Scan report for "marcus.herstik.com"

  1. Nikto Online
  2. Scan report for "marcus.herstik.com"
Membership level: Free member
Summary

Found

17

Duration

1min 1sec

Date

2025-11-26

IP

104.21.7.146

Report
Nikto scan (max 60 sec) (nikto -host marcus.herstik.com -maxtime 60)
- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 104.21.7.146, 172.67.187.155, 2606:4700:3037::6815:792, 2606:4700:3030::ac43:bb9b
+ Target IP:          104.21.7.146
+ Target Hostname:    marcus.herstik.com
+ Target Port:        80
+ Start Time:         2025-11-26 15:05:34 (GMT-8)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: Uncommon header 'server-timing' found, with multiple values: (cfCacheStatus;desc="DYNAMIC",cfEdge;dur=1,cfOrigin;dur=1,).
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /aiAW5AOz.inc: Retrieved x-powered-by header: PHP/7.3.33.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /: Uncommon header 'proxy-status' found, with contents: Cloudflare-Proxy;error=http_request_error.
+ OPTIONS: Allowed HTTP Methods: GET, POST, OPTIONS, HEAD .
+ No creds found for realm 'Apache status'
+ /phpMyAdmin/changelog.php: Uncommon header 'x-ob_mode' found, with contents: 1.
+ /phpMyAdmin/changelog.php: Cookie goto created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /phpMyAdmin/changelog.php: Cookie back created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ No creds found for realm 'phpMyAdmin localhost'
+ /phpMyAdmin/ChangeLog: Server may leak inodes via ETags, header found with file /phpMyAdmin/ChangeLog, inode: W/482f, size: 5d7b5c51392c0, mtime: gzip. See: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1418
+ /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /phpmyadmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /pma/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /squirrelmail/src/read_body.php:X-Frame-Options header is deprecated and has been replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive instead. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /squirrelmail/src/read_body.php: Cookie SQMSESSID created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /squirrelmail/src/read_body.php: SquirrelMail found.
+ /webmail/src/read_body.php: SquirrelMail found.
+ Scan terminated: 0 error(s) and 17 item(s) reported on remote host
+ End Time:           2025-11-26 15:06:35 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Trustpilot
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
marcus.herstik.com
Target IP
104.21.7.146
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host marcus.herstik.com -maxtime 60
Duration
Quick report
Scan date
26 Nov 2025 18:06
Copy scan report
Download report
Remove scan result
$
Check ports
API - Scan ID