- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 199.232.208.194, 199.232.212.194
+ Target IP:          199.232.208.194
+ Target Hostname:    auth.fandom.com
+ Target Port:        80
+ Start Time:         2024-05-21 19:02:42 (GMT-4)
---------------------------------------------------------------------------
+ Server: envoy
+ /: Retrieved via header: 1.1 varnish.
+ /: Retrieved x-powered-by header: Express.
+ /: Retrieved x-served-by header: cache-lga21951-LGA.
+ /: Fastly CDN was identified by the x-timer header. See: https://www.fastly.com/
+ /: Uncommon header 'refresh' found, with contents: 0;url=https://www.fandom.com/.
+ /: Uncommon header 'x-envoy-upstream-service-time' found, with contents: 1.
+ /: Uncommon header 'x-served-by' found, with contents: cache-lga21951-LGA.
+ Root page / redirects to: https://www.fandom.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /robots.txt: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /favicon.ico: Cookie disable_no_video_exp created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /favicon.ico: Retrieved access-control-allow-origin header: *.
+ /favicon.ico: Uncommon header 'content-disposition' found, with contents: inline; filename="Site-favicon.ico"; filename*=UTF-8''Site-favicon.ico.
+ /favicon.ico: Uncommon header 'x-cacheable' found, with contents: YES.
+ /favicon.ico: Uncommon header 'x-thumbnailer' found, with contents: Thumblr.
+ : Server banner changed from 'envoy' to 'Varnish'.
+ Scan terminated: 0 error(s) and 14 item(s) reported on remote host
+ End Time:           2024-05-21 19:03:43 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested