Scan report for "app.clickup.com"

  1. Nikto Online
  2. Scan report for "app.clickup.com"
Membership level: Free member
Summary

Found

15

Duration

33sec

Date

2026-05-04

IP

18.238.55.102

Report
Nikto scan (max 60 sec) (nikto -host app.clickup.com -maxtime 60)
- Nikto v2.6.0
---------------------------------------------------------------------------
+ Your Nikto installation is out of date.
+ Target IP:          18.238.55.102
+ Target Hostname:    app.clickup.com
+ Target Port:        80
+ Platform:           Unknown
+ Start Time:         2026-05-04 15:14:03 (GMT-4)
---------------------------------------------------------------------------
+ Server: CloudFront
+ Multiple IPs found: 18.238.55.102, 18.238.55.21, 18.238.55.44, 18.238.55.59
+ [999986] /: Retrieved via header: 1.1 acbc16f609c0c9804b8a2c3d38d3023e.cloudfront.net (CloudFront).
+ [011799] /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped.
+ [013587] /: Suggested security header missing: referrer-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
+ [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy
+ [013587] /: Suggested security header missing: strict-transport-security. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+ [999962] /: Server banner changed from 'CloudFront' to 'AmazonS3'.
+ [999100] /nikto-test-GlJdODDT.html: Uncommon header(s) 'x-amz-server-side-encryption' found, with contents: AES256.
+ [999967] /: Web Server returns a valid response with junk HTTP methods which may cause false positives.
+ [000126] /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ [001191] /_vti_bin/shtml.dll/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710
+ [001192] /_vti_bin/shtml.exe/_vti_rpc?method=server+version%3a4%2e0%2e2%2e2611: Gives info about server settings. See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0413,https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0709,https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0710
+ [001193] /_vti_bin/_vti_aut/author.dll?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
+ [001194] /_vti_bin/_vti_aut/author.exe?method=list+documents%3a3%2e0%2e2%2e1706&service%5fname=&listHiddenDocs=true&listExplorerDocs=true&listRecurse=false&listFiles=true&listFolders=true&listLinkInfo=true&listIncludeParent=true&listDerivedT=false&listBorders=false: We seem to have authoring access to the FrontPage web.
+ [007342] /: X-Frame-Options header is deprecated and was replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Frame-Options
+ [007352] /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ 8166 requests: 0 errors and 15 items reported on the remote host
+ End Time:           2026-05-04 15:14:36 (GMT-4) (33 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Trustpilot
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
app.clickup.com
Target IP
18.238.55.102
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host app.clickup.com -maxtime 60
Duration
Quick report
Scan date
04 May 2026 15:14
Copy scan report
Download report
Remove scan result
$
Check ports
API - Scan ID