Nikto no limit SSL scan (nikto -host arstechnica.com -ssl)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 3.132.188.58, 18.217.41.48
+ Target IP: 3.132.188.58
+ Target Hostname: arstechnica.com
+ Target Port: 443
---------------------------------------------------------------------------
+ SSL Info: Subject: /CN=*.arstechnica.com
Altnames: *.arstechnica.com, arstechnica.com
Ciphers: ECDHE-RSA-AES128-GCM-SHA256
Issuer: /C=US/O=Amazon/CN=Amazon RSA 2048 M01
+ Start Time: 2024-04-13 01:11:06 (GMT-4)
---------------------------------------------------------------------------
+ Server: nginx/1.25.4
+ /: Retrieved x-powered-by header: PHP/8.1.19.
+ /:X-Frame-Options header is deprecated and has been replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive instead. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /: Link header found with value: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/". See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Link
+ /: The site uses TLS and the Strict-Transport-Security HTTP header is not defined. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+ /dWc49eZl.gif: Cookie ars_user created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /dWc49eZl.: Uncommon header 'x-redirect-by' found, with contents: WordPress.
+ : Server banner changed from 'nginx/1.25.4' to 'awselb/2.0'.
+ /robots.txt: Entry '/wp-content/plugins/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /civis/admin.php: Cookie xf_csrf created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /robots.txt: Entry '/civis/admin.php' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: Entry '/search/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: Entry '/civis/search/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: Entry '/wp-content/themes/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: Entry '/civis/login/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: Entry '/civis/members/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: Entry '/civis/help/' is returned a non-forbidden or redirect HTTP code (200). See: https://portswigger.net/kb/issues/00600600_robots-txt-file
+ /robots.txt: contains 40 entries which should be manually viewed. See: https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt
+ /: The Content-Encoding header is set to "deflate" which may mean that the server is vulnerable to the BREACH attack. See: http://breachattack.com/
+ Server is using a wildcard certificate: *.arstechnica.com. See: https://en.wikipedia.org/wiki/Wildcard_certificate
+ /kboard/: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php.
+ /~root/: Allowed to browse root's home directory. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1013
+ /server/: Possibly Macromedia JRun or CRX WebDAV upload.
+ /search/htx/sqlqhit.asp: Uncommon header 'x-elasticpress-query' found, with contents: true.
+ 10413 requests: 0 error(s) and 23 item(s) reported on remote host
+ End Time: 2024-04-13 01:29:10 (GMT-4) (1084 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Color Scheme
Target
arstechnica.com
Scan method
Nikto no limit SSL scan
Run command
nikto -host arstechnica.com -ssl
Scan time
1084s
Scan date
13 Apr 2024 01:29
Copy scan report
Download report
Remove scan result
$
We use cookies to ensure you get the best experience on our website. Cookie policy