Nikto scan (max 60 sec) (nikto -host armstrong.com -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP: 204.74.19.143
+ Target Hostname: armstrong.com
+ Target Port: 80
+ Start Time: 2024-05-21 15:27:41 (GMT-4)
---------------------------------------------------------------------------
+ Server: Apache
+ /: Retrieved via header: NS-CACHE-10.0: 51.
+ /: Uncommon header 'x-ignore' found, with contents: 1900.
+ /: Uncommon header 'edge-control' found, with contents: max-age=14400s.
+ Root page / redirects to: https://www.armstrong.com/?v_id=domain_/armstrong.com
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /: IP address found in the 'content-security-policy' header. The IP is "100.20.58.101". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "18.210.229.244". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "3.212.39.155". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "34.215.155.61". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "35.160.46.251". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "35.85.84.151". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "44.212.189.233". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "44.228.85.26". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "44.238.122.172". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "52.22.50.55". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "52.71.121.170". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: IP address found in the 'content-security-policy' header. The IP is "54.156.2.105". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, OPTIONS .
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /: HTTP TRACE method is active which suggests the host is vulnerable to XST. See: https://owasp.org/www-community/attacks/Cross_Site_Tracing
+ Scan terminated: 0 error(s) and 18 item(s) reported on remote host
+ End Time: 2024-05-21 15:28:42 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested