- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 47.246.131.30, 47.246.131.55
+ Target IP:          47.246.131.30
+ Target Hostname:    alibaba.com
+ Target Port:        80
+ Start Time:         2024-08-14 16:16:48 (GMT-4)
---------------------------------------------------------------------------
+ Server: Tengine
+ /: Uncommon header 'server-timing' found, with contents: rt;dur=0.000,eagleid;desc=21032ecc17236666084727406e59a1.
+ /: Uncommon header 'eagleid' found, with contents: 21032ecc17236666084727406e59a1.
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ Root page / redirects to: https://alibaba.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /: Retrieved via header: scproxy033003046058.rg-us-east.us68[web,302].
+ /nikto-test-2lKo08oI.html: Cookie ali_apache_id created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /nikto-test-2lKo08oI.html: IP address found in the 'ali_apache_id' cookie. The IP is "33.3.46.58".
+ /nikto-test-2lKo08oI.html: IP address found in the 'set-cookie' header. The IP is "33.3.46.58". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Uncommon header 'edge-control' found, with contents: bypass-cache.
+ /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Uncommon header 'bxpunish' found, with contents: 1.
+ /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710
+ /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
+ Scan terminated: 0 error(s) and 12 item(s) reported on remote host
+ End Time:           2024-08-14 16:17:49 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested