Nikto scan (max 60 sec) (nikto -host irada.org.lb -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 104.21.76.65, 172.67.190.238, 2606:4700:3030::6815:4c41, 2606:4700:3030::ac43:beee
+ Target IP: 104.21.76.65
+ Target Hostname: irada.org.lb
+ Target Port: 80
+ Start Time: 2024-05-03 16:55:48 (GMT-4)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: Retrieved x-aspnet-version header: 4.0.30319.
+ /: Retrieved x-powered-by header: ASP.NET.
+ /: Uncommon header 'x-powered-by-plesk' found, with contents: PleskWin.
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ Server may be vulnerable to https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/MS10-070 (based on numeric calculation) and thus may allow a cryptographic padding oracle. This vulnerability must be manually validated. See: http://blog.gdssecurity.com/labs/2010/9/14/automated-padding-oracle-attacks-with-padbuster.html
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ No creds found for realm ''
+ /robots.txt: contains 2 entries which should be manually viewed. See: https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt
+ OPTIONS: Allowed HTTP Methods: OPTIONS, TRACE, GET, HEAD, POST .
+ OPTIONS: Public HTTP Methods: OPTIONS, TRACE, GET, HEAD, POST .
+ Scan terminated: 0 error(s) and 9 item(s) reported on remote host
+ End Time: 2024-05-03 16:56:49 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested