Scan report for "www.aliexpress.com"

  1. Nikto Online
  2. Scan report for "www.aliexpress.com"
Membership level: Free member
Summary

Found

-

Duration

1min 1sec

Date

2024-09-03

IP

-

Report
Nikto scan (max 60 sec) (nikto -host www.aliexpress.com -maxtime 60)
- Nikto 
---------------------------------------------------------------------------
+ Target IP:          23.204.11.32
+ Target Hostname:    www.aliexpress.com
+ Target Port:        80
+ Start Time:         2024-09-03 20:47:53 (GMT-4)
---------------------------------------------------------------------------
+ Server: Tengine/Aserver
+ /: Uncommon header 'eagleeye-traceid' found, with contents: 2101ea7117254108733743880ef35f.
+ /: Uncommon header 'server-timing' found, with multiple values: (cdn-cache; desc=MISS,edge; dur=50,origin; dur=2,ak_p; desc="1725410873361_398664871_1492562185_5218_6446_1_0_-";dur=1,).
+ Root page / redirects to: https://www.aliexpress.com/
+ /81F0YDFA.html+: IP address found in the 'x-akamai-fwd-auth-data' header. The IP is "23.195.36.167". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /81F0YDFA.html+: IP address found in the 'x-akamai-fwd-auth-data' header. The IP is "172.96.166.66". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /81F0YDFA.html+: Uncommon header 'x-akamai-fwd-auth-sha' found, with contents: 7A4F8FC8BD2E9082C8DBE6A73F7694D82F85B3A8DF9679041B9625AB66629008.
+ /81F0YDFA.html+: Uncommon header 'x-akamai-fwd-auth-sign' found, with contents: xmCNJkwv7YJ62WRCpzrPB7tYy22n4w8rAfQActroQ6pn6KldMXDyCu4W/f0RqxqrSKCjGT78WX0BMMb2FVCoJSfBO/qPquT749M89WqTRmg=.
+ /81F0YDFA.html+: Uncommon header 'x-akamai-fwd-auth-data' found, with contents: 691276917, 23.195.36.167, 1725410873, 172.96.166.66.
+ /81F0YDFA.js: IP address found in the 'aliaka_real_ip' header. The IP is "172.96.166.66". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /81F0YDFA.js: Uncommon header 'z_ak_client_ip' found, with contents: 127.0.0.1.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /favicon.ico: Retrieved access-control-allow-origin header: http://hz.aliexpress.com.
+ /favicon.ico: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ : Server banner changed from 'Tengine/Aserver' to 'AkamaiGHost'.
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Cookie ali_apache_id created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: IP address found in the 'ali_apache_id' cookie. The IP is "33.3.7.191".
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Cookie xman_us_f created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Cookie intl_locale created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Cookie acs_usuc_t created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Cookie aep_usuc_f created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Retrieved x-application-context header: global-biz-gateway:9901.
+ /Mem/dynaform/Login.htm?WINDWEB_URL=%2FMem%2Fdynaform%2FLogin.htm&ListIndexUser=0&sWebParam1=admin000: Uncommon header 'x-application-context' found, with contents: global-biz-gateway:9901.
+ Scan terminated: 0 error(s) and 20 item(s) reported on remote host
+ End Time:           2024-09-03 20:48:54 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Trustpilot
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
www.aliexpress.com
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host www.aliexpress.com -maxtime 60
Duration
Quick report
Scan date
03 Sep 2024 20:48
Copy scan report
Download report
Remove scan result
$
Total scans
Check ports
API - Scan ID