- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 18.164.124.101, 18.164.124.114, 18.164.124.47, 18.164.124.59 + Target IP: 18.164.124.101 + Target Hostname: lima.tantantan.site + Target Port: 80 + Start Time: 2024-09-16 22:09:53 (GMT-4) --------------------------------------------------------------------------- + Server: CloudFront + /: Retrieved via header: 1.1 c83a337c091a978f2c8afbddf7f8fe2c.cloudfront.net (CloudFront). + Root page / redirects to: https://lima.tantantan.site/ + No CGI Directories found (use '-C all' to force check all possible dirs) + : Server banner changed from 'CloudFront' to 'AmazonS3'. + /nikto-test-RwCyDOgq.html: Uncommon header 'x-amz-meta-codebuild-content-md5' found, with contents: 162f80c688b3f52279b4c4431d374700. + /nikto-test-RwCyDOgq.html: Uncommon header 'x-amz-meta-codebuild-buildarn' found, with contents: arn:aws:codebuild:ap-southeast-1:992382543629:build/Customer-Portal-Dev-FlutterFlow-test:071ab69a-2a6e-4970-a7b2-02233d6cebaa. + /nikto-test-RwCyDOgq.html: Uncommon header 'x-amz-meta-codebuild-content-sha256' found, with contents: 83cc0dbaf9f48d68e200ab357702f6d7b441e76d331cd008a23bcda50fff46a1. + /nikto-test-RwCyDOgq.html: Uncommon header 'x-amz-server-side-encryption' found, with contents: AES256. + /nikto-test-RwCyDOgq.html: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + /: Web Server returns a valid response with junk HTTP methods which may cause false positives. + /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. + /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. + /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0926 + /_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710 + /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710 + /_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web. + /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web. + Scan terminated: 0 error(s) and 15 item(s) reported on remote host + End Time: 2024-09-16 22:10:54 (GMT-4) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested