- Nikto 
---------------------------------------------------------------------------
+ Target IP:          34.139.232.253
+ Target Hostname:    icscims.com
+ Target Port:        80
+ Start Time:         2026-01-02 10:12:30 (GMT-8)
---------------------------------------------------------------------------
+ Server: Apache/2.4.53 (Win64) OpenSSL/1.1.1n PHP/7.4.29
+ /: Retrieved x-powered-by header: PHP/7.4.29.
+ Root page / redirects to: http://icscims.com/dashboard/
+ /favicon.ico: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ Apache/2.4.53 appears to be outdated (current is at least 2.4.58). Apache 2.2.34 is the EOL for the 2.x branch.
+ OpenSSL/1.1.1n appears to be outdated (current is at least 3.2.0). OpenSSL 1.1.1w is current for 1.x and is supported via contract, and 3.0.12 for 3.0.x, and 3.1.4 for 3.1.x.
+ PHP/7.4.29 appears to be outdated (current is at least 8.3.0).
+ /: HTTP TRACE method is active which suggests the host is vulnerable to XST. See: https://owasp.org/www-community/attacks/Cross_Site_Tracing
+ Scan terminated: 0 error(s) and 6 item(s) reported on remote host
+ End Time:           2026-01-02 10:13:31 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested