- Nikto --------------------------------------------------------------------------- + Target IP: 185.117.155.245 + Target Hostname: sat-ali.ru + Target Port: 80 + Start Time: 2024-10-27 15:38:25 (GMT-4) --------------------------------------------------------------------------- + Server: Apache/2.2.22 (Debian) + /: Server may leak inodes via ETags, header found with file /, inode: 139082, size: 5106, mtime: Sun Jul 28 00:52:42 2024. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1418 + /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + /index.php?: Cookie ssn created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + /index.php?: Retrieved x-powered-by header: PHP/5.4.45-0+deb7u14. + /index: Uncommon header 'tcn' found, with contents: list. + /index: Apache mod_negotiation is enabled with MultiViews, which allows attackers to easily brute force file names. The following alternatives for 'index' were found: index.html. See: http://www.wisec.it/sectou.php?id=4698ebdc59d15,https://exchange.xforce.ibmcloud.com/vulnerabilities/8275 + Apache/2.2.22 appears to be outdated (current is at least 2.4.58). Apache 2.2.34 is the EOL for the 2.x branch. + Scan terminated: 0 error(s) and 7 item(s) reported on remote host + End Time: 2024-10-27 15:39:26 (GMT-4) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested