nikto - all -h www.cinepolis.com- Nikto v2.1.6------------------------------

1. nikto - all -h www.cinepolis.com
2. - Nikto v2.1.6
3. ---------------------------------------------------------------------------
4. + Target IP: 216.75.50.101
5. + Target Hostname: www.cinepolis.com
6. + Target Port: 80
7. + Start Time: 2015-05-24 00:57:33 (GMT-4)
8. ---------------------------------------------------------------------------
9. + Server: No banner retrieved
10. + Retrieved x-aspnet-version header:
11. + The anti-clickjacking X-Frame-Options header is not present.
12. + Uncommon header 'access-control-allow-origin' found, with contents: *
13. + Uncommon header 'x-permitted-cross-domain-policies' found, with contents: master-only
14. + Cookie Ciudad created without the httponly flag
15. + OSVDB-68127: Server is vulnerable to http://www.microsoft.com/technet/security/bulletin/MS10-070.asp allowing a cryptographic padding oracle.
16. + Server leaks inodes via ETags, header found with file /oQTBmMJ5.chl+, fields: 0xef55782b304d01:0
17. + Uncommon header 'x-cacheable' found, with contents: NO: Images aren't cached
18. + Multiple index files found (note, these may not all be unique): /index.php3, /default.htm, /index.htm, /index.html, /index.asp, /index.shtml, /index.jhtml, /index.cfm, /index.do, /index.pl, /index.php, /index.cgi, /default.asp, /index.aspx, /index.xml
19. + Retrieved x-powered-by header: ASP.NET