct port.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-649",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "A leak with severity information has been found.",
        "recommendation": "Validate if this service is configured correctly, up-to-date and exposed on the correct port.",
        "risk": "Recommendation"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-654",
    "fields": {
      "last_updated": "2022-01-27T09:01:09.835Z",
      "data": {
        "description": "There is a newer version for this software.",
        "recommendation": "Update your software to the newest version.",
        "risk": "Recommendation"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-660",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "According to the Green Web Foundation, this website is not hosted in a 'green' way.",
        "risk": "Recommendation"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NXDOMAIN",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "The domain name does not exist.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NXDOMAIN-HEADER",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "The hostname in this header does not exist.",
        "recommendation": "Check if the hostname in the header is correct, update the header as quickly as possible.",
        "risk": "Critical"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NAMESERVER-NO-TWO-IPV6",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This webserver does not have at least two nameservers with an ipv6 address.",
        "risk": "Low"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NAMESERVER-NO-IPV6",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This nameserver does not have an ipv6 address.",
        "risk": "Recommendation"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-INTERNETNL",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This website does not comply to the internet.nl standards. Currently, we check the following standards: IPv6 on webservers and nameservers, DNSSEC, missing and mis-configured headers.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NO-CERTIFICATE",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This website does not have an SSL certificate.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-SSL-CERT-HOSTNAME-MISMATCH",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "The common name of the certificate does not match the netloc of the website",
        "recommendation": "Check if other names on the certificate do match (alternative names)",
        "risk": "High"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NO-DMARC",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This hostname does not have a DMARC record.",
        "recommendation": "Set a DMARC record to protect your domain.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NO-DKIM",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This hostname does not support a DKIM record.",
        "recommendation": "Set a DKIM record to protect your domain.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  },
  {
    "model": "tools.ooiinformation",
    "pk": "KATFindingType|KAT-NO-SPF",
    "fields": {
      "last_updated": "2021-12-07T17:24:09.835Z",
      "data": {
        "description": "This hostname does not have an SPF record.",
        "recommendation": "Set an SPF record to protect your domain.",
        "risk": "Medium"
      },
      "consult_api": false
    }
  }
]