- Nikto v2.6.0 --------------------------------------------------------------------------- + Your Nikto installation is out of date. + Target IP: 172.67.128.217 + Target Hostname: cjk.cc + Target Port: 80 + Platform: Unknown + Start Time: 2026-04-30 04:34:15 (GMT-4) --------------------------------------------------------------------------- + Server: cloudflare + Multiple IPs found: 172.67.128.217, 104.21.2.66, 2606:4700:3035::6815:242, 2606:4700:3033::ac43:80d9 + [011799] /: An alt-svc header was found which is advertising HTTP/2 over TLS. The endpoint is: ':443'. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc + [999106] /: Cloudflare detected via cf-ray header. Recommend proxying via Burp or mitmproxy to avoid TLS fingerprint blocks. See: https://github.com/sullo/nikto/wiki/Using-a-Proxy + No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped. + [999996] /robots.txt: contains 10 entries which should be manually viewed. See: https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt + [013587] /: Suggested security header missing: x-content-type-options. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options + [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy + [013587] /: Suggested security header missing: content-security-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP + [013587] /: Suggested security header missing: strict-transport-security. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + [800264] /: cloudflare - Cloudflare detected via banner. Recommend proxying via Burp or mitmproxy to avoid TLS fingerprint blocks if not already proxying. + Scan terminated: 2 errors and 8 items reported on the remote host + End Time: 2026-04-30 04:35:46 (GMT-4) (91 seconds) --------------------------------------------------------------------------- + 1 host(s) tested