- Nikto v2.6.0 --------------------------------------------------------------------------- + Your Nikto installation is out of date. + Target IP: 3.134.125.175 + Target Hostname: uncriticizably-sensitometric-malissa.ngrok-free.dev + Target Port: 80 + Platform: Unknown + Start Time: 2026-02-24 10:28:14 (GMT-5) --------------------------------------------------------------------------- + Server: No banner retrieved + Multiple IPs found: 3.134.125.175, 3.17.7.232, 3.13.191.225, 3.14.182.203, 3.134.39.220, 3.22.30.40, 2600:1f16:d83:1202:318e:b97e:3530:436a, 2600:1f16:d83:1202:586c:b39b:b5a4:d61f, 2600:1f16:d83:1200:a658:2829:a11c:52e8, 2600:1f16:d83:1201:b91d:e4e5:6e14:df4, 2600:1f16:d83:1201:6cd5:bf8e:1af8:c9da, 2600:1f16:d83:1200:19d9:6ba:5b9f:5b9 + No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped. + [013587] /: Suggested security header missing: content-security-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP + [013587] /: Suggested security header missing: x-content-type-options. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options + [013587] /: Suggested security header missing: referrer-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy + [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy + [013587] /: Suggested security header missing: strict-transport-security. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + [000777] /user.php?op=confirmnewuser&module=NS-NewUser&uNikto=%22%3E%3Cimg%20src=%22javascript:alert(document.cookie);%22%3E&email=test@test.com: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS). + Scan terminated: 0 errors and 6 items reported on the remote host + End Time: 2026-02-24 10:29:15 (GMT-5) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested