Scan report for "kupon.gfn.co.az"

Membership level: Free member
Summary

Found

-

Duration

3hour 8min 11sec

Date

2024-07-17

IP

-

Report
Nikto no limit SSL scan (nikto -host kupon.gfn.co.az -ssl)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP:          62.212.239.164
+ Target Hostname:    kupon.gfn.co.az
+ Target Port:        443
---------------------------------------------------------------------------
+ SSL Info:        Subject:  /CN=kupon.gfn.co.az
                   Altnames: coupon.gfn.co.az, cupon.gfn.co.az, kupon.gfn.co.az, shop.gfn.co.az, www.coupon.gfn.co.az, www.cupon.gfn.co.az, www.kupon.gfn.co.az, www.shop.gfn.co.az
                   Ciphers:  TLS_AES_256_GCM_SHA384
                   Issuer:   /C=US/O=Let's Encrypt/CN=R10
+ Start Time:         2024-07-17 04:53:28 (GMT-4)
---------------------------------------------------------------------------
+ Server: Apache/2.4.61 (Ubuntu)
+ /: Cookie OCSESSID created without the secure flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Cookie OCSESSID created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Cookie language created without the secure flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Cookie language created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Cookie currency created without the secure flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Cookie currency created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: The site uses TLS and the Strict-Transport-Security HTTP header is not defined. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /robots.txt: contains 14 entries which should be manually viewed. See: https://developer.mozilla.org/en-US/docs/Glossary/Robots.txt
+ /: The Content-Encoding header is set to "deflate" which may mean that the server is vulnerable to the BREACH attack. See: http://breachattack.com/
+ /: Web Server returns a valid response with junk HTTP methods which may cause false positives.
+ /: DEBUG HTTP verb may show server debugging information. See: https://docs.microsoft.com/en-us/visualstudio/debugger/how-to-enable-debugging-for-aspnet-applications?view=vs-2017
+ /config.php: PHP Config file may contain database IDs and passwords.
+ /wordpress/wp-app.log: Wordpress' wp-app.log may leak application/system details.
+ http://100.100.100.200/latest/meta-data/: The Alibaba Cloud host is configured as a reverse proxy which allows access to the Meta-Data service. This could allow significant access to the host/infrastructure.
+ 8143 requests: 0 error(s) and 15 item(s) reported on remote host
+ End Time:           2024-07-17 08:01:39 (GMT-4) (11291 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested


      *********************************************************************
      Portions of the server's headers (Apache/2.4.61) are not in
      the Nikto 2.5.0 database or are newer than the known string. Would you like
      to submit this information (*no server specific data*) to CIRT.net
      for a Nikto update (or you may email to sullo@cirt.net) (y/n)?
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
kupon.gfn.co.az
Scan method
Nikto no limit SSL scan
Run command
nikto -host kupon.gfn.co.az -ssl
Duration
11291s
Scan date
17 Jul 2024 08:01
API - Scan ID
d938415a07510c4df65ca0f1ffed0623d6d0aa52
Copy scan report
Download report
Remove scan result
$
Check ports
Use Portscanner Tool
Wordpress site
Use Wordpress Scanner