- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 13.107.138.10, 13.107.136.10, 2620:1ec:8fa::10, 2620:1ec:8f8::10
+ Target IP:          13.107.138.10
+ Target Hostname:    stjosephsvic.sharepoint.com
+ Target Port:        80
+ Start Time:         2025-12-01 08:02:31 (GMT-8)
---------------------------------------------------------------------------
+ Server: No banner retrieved
+ /: Retrieved microsoftsharepointteamservices header: 16.0.0.26712.
+ /: Retrieved x-powered-by header: ASP.NET.
+ /: IP address found in the 'report-to' header. The IP is "208.76.253.0". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: Uncommon header 'x-1dscollectorurl' found, with contents: https://mobile.events.data.microsoft.com/OneCollector/1.0/.
+ /: Uncommon header 'x-ariacollectorurl' found, with contents: https://browser.pipe.aria.microsoft.com/Collector/3.0/.
+ /: Uncommon header 'ms-cv' found, with contents: od7NOUbQAGAd7FjB7ShDCw.0.
+ /: Uncommon header 'x-ms-invokeapp' found, with contents: 1; RequireReadOnly.
+ /: Uncommon header 'x-networkstatistics' found, with contents: 0,63548,0,0,346,18106,18106,256.
+ /: Uncommon header 'microsoftsharepointteamservices' found, with contents: 16.0.0.26712.
+ /: Uncommon header 'request-id' found, with contents: 39cddea1-d046-6000-1dec-58c1ed28430b.
+ /: Uncommon header 'isocdi' found, with contents: -1.
+ /: Uncommon header 'x-msedge-ref' found, with contents: Ref A: D6154561C4FC411694EB7A31315C7AF0 Ref B: LAX311000110005 Ref C: 2025-12-01T16:02:31Z.
+ /: Uncommon header 'sprequestduration' found, with contents: 11.
+ /: Uncommon header 'x-databoundary' found, with contents: NONE.
+ /: Uncommon header 'spiislatency' found, with contents: 0.
+ /: Uncommon header 'sprequestguid' found, with contents: 39cddea1-d046-6000-1dec-58c1ed28430b.
+ /: Uncommon header 'splogid' found, with contents: 39cddea1-d046-6000-1dec-58c1ed28430b.
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ Root page / redirects to: https://stjosephsvic.sharepoint.com/
+ /EBIk6fzd.*: Retrieved x-aspnet-version header: 4.0.30319.
+ /EBIk6fzd.*: Uncommon header 'sharepointerror' found, with contents: 0.
+ Server may be vulnerable to https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/MS10-070 (based on numeric calculation) and thus may allow a cryptographic padding oracle. This vulnerability must be manually validated. See: http://blog.gdssecurity.com/labs/2010/9/14/automated-padding-oracle-attacks-with-padbuster.html
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Scan terminated: 0 error(s) and 21 item(s) reported on remote host
+ End Time:           2025-12-01 08:03:32 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested