Scan report for "www.chargebackgurus.com"
Summary
Found
17
Duration
1min 1sec
Date
2025-10-06
IP
199.60.103.31
Report
Nikto scan (max 60 sec) (nikto -host www.chargebackgurus.com -maxtime 60)
- Nikto
---------------------------------------------------------------------------
+ Multiple IPs found: 199.60.103.31, 199.60.103.225, 2606:2c40::c73c:671f, 2606:2c40::c73c:67e1
+ Target IP: 199.60.103.31
+ Target Hostname: www.chargebackgurus.com
+ Target Port: 80
+ Start Time: 2025-10-06 09:58:12 (GMT-7)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: Uncommon header 'x-hs-portal-id' found, with contents: 2062618.
+ /: Uncommon header 'x-hs-https-only' found, with contents: worker.
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1".
+ /: IP address found in the '_cfuvid' cookie. The IP is "0.0.1.1".
+ Root page / redirects to: https://www.chargebackgurus.com/
+ /oDhsJ8xO.markdown: Uncommon header 'origin-agent-cluster' found, with contents: ?1.
+ /oDhsJ8xO.markdown: Uncommon header 'critical-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA.
+ /oDhsJ8xO.markdown: Uncommon header 'cf-mitigated' found, with contents: challenge.
+ /oDhsJ8xO.markdown: Uncommon header 'server-timing' found, with contents: chlray;desc="98a6b3e0d845c277".
+ /oDhsJ8xO.markdown: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /www_chargebackgurus_com.jks: IP address found in the 'content-security-policy-report-only' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: Uncommon header 'proxy-status' found, with contents: Cloudflare-Proxy;error=http_request_error.
+ /phpimageview.php?pic=javascript:alert(8754): PHP Image View 1.0 is vulnerable to Cross Site Scripting (XSS). See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1724
+ /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS).
+ /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS).
+ /members.asp?SF=%22;}alert(223344);function%20x()\{v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). See: OSVDB-4598
+ /forum_members.asp?find=%22;}alert(9823);function%20x()\{v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). See: OSVDB-2946
+ Scan terminated: 0 error(s) and 17 item(s) reported on remote host
+ End Time: 2025-10-06 09:59:13 (GMT-7) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Detailed report
-
Target
www.chargebackgurus.com
-
Target IP
199.60.103.31
-
Scan method
Nikto scan (max 60 sec)
-
Run command
nikto -host www.chargebackgurus.com -maxtime 60
- Duration
- Quick report
-
Scan date
06 Oct 2025 12:59
-
Copy scan report
- Download report
- Remove scan result
- Total scans
- Check ports
- API - Scan ID