- Nikto 
---------------------------------------------------------------------------
+ Target IP:          213.55.94.34
+ Target Hostname:    estudent.mu.edu.et
+ Target Port:        80
+ Start Time:         2024-08-21 14:42:23 (GMT-4)
---------------------------------------------------------------------------
+ Server: nginx/1.18.0 + Phusion Passenger(R) 6.0.20
+ /: Retrieved x-powered-by header: Phusion Passenger(R) 6.0.20.
+ /: Uncommon header 'x-request-id' found, with contents: 795e8309-3e58-4d39-b8e8-9fec75ebc91a.
+ /: Uncommon header 'x-runtime' found, with contents: 0.000809.
+ Root page / redirects to: http://estudent.mu.edu.et/auth/login
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ : Server banner changed from 'nginx/1.18.0 + Phusion Passenger(R) 6.0.20' to 'nginx/1.18.0 (Ubuntu)'.
+ /robots.txt: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /: The web server may reveal its internal or real IP in the Location header via a request to with HTTP/1.0. The value is "127.0.0.1". See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0649
+ nginx/1.18.0 appears to be outdated (current is at least 1.25.3).
+ Scan terminated: 0 error(s) and 7 item(s) reported on remote host
+ End Time:           2024-08-21 14:43:24 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested