- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 108.138.85.62, 108.138.85.68, 108.138.85.27, 108.138.85.61
+ Target IP:          108.138.85.62
+ Target Hostname:    admin.yalo.com.br
+ Target Port:        80
+ Start Time:         2024-06-18 08:51:43 (GMT-4)
---------------------------------------------------------------------------
+ Server: CloudFront
+ /: Retrieved via header: 1.1 6400936fc4525d1c60e3e8fee9d4806e.cloudfront.net (CloudFront).
+ Root page / redirects to: https://admin.yalo.com.br/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ : Server banner changed from 'CloudFront' to 'AmazonS3'.
+ /: Uncommon header 'x-amz-server-side-encryption' found, with contents: AES256.
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /: Web Server returns a valid response with junk HTTP methods which may cause false positives.
+ /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0926
+ Scan terminated: 0 error(s) and 8 item(s) reported on remote host
+ End Time:           2024-06-18 08:52:44 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested