Found
Duration
Date
IP
- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 162.159.137.54, 162.159.136.54 + Target IP: 162.159.137.54 + Target Hostname: accenturewelcomegift-glmerchandise.com + Target Port: 80 + Start Time: 2025-01-03 04:07:15 (GMT-5) --------------------------------------------------------------------------- + Server: cloudflare + /: Cookie XSRF-TOKEN created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + /: IP address found in the '__cf_bm' cookie. The IP is "1.0.1.1". + /: An alt-svc header was found which is advertising HTTP/3. The endpoint is: ':443'. Nikto cannot test HTTP/3 over QUIC. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/alt-svc + Root page / redirects to: http://accenturewelcomegift-glmerchandise.com/login + /JZtyLVo1.chl+: Uncommon header 'origin-agent-cluster' found, with contents: ?1. + /JZtyLVo1.chl+: Uncommon header 'critical-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA. + /JZtyLVo1.chl+: Uncommon header 'cf-mitigated' found, with contents: challenge. + /JZtyLVo1.chl+: Uncommon header 'accept-ch' found, with contents: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA. + /JZtyLVo1.chl+: Uncommon header 'cf-chl-out' found, with contents: oDWyZx911rn9LDw20Bpi0vjibtYtTKAdyRrSbk/S5CCDs4gVEvJ7yiqorrNFujelXeVDrGD175LgZfv+OKjLn8fBqwkhx6tGjc5kJHRuVFzTjRG8brVYDk+Zt2w5UbIqaxIdEmnTOAtzRgOjbRC7Jw==$W6EO6stD3aGZw2dpUiaIxg==. + /JZtyLVo1.chl+: Uncommon header 'x-content-options' found, with contents: nosniff. + No CGI Directories found (use '-C all' to force check all possible dirs) + /robots.txt: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/ + Scan terminated: 0 error(s) and 10 item(s) reported on remote host + End Time: 2025-01-03 04:08:16 (GMT-5) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested