- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP:          199.233.80.171
+ Target Hostname:    www.visitmonmouth.com
+ Target Port:        443
---------------------------------------------------------------------------
+ SSL Info:        Subject:  /C=US/ST=New Jersey/L=Freehold/O=Monmouth County/CN=www.visitmonmouth.com
                   Altnames: www.visitmonmouth.com, visitmonmouth.com
                   Ciphers:  ECDHE-RSA-AES256-GCM-SHA384
                   Issuer:   /C=US/O=DigiCert Inc/CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
+ Start Time:         2024-04-22 22:00:32 (GMT-4)
---------------------------------------------------------------------------
+ Server: Microsoft-IIS/8.5
+ /: Retrieved x-aspnet-version header: 4.0.30319.
+ /:X-Frame-Options header is deprecated and has been replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive instead. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /: Uncommon header 'referer-policy' found, with contents: strict-origin-when-cross-script.
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ Server may be vulnerable to https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/MS10-070 (based on numeric calculation) and thus may allow a cryptographic padding oracle. This vulnerability must be manually validated. See: http://blog.gdssecurity.com/labs/2010/9/14/automated-padding-oracle-attacks-with-padbuster.html
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Scan terminated: 1 error(s) and 5 item(s) reported on remote host
+ End Time:           2024-04-22 22:01:33 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested