- Nikto v2.6.0 --------------------------------------------------------------------------- + Your Nikto installation is out of date. + Target IP: 35.173.69.207 + Target Hostname: jokes.pythonanywhere.com + Target Port: 80 + Platform: Unknown + Start Time: 2026-03-27 14:15:41 (GMT-4) --------------------------------------------------------------------------- + Server: PythonAnywhere + [95] /: Cookie csrf_token created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + [999104] /: There appears to be Clacks Overhead on the server and the message is: GNU Terry Pratchett. See: https://xclacksoverhead.org/home/about + No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped. + [999984] /robots.txt: Server may leak inodes via ETags, header found with file /robots.txt, inode: 1773376552.8513117, size: 22, mtime: 4243656187. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1418 + [999100] /robots.txt: Uncommon header(s) 'content-disposition' found, with contents: inline; filename=robots.txt. + [999996] /robots.txt: contains 1 entry which should be manually viewed. See: https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt + [013587] /: Suggested security header missing: strict-transport-security. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security + [013587] /: Suggested security header missing: content-security-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP + [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy - STATUS: Completed 236 requests (~3% complete, ~28.7 minutes left): currently in plugin 'Site Files' - STATUS: Running average: Not enough data. + Scan terminated: 20 errors and 8 items reported on the remote host + End Time: 2026-03-27 14:16:38 (GMT-4) (57 seconds) --------------------------------------------------------------------------- + 1 host(s) tested