Scan report for "pocsecurity.icu"

Membership level: Free member
Nikto scan (max 60 sec) (nikto -host pocsecurity.icu -maxtime 60)
- Nikto v2.5.0
---------------------------------------------------------------------------
+ Target IP:          206.189.198.161
+ Target Hostname:    pocsecurity.icu
+ Target Port:        80
+ Start Time:         2024-06-28 12:26:42 (GMT-4)
---------------------------------------------------------------------------
+ Server: Apache/2.4.50
+ /: Link header found with value: ARRAY(0x56436c8f8190). See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Link
+ /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/
+ /index.php?: Uncommon header 'x-redirect-by' found, with contents: WordPress.
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Apache/2.4.50 appears to be outdated (current is at least 2.4.58). Apache 2.2.34 is the EOL for the 2.x branch.
+ /: Web Server returns a valid response with junk HTTP methods which may cause false positives.
+ /wp-content/plugins/akismet/readme.txt: The WordPress Akismet plugin 'Tested up to' version usually matches the WordPress version.
+ /wp-links-opml.php: This WordPress script reveals the installed version.
+ /license.txt: License file found may identify site software.
+ /: A Wordpress installation was found.
+ /wp-login.php?action=register: Cookie wordpress_test_cookie created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /.git/index: Git Index file may contain directory listing information.
+ /.git/HEAD: Git HEAD file found. Full repo details may be present.
+ /wp-content/uploads/: Directory indexing found.
+ /wp-content/uploads/: Wordpress uploads directory is browsable. This may reveal sensitive information.
+ /wp-login.php:X-Frame-Options header is deprecated and has been replaced with the Content-Security-Policy HTTP header with the frame-ancestors directive instead. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
+ /wp-login.php: Wordpress login found.
+ /.git/config: Git config file found. Infos about repo details may be present.
+ 7964 requests: 0 error(s) and 17 item(s) reported on remote host
+ End Time:           2024-06-28 12:27:26 (GMT-4) (44 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
Color Scheme
Target
pocsecurity.icu
Scan method
Nikto scan (max 60 sec)
Run command
nikto -host pocsecurity.icu -maxtime 60
Scan time
44s
Quick report
Order full scan ($79/one time)
Scan date
28 Jun 2024 12:27
Copy scan report
Download report
Remove scan result
$
Some firewalls blocks Nikto. For get true positive results add nikto.online IP addresses (172.96.166.66-172.96.166.70 or CIDR 172.96.166.64/29) to the whitelist
[scan_method]
Visibility:
Scan method: