- Nikto v2.6.0 --------------------------------------------------------------------------- + Your Nikto installation is out of date. + Target IP: 3.22.30.40 + Target Hostname: uncriticizably-sensitometric-malissa.ngrok-free.dev + Target Port: 80 + Platform: Unknown + Start Time: 2026-02-24 10:26:41 (GMT-5) --------------------------------------------------------------------------- + Server: No banner retrieved + Multiple IPs found: 3.22.30.40, 3.134.39.220, 3.17.7.232, 3.134.125.175, 3.14.182.203, 3.13.191.225, 2600:1f16:d83:1200:19d9:6ba:5b9f:5b9, 2600:1f16:d83:1202:318e:b97e:3530:436a, 2600:1f16:d83:1200:a658:2829:a11c:52e8, 2600:1f16:d83:1201:b91d:e4e5:6e14:df4, 2600:1f16:d83:1202:586c:b39b:b5a4:d61f, 2600:1f16:d83:1201:6cd5:bf8e:1af8:c9da + No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped. + [013587] /: Suggested security header missing: content-security-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP + [013587] /: Suggested security header missing: x-content-type-options. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options + [013587] /: Suggested security header missing: referrer-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy + [013587] /: Suggested security header missing: strict-transport-security. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy + [000777] /user.php?op=confirmnewuser&module=NS-NewUser&uNikto=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). + Scan terminated: 0 errors and 6 items reported on the remote host + End Time: 2026-02-24 10:27:42 (GMT-5) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested