- Nikto 
---------------------------------------------------------------------------
+ Target IP:          15.235.111.159
+ Target Hostname:    demo.dexsistemas.com.br
+ Target Port:        80
+ Start Time:         2024-11-19 12:50:36 (GMT-5)
---------------------------------------------------------------------------
+ Server: Microsoft-IIS/10.0
+ /: Retrieved x-aspnet-version header: 4.0.30319.
+ /: Retrieved x-powered-by header: ASP.NET.
+ Root page / redirects to: /Login.aspx?ReturnUrl=%2f
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /favicon.ico: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ Server may be vulnerable to https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/MS10-070 (based on numeric calculation) and thus may allow a cryptographic padding oracle. This vulnerability must be manually validated. See: http://blog.gdssecurity.com/labs/2010/9/14/automated-padding-oracle-attacks-with-padbuster.html
+ Scan terminated: 0 error(s) and 4 item(s) reported on remote host
+ End Time:           2024-11-19 12:51:37 (GMT-5) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested