Scan report for "ambasadat.net"

Membership level: Free member
Nikto scan (max 60 sec) (nikto -host ambasadat.net -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Multiple IPs found: 162.159.137.54, 162.159.136.54
+ Target IP:          162.159.137.54
+ Target Hostname:    ambasadat.net
+ Target Port:        80
+ Start Time:         2024-05-21 18:49:38 (GMT-4)
---------------------------------------------------------------------------
+ Server: cloudflare
+ /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1".
+ /: IP address found in the 'set-cookie' header. The IP is "1.0.1.1". See: https://portswigger.net/kb/issues/00600300_private-ip-addresses-disclosed
+ /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc
+ Root page / redirects to: https://ambasadat.net/
+ /JVUAf0J7.00RelNotes: Uncommon header 'critical-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA.
+ /JVUAf0J7.00RelNotes: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA.
+ /JVUAf0J7.00RelNotes: Uncommon header 'x-content-options' found, with contents: nosniff.
+ /JVUAf0J7.00RelNotes: Uncommon header 'origin-agent-cluster' found, with contents: ?1.
+ /JVUAf0J7.00RelNotes: Uncommon header 'cf-chl-out' found, with contents: 5DctsTt5WJ3F1m6XkINQL8Woosma8+Skk9+bR7A3gRzHdWTTmaoIush2Q2RzN2TJK5dcb9GwKYe8AdVVTTQ6MKgOXwtMLIlPzQqLCGMs3FnFpChJ5cMqE6bQ4L+SN25jiISJNRiLsPu/fEobc5tDRw==$UFhp4oPcCYwfRPlmt/Cc+A==.
+ /JVUAf0J7.00RelNotes: Uncommon header 'cf-mitigated' found, with contents: challenge.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /modules.php?op=modload&name=FAQ&file=index&myfaq=yes&id_cat=1&categories=%3Cimg%20src=javascript:alert(9456);%3E&parent_id=0: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS).
+ /modules.php?letter=%22%3E%3Cimg%20src=javascript:alert(document.cookie);%3E&op=modload&name=Members_List&file=index: Post Nuke 0.7.2.3-Phoenix is vulnerable to Cross Site Scripting (XSS).
+ /forum_members.asp?find=%22;}alert(9823);function%20x()\{v%20=%22: Web Wiz Forums ver. 7.01 and below is vulnerable to Cross Site Scripting (XSS). See: OSVDB-2946
+ Scan terminated: 0 error(s) and 12 item(s) reported on remote host
+ End Time:           2024-05-21 18:50:39 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Color Scheme
Target
ambasadat.net
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host ambasadat.net -maxtime 60
Scan time
61s
Quick report
Order full scan ($79/one time)
Scan date
21 May 2024 18:50
Copy scan report
Download report
Remove scan result
$
Some firewalls blocks Nikto. For get true positive results add nikto.online IP addresses (172.96.166.66-172.96.166.70 or CIDR 172.96.166.64/29) to the whitelist
[scan_method]
Visibility:
Scan method: