Scan report for "app.staffnow.aero"

Membership level: Free member
Summary

Found

-

Duration

32sec

Date

2024-06-26

IP

-

Report
Nikto scan (max 60 sec) (nikto -host app.staffnow.aero -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 18.164.116.22, 18.164.116.37, 18.164.116.34, 18.164.116.81
+ Target IP:          18.164.116.22
+ Target Hostname:    app.staffnow.aero
+ Target Port:        80
+ Start Time:         2024-06-26 06:15:51 (GMT-4)
---------------------------------------------------------------------------
+ Server: CloudFront
+ /: Retrieved via header: 1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront).
+ Root page / redirects to: https://app.staffnow.aero/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ : Server banner changed from 'CloudFront' to 'AmazonS3'.
+ /: Uncommon header 'x-amz-meta-codebuild-buildarn' found, with contents: arn:aws:codebuild:eu-west-1:705111593145:build/platform-prod:886c0cf1-6abc-4e40-95a2-e601b063a664.
+ /: Uncommon header 'x-amz-meta-codebuild-content-md5' found, with contents: ae093eef1478a27f57db4635c7ec7441.
+ /: Uncommon header 'x-amz-server-side-encryption' found, with contents: AES256.
+ /: Uncommon header 'x-amz-meta-codebuild-content-sha256' found, with contents: 6322e2d553912c532367ccdb8403ed83f90dd8797d011df77caebc99a22e062c.
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /: Web Server returns a valid response with junk HTTP methods which may cause false positives.
+ /blah_badfile.shtml: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /servlet/com.livesoftware.jrun.plugins.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call.
+ /servlet/allaire.jrun.ssi.SSIFilter: Allaire ColdFusion allows JSP source viewed through a vulnerable SSI call. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0926
+ 8045 requests: 0 error(s) and 11 item(s) reported on remote host
+ End Time:           2024-06-26 06:16:23 (GMT-4) (32 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
app.staffnow.aero
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host app.staffnow.aero -maxtime 60
Duration
32s
Quick report
Order full scan ($79/one time)
Scan date
26 Jun 2024 06:16
API - Scan ID
649b5b2753d0d20d3beaa0f3c6896a95b8606382
Copy scan report
Download report
Remove scan result
$
Check ports
Use Portscanner Tool