- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 199.60.103.184, 199.60.103.84 + Target IP: 199.60.103.184 + Target Hostname: envoyb2b.com + Target Port: 80 + Start Time: 2024-11-06 06:08:34 (GMT-5) --------------------------------------------------------------------------- + Server: cloudflare + /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1". + /: Uncommon header 'x-hs-https-only' found, with contents: worker. + /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc + Root page / redirects to: https://envoyb2b.com/ + No CGI Directories found (use '-C all' to force check all possible dirs) + /dump.tar.lzma: Uncommon header 'critical-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA. + /dump.tar.lzma: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA. + /dump.tar.lzma: Uncommon header 'origin-agent-cluster' found, with contents: ?1. + /dump.tar.lzma: Uncommon header 'cf-mitigated' found, with contents: challenge. + /dump.tar.lzma: Uncommon header 'x-content-options' found, with contents: nosniff. + /dump.tar.lzma: Uncommon header 'cf-chl-out' found, with contents: EsGA3CKiPgYvkLTDSfscbTphKyGZFIHAJXmbryfCljfLhwWCD+Y2W5Xnj5PO4i+pRDfgJiumSvsPOEW4ryCehtMrjH1ozeulWkg1mN283GyYs969IEZqDQt7vW0Q2VFhz3v5S/vCXpQDuoPD1wsWSw==$wKbFsc1xXzHYXpq9smXgFw==. + /webcart/config/clients.txt: IP address found in the 'content-security-policy-report-only' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed + Scan terminated: 0 error(s) and 10 item(s) reported on remote host + End Time: 2024-11-06 06:09:35 (GMT-5) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested