Scan report for "herstik.com"

  1. Nikto Online
  2. Scan report for "herstik.com"
Membership level: Free member
Summary

Found

17

Duration

23sec

Date

2025-10-08

IP

148.135.106.6

Report
Nikto scan (max 60 sec) (nikto -host herstik.com -maxtime 60)
- Nikto 
---------------------------------------------------------------------------
+ Target IP:          148.135.106.6
+ Target Hostname:    herstik.com
+ Target Port:        80
+ Start Time:         2025-10-08 16:03:42 (GMT-7)
---------------------------------------------------------------------------
+ Server: Apache/2
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /lXnZjcMe.phtml: Retrieved x-powered-by header: PHP/7.3.33.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Apache/2 appears to be outdated (current is at least 2.4.58). Apache 2.2.34 is the EOL for the 2.x branch.
+ OPTIONS: Allowed HTTP Methods: HEAD, GET, POST, OPTIONS .
+ No creds found for realm 'Apache status'
+ /phpMyAdmin/changelog.php: Uncommon header 'x-ob_mode' found, with contents: 1.
+ /phpMyAdmin/changelog.php: Cookie goto created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /phpMyAdmin/changelog.php: Cookie back created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ No creds found for realm 'phpMyAdmin localhost'
+ /phpMyAdmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /phpmyadmin/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /pma/ChangeLog: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts.
+ /squirrelmail/src/read_body.php:X-Frame-Options header is deprecated and has been replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive instead. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /squirrelmail/src/read_body.php: Cookie SQMSESSID created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /squirrelmail/src/read_body.php: SquirrelMail found.
+ /webmail/src/read_body.php: SquirrelMail found.
+ /phpMyAdmin/README: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts. See: https://typo3.org/
+ /phpmyadmin/README: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts. See: https://typo3.org/
+ /pma/README: phpMyAdmin is for managing MySQL databases, and should be protected or limited to authorized hosts. See: https://typo3.org/
+ 8265 requests: 0 error(s) and 17 item(s) reported on remote host
+ End Time:           2025-10-08 16:04:05 (GMT-7) (23 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Trustpilot
Online Nikto scanner - Online Nikto web server scanner | Product Hunt
Detailed report
Target
herstik.com
Target IP
148.135.106.6
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host herstik.com -maxtime 60
Duration
Quick report
Scan date
08 Oct 2025 19:04
Copy scan report
Download report
Remove scan result
$
Check ports
API - Scan ID