case sensitive header checks cause false negatives

[ghost]

I receive these warnings when running Nikto v2.1.6 against my site which uses HSTS to force everything over TLSv1.2

X-Frame-Options header is not present
X-Content-Type-Options header is not set
X-XSS-Protection header is not defined

source:
program/plugins/nikto_headers.plugin

SPDY is on my site, so all headers are lowercase.

These headers were confirmed to be present:

x-content-type-options:nosniff
x-frame-options:deny
x-xss-protection:1; mode=block

thanks

[sullo]

Can you send some (sanitized) Debug output for that request or a similar
one? It should not mismatch on case as all incoming headers are made
lowercase, and the actual match is:
if (defined $result->{'x-frame-options'}) {

so something else is going on.

You can use -DS to debug output and scrub hostnames/ips from the results.
Can you paste in the headers your site is sending?

Thanks
Sullo

On Thu, Feb 5, 2015 at 2:09 AM, shimmyshack notifications@github.com
wrote:

I receive these warnings when running Nikto v2.1.6 against my site which
uses HSTS to force everything over TLSv1.2

X-Frame-Options header is not present
X-Content-Type-Options header is not set
X-XSS-Protection header is not defined

source:
program/plugins/nikto_headers.plugin

SPDY is on my site, so all headers are lowercase.

These headers were confirmed to be present:

x-content-type-options:nosniff
x-frame-options:deny
x-xss-protection:1; mode=block

thanks

—
Reply to this email directly or view it on GitHub
#214.

http://cirt.net | http://richsec.com/

[ghost]

Yes you're right of course :)
I have no reason to withhold my server hostname, IP address, or encryption
protocols etc.. so the attached files are 1000 lines using head, of Debug
logs.

TLSv1.2 (attachment output-yy400.txt, 1000 lines)

Nikto doesn't operate over TLSv1.2, and following the failed handshake all
subsequent communication is plain text over port 443, producing 400s with
minimal headers.

Nikto correctly reports that the headers in the bug report aren't present.
Line 271 in attached debug output.

TLSv1 (attachment output-yy400tlsv1.txt, 1000 lines)

I don't understand the pair of lines from the tlsv1 attachment 246, 304. It
seems as though the header x-content-type-options: nosniff is present and
correct in line 246, but reported not to be in 304.

If this is my mistake I apologise.

[Seperately I have also seen false positives when trying to detect XSS,
nginx correctly urlencodes <,> etc.. and these are printing urlescaped %3D
etc in my HTML pages, just not as HTML entities < etc.. Nikto reports
XSS is present, but I can't see how.. Perhaps some cunning payload that I
didn't spot Nikto testing for in the logs? <script>alert('s')</script>
fails as do any similar double/single quote, html char combinations]

D:Thu Feb 5 21:27:47 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_parked_strings
D:Thu Feb 5 21:27:47 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_404_strings
D:Thu Feb 5 21:27:47 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_outdated
D:Thu Feb 5 21:27:47 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_variables
D:Thu Feb 5 21:27:47 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_tests

- Nikto v2.1.6

D:Thu Feb 5 21:27:47 2015 WARNING: No init found for nikto_core
D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
'Host' => 'yahvehyireh.com',
'User-Agent' => 'Mozilla/5.00',
'Connection' => 'Keep-Alive',
'whisker' => {
'lowercase_incoming_headers' => 1,
'uri_prefix' => '',
'retry' => 0,
'http_space2' => ' ',
'method' => 'HEAD',
'ssl' => 1,
'ignore_duplicate_headers' => 1,
'force_close' => 0,
'uri_postfix' => '',
'keep-alive' => 1,
'uri' => '/',
'trailing_slurp' => 0,
'protocol' => 'HTTP',
'normalize_incoming_headers' => 1,
'ssl_rsacertfile' => undef,
'include_host_in_uri' => 0,
'ssl_certfile' => undef,
'http_eol' => "\r\n",
'http_space1' => ' ',
'uri_param_sep' => '?',
'force_bodysnatch' => 0,
'ssl_save_info' => 1,
'timeout' => 10,
'max_size' => 0,
'version' => '1.1',
'invalid_protocol_return_value' => 1,
'MAGIC' => 31339,
'require_newline_after_headers' => 0,
'host' => 'yahvehyireh.com',
'port' => 443,
'force_open' => 0
}
};
D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
'whisker' => {
'uri' => '/',
'error' => "sending request: SSL error: ssl_write_all 32490: 1 - SSL_ERROR_SSL(-1,1,error:00000001:lib(0):func(0):reason(1),)\nSSL_write 32490: 1 - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure\n",
'ssl_cipher' => '(NONE)',
'MAGIC' => 31340
}
};
D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
'whisker' => {
'uri_postfix' => '',
'force_close' => 0,
'keep-alive' => 1,
'uri' => '/',
'trailing_slurp' => 0,
'normalize_incoming_headers' => 1,
'ssl_rsacertfile' => undef,
'protocol' => 'HTTP',
'ssl_certfile' => undef,
'http_eol' => "\r\n",
'include_host_in_uri' => 0,
'lowercase_incoming_headers' => 1,
'uri_prefix' => '',
'method' => 'HEAD',
'ssl' => 0,
'ignore_duplicate_headers' => 1,
'http_space2' => ' ',
'retry' => 0,
'invalid_protocol_return_value' => 1,
'MAGIC' => 31339,
'port' => 443,
'force_open' => 0,
'host' => 'yahvehyireh.com',
'require_newline_after_headers' => 0,
'force_bodysnatch' => 0,
'uri_param_sep' => '?',
'http_space1' => ' ',
'timeout' => 10,
'ssl_save_info' => 1,
'max_size' => 0,
'version' => '1.1'
},
'Connection' => 'Keep-Alive',
'User-Agent' => 'Mozilla/5.00',
'Host' => 'yahvehyireh.com'
};
D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
'whisker' => {
'http_space2' => ' ',
'lowercase_incoming_headers' => 1,
'http_data_sent' => 1,
'header_order' => [
'server',
'date',
'content-type',
'content-length',
'connection'
],
'stats_syns' => 1,
'uri_requested' => '/',
'uri' => '/',
'http_eol' => "\r\n",
'protocol' => 'HTTP',
'http_space1' => ' ',
'version' => '1.1',
'code' => 400,
'message' => 'Bad Request',
'stats_reqs' => 1,
'MAGIC' => 31340,
'socket_state' => 0
},
'connection' => 'close',
'content-type' => 'text/html; charset=UTF-8',
'server' => 'nginx',
'content-length' => 264
};
D:Thu Feb 5 21:27:48 2015 - HTTP Server found: yahvehyireh.com:443 nginx
D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
'whisker' => {
'invalid_protocol_return_value' => 1,
'MAGIC' => 31339,
'host' => 'yahvehyireh.com',
'require_newline_after_headers' => 0,
'port' => 443,
'force_open' => 0,
'http_space1' => ' ',
'uri_param_sep' => '?',
'force_bodysnatch' => 0,
'timeout' => 10,
'ssl_save_info' => 1,
'max_size' => 0,
'version' => '1.1',
'force_close' => 0,
'uri_postfix' => '',
'uri' => '/',
'keep-alive' => 1,
'trailing_slurp' => 0,
'protocol' => 'HTTP',
'ssl_rsacertfile' => undef,
'normalize_incoming_headers' => 1,
'ssl_certfile' => undef,
'http_eol' => "\r\n",
'include_host_in_uri' => 0,
'lowercase_incoming_headers' => 1,
'uri_prefix' => '',
'retry' => 0,
'http_space2' => ' ',
'ignore_duplicate_headers' => 1,
'ssl' => 0,
'method' => 'GET'
},
'Connection' => 'Keep-Alive',
'User-Agent' => 'Mozilla/5.00',
'Host' => 'yahvehyireh.com'
};
D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
'content-length' => 264,
'server' => 'nginx',
'content-type' => 'text/html; charset=UTF-8',
'connection' => 'close',
'whisker' => {
'uri' => '/',
'http_eol' => "\r\n",
'protocol' => 'HTTP',
'http_space2' => ' ',
'header_order' => [
'server',
'date',
'content-type',
'content-length',
'connection'
],
'http_data_sent' => 1,
'lowercase_incoming_headers' => 1,
'stats_syns' => 2,
'uri_requested' => '/',
'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

400 Bad Request

\r\nThe plain HTTP request was sent to HTTPS port\r\n

---

nginx\r\n\r\n\r\n",
'stats_reqs' => 2,
'message' => 'Bad Request',
'MAGIC' => 31340,
'socket_state' => 0,
'http_space1' => ' ',
'code' => 400,
'version' => '1.1'
},
'date' => 'Thu, 05 Feb 2015 21:27:48 GMT'
};

• Target IP: 54.72.255.20
• Target Hostname: yahvehyireh.com
• Target Port: 443

+ Start Time: 2015-02-05 21:27:48 (GMT0)

• Server: nginx
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00',
  'whisker' => {
  'keep-alive' => 1,
  'uri' => '/',
  'trailing_slurp' => 0,
  'force_close' => 0,
  'uri_postfix' => '',
  'ssl_certfile' => undef,
  'http_eol' => "\r\n",
  'include_host_in_uri' => 0,
  'protocol' => 'HTTP',
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'http_space2' => ' ',
  'retry' => 0,
  'ssl' => 0,
  'ignore_duplicate_headers' => 1,
  'method' => 'GET',
  'uri_prefix' => '',
  'lowercase_incoming_headers' => 1,
  'invalid_protocol_return_value' => 1,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'port' => 443,
  'force_open' => 0,
  'MAGIC' => 31339,
  'ssl_save_info' => 1,
  'timeout' => 10,
  'http_space1' => ' ',
  'uri_param_sep' => '?',
  'force_bodysnatch' => 0,
  'version' => '1.1',
  'max_size' => 0
  },
  'Connection' => 'Keep-Alive'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'content-type' => 'text/html; charset=UTF-8',
  'connection' => 'close',
  'whisker' => {
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'uri_requested' => '/',
  'stats_syns' => 3,
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'http_space2' => ' ',
  'protocol' => 'HTTP',
  'http_eol' => "\r\n",
  'uri' => '/',
  'version' => '1.1',
  'code' => 400,
  'http_space1' => ' ',
  'MAGIC' => 31340,
  'socket_state' => 0,
  'message' => 'Bad Request',
  'stats_reqs' => 3
  },
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'content-length' => 264,
  'server' => 'nginx'
  };
• The anti-clickjacking X-Frame-Options header is not present.
• The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
• The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'max_size' => 0,
  'version' => '1.1',
  'force_bodysnatch' => 0,
  'http_space1' => ' ',
  'uri_param_sep' => '?',
  'timeout' => 10,
  'ssl_save_info' => 1,
  'MAGIC' => 31339,
  'force_open' => 0,
  'port' => 443,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'invalid_protocol_return_value' => 1,
  'uri_prefix' => '',
  'lowercase_incoming_headers' => 1,
  'ssl' => 0,
  'method' => 'GET',
  'ignore_duplicate_headers' => 1,
  'http_space2' => ' ',
  'retry' => 0,
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'protocol' => 'HTTP',
  'ssl_certfile' => undef,
  'include_host_in_uri' => 0,
  'http_eol' => "\r\n",
  'uri_postfix' => '',
  'force_close' => 0,
  'trailing_slurp' => 0,
  'keep-alive' => 1,
  'uri' => '/YvwEbGlZ.save'
  },
  'User-Agent' => 'Mozilla/5.00',
  'Host' => 'yahvehyireh.com'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'server' => 'nginx',
  'content-length' => 264,
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'whisker' => {
  'message' => 'Bad Request',
  'stats_reqs' => 4,
  'socket_state' => 0,
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'version' => '1.1',
  'code' => 400,
  'uri' => '/YvwEbGlZ.save',
  'protocol' => 'HTTP',
  'http_eol' => "\r\n",
  'lowercase_incoming_headers' => 1,
  'http_data_sent' => 1,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'http_space2' => ' ',
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'uri_requested' => '/YvwEbGlZ.save',
  'stats_syns' => 4
  },
  'content-type' => 'text/html; charset=UTF-8',
  'connection' => 'close'
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00',
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'ssl' => 0,
  'ignore_duplicate_headers' => 1,
  'method' => 'GET',
  'retry' => 0,
  'http_space2' => ' ',
  'uri_prefix' => '',
  'lowercase_incoming_headers' => 1,
  'uri' => '/YvwEbGlZ.MVC',
  'keep-alive' => 1,
  'trailing_slurp' => 0,
  'uri_postfix' => '',
  'force_close' => 0,
  'ssl_certfile' => undef,
  'http_eol' => "\r\n",
  'include_host_in_uri' => 0,
  'normalize_incoming_headers' => 1,
  'ssl_rsacertfile' => undef,
  'protocol' => 'HTTP',
  'ssl_save_info' => 1,
  'timeout' => 10,
  'force_bodysnatch' => 0,
  'uri_param_sep' => '?',
  'http_space1' => ' ',
  'version' => '1.1',
  'max_size' => 0,
  'invalid_protocol_return_value' => 1,
  'force_open' => 0,
  'port' => 443,
  'require_newline_after_headers' => 0,
  'host' => 'yahvehyireh.com',
  'MAGIC' => 31339
  }
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'whisker' => {
  'code' => 400,
  'version' => '1.1',
  'http_space1' => ' ',
  'socket_state' => 0,
  'MAGIC' => 31340,
  'message' => 'Bad Request',
  'stats_reqs' => 5,
  'uri_requested' => '/YvwEbGlZ.MVC',
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'stats_syns' => 5,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'http_space2' => ' ',
  'protocol' => 'HTTP',
  'http_eol' => "\r\n",
  'uri' => '/YvwEbGlZ.MVC'
  },
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'server' => 'nginx',
  'content-length' => 264
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00',
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'require_newline_after_headers' => 0,
  'host' => 'yahvehyireh.com',
  'force_open' => 0,
  'port' => 443,
  'MAGIC' => 31339,
  'invalid_protocol_return_value' => 1,
  'version' => '1.1',
  'max_size' => 0,
  'ssl_save_info' => 1,
  'timeout' => 10,
  'http_space1' => ' ',
  'uri_param_sep' => '?',
  'force_bodysnatch' => 0,
  'http_eol' => "\r\n",
  'ssl_certfile' => undef,
  'include_host_in_uri' => 0,
  'protocol' => 'HTTP',
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'keep-alive' => 1,
  'uri' => '/YvwEbGlZ.cgi',
  'trailing_slurp' => 0,
  'force_close' => 0,
  'uri_postfix' => '',
  'retry' => 0,
  'http_space2' => ' ',
  'ssl' => 0,
  'ignore_duplicate_headers' => 1,
  'method' => 'GET',
  'uri_prefix' => '',
  'lowercase_incoming_headers' => 1
  }
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'whisker' => {
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'http_space2' => ' ',
  'uri_requested' => '/YvwEbGlZ.cgi',
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'stats_syns' => 6,
  'uri' => '/YvwEbGlZ.cgi',
  'protocol' => 'HTTP',
  'http_eol' => "\r\n",
  'http_space1' => ' ',
  'code' => 400,
  'version' => '1.1',
  'stats_reqs' => 6,
  'message' => 'Bad Request',
  'socket_state' => 0,
  'MAGIC' => 31340
  },
  'content-type' => 'text/html; charset=UTF-8',
  'connection' => 'close',
  'server' => 'nginx',
  'content-length' => 264
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'whisker' => {
  'MAGIC' => 31339,
  'force_open' => 0,
  'port' => 443,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'invalid_protocol_return_value' => 1,
  'max_size' => 0,
  'version' => '1.1',
  'force_bodysnatch' => 0,
  'http_space1' => ' ',
  'uri_param_sep' => '?',
  'ssl_save_info' => 1,
  'timeout' => 10,
  'normalize_incoming_headers' => 1,
  'ssl_rsacertfile' => undef,
  'protocol' => 'HTTP',
  'include_host_in_uri' => 0,
  'ssl_certfile' => undef,
  'http_eol' => "\r\n",
  'uri_postfix' => '',
  'force_close' => 0,
  'keep-alive' => 1,
  'trailing_slurp' => 0,
  'uri' => '/YvwEbGlZ.cellsprint',
  'uri_prefix' => '',
  'lowercase_incoming_headers' => 1,
  'ssl' => 0,
  'method' => 'GET',
  'ignore_duplicate_headers' => 1,
  'retry' => 0,
  'http_space2' => ' '
  },
  'Connection' => 'Keep-Alive',
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'content-length' => 264,
  'server' => 'nginx',
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'whisker' => {
  'http_space2' => ' ',
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'stats_syns' => 7,
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'uri_requested' => '/YvwEbGlZ.cellsprint',
  'uri' => '/YvwEbGlZ.cellsprint',
  'http_eol' => "\r\n",
  'protocol' => 'HTTP',
  'http_space1' => ' ',
  'version' => '1.1',
  'code' => 400,
  'stats_reqs' => 7,
  'message' => 'Bad Request',
  'socket_state' => 0,
  'MAGIC' => 31340
  },
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT'
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'ssl_save_info' => 1,
  'timeout' => 10,
  'force_bodysnatch' => 0,
  'uri_param_sep' => '?',
  'http_space1' => ' ',
  'version' => '1.1',
  'max_size' => 0,
  'invalid_protocol_return_value' => 1,
  'port' => 443,
  'force_open' => 0,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'MAGIC' => 31339,
  'ssl' => 0,
  'method' => 'GET',
  'ignore_duplicate_headers' => 1,
  'http_space2' => ' ',
  'retry' => 0,
  'uri_prefix' => '',
  'lowercase_incoming_headers' => 1,
  'keep-alive' => 1,
  'uri' => '/YvwEbGlZ.xml',
  'trailing_slurp' => 0,
  'uri_postfix' => '',
  'force_close' => 0,
  'http_eol' => "\r\n",
  'ssl_certfile' => undef,
  'include_host_in_uri' => 0,
  'normalize_incoming_headers' => 1,
  'ssl_rsacertfile' => undef,
  'protocol' => 'HTTP'
  },
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'whisker' => {
  'code' => 400,
  'version' => '1.1',
  'http_space1' => ' ',
  'MAGIC' => 31340,
  'socket_state' => 0,
  'message' => 'Bad Request',
  'stats_reqs' => 8,
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'uri_requested' => '/YvwEbGlZ.xml',
  'stats_syns' => 8,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'http_space2' => ' ',
  'protocol' => 'HTTP',
  'http_eol' => "\r\n",
  'uri' => '/YvwEbGlZ.xml'
  },
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'server' => 'nginx',
  'content-length' => 264
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'max_size' => 0,
  'version' => '1.1',
  'uri_param_sep' => '?',
  'http_space1' => ' ',
  'force_bodysnatch' => 0,
  'timeout' => 10,
  'ssl_save_info' => 1,
  'MAGIC' => 31339,
  'require_newline_after_headers' => 0,
  'host' => 'yahvehyireh.com',
  'port' => 443,
  'force_open' => 0,
  'invalid_protocol_return_value' => 1,
  'lowercase_incoming_headers' => 1,
  'uri_prefix' => '',
  'retry' => 0,
  'http_space2' => ' ',
  'ssl' => 0,
  'method' => 'GET',
  'ignore_duplicate_headers' => 1,
  'protocol' => 'HTTP',
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'http_eol' => "\r\n",
  'ssl_certfile' => undef,
  'include_host_in_uri' => 0,
  'force_close' => 0,
  'uri_postfix' => '',
  'trailing_slurp' => 0,
  'keep-alive' => 1,
  'uri' => '/YvwEbGlZ.pt'
  },
  'User-Agent' => 'Mozilla/5.00',
  'Host' => 'yahvehyireh.com'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'whisker' => {
  'socket_state' => 0,
  'MAGIC' => 31340,
  'stats_reqs' => 9,
  'message' => 'Bad Request',
  'code' => 400,
  'version' => '1.1',
  'http_space1' => ' ',
  'http_eol' => "\r\n",
  'protocol' => 'HTTP',
  'uri' => '/YvwEbGlZ.pt',
  'stats_syns' => 9,
  'uri_requested' => '/YvwEbGlZ.pt',
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'http_space2' => ' ',
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1
  },
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'content-length' => 264,
  'server' => 'nginx'
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'whisker' => {
  'port' => 443,
  'force_open' => 0,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'MAGIC' => 31339,
  'invalid_protocol_return_value' => 1,
  'version' => '1.1',
  'max_size' => 0,
  'ssl_save_info' => 1,
  'timeout' => 10,
  'force_bodysnatch' => 0,
  'http_space1' => ' ',
  'uri_param_sep' => '?',
  'http_eol' => "\r\n",
  'ssl_certfile' => undef,
  'include_host_in_uri' => 0,
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'protocol' => 'HTTP',
  'keep-alive' => 1,
  'trailing_slurp' => 0,
  'uri' => '/YvwEbGlZ.jsa',
  'uri_postfix' => '',
  'force_close' => 0,
  'method' => 'GET',
  'ssl' => 0,
  'ignore_duplicate_headers' => 1,
  'http_space2' => ' ',
  'retry' => 0,
  'lowercase_incoming_headers' => 1,
  'uri_prefix' => ''
  },
  'Connection' => 'Keep-Alive',
  'User-Agent' => 'Mozilla/5.00',
  'Host' => 'yahvehyireh.com'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'content-length' => 264,
  'server' => 'nginx',
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'whisker' => {
  'uri' => '/YvwEbGlZ.jsa',
  'http_eol' => "\r\n",
  'protocol' => 'HTTP',
  'http_space2' => ' ',
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'stats_syns' => 10,
  'uri_requested' => '/YvwEbGlZ.jsa',
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'stats_reqs' => 10,
  'message' => 'Bad Request',
  'socket_state' => 0,
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'version' => '1.1',
  'code' => 400
  }
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00',
  'whisker' => {
  'invalid_protocol_return_value' => 1,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'force_open' => 0,
  'port' => 443,
  'MAGIC' => 31339,
  'timeout' => 10,
  'ssl_save_info' => 1,
  'http_space1' => ' ',
  'uri_param_sep' => '?',
  'force_bodysnatch' => 0,
  'version' => '1.1',
  'max_size' => 0,
  'uri' => '/YvwEbGlZ.grp',
  'keep-alive' => 1,
  'trailing_slurp' => 0,
  'force_close' => 0,
  'uri_postfix' => '',
  'ssl_certfile' => undef,
  'http_eol' => "\r\n",
  'include_host_in_uri' => 0,
  'protocol' => 'HTTP',
  'normalize_incoming_headers' => 1,
  'ssl_rsacertfile' => undef,
  'retry' => 0,
  'http_space2' => ' ',
  'ssl' => 0,
  'method' => 'GET',
  'ignore_duplicate_headers' => 1,
  'lowercase_incoming_headers' => 1,
  'uri_prefix' => ''
  },
  'Connection' => 'Keep-Alive'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'server' => 'nginx',
  'content-length' => 264,
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'whisker' => {
  'uri' => '/YvwEbGlZ.grp',
  'http_eol' => "\r\n",
  'protocol' => 'HTTP',
  'http_space2' => ' ',
  'http_data_sent' => 1,
  'lowercase_incoming_headers' => 1,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'stats_syns' => 11,
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'uri_requested' => '/YvwEbGlZ.grp',
  'message' => 'Bad Request',
  'stats_reqs' => 11,
  'socket_state' => 0,
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'version' => '1.1',
  'code' => 400
  },
  'content-type' => 'text/html; charset=UTF-8',
  'connection' => 'close'
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'protocol' => 'HTTP',
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'include_host_in_uri' => 0,
  'ssl_certfile' => undef,
  'http_eol' => "\r\n",
  'force_close' => 0,
  'uri_postfix' => '',
  'uri' => '/YvwEbGlZ.access',
  'keep-alive' => 1,
  'trailing_slurp' => 0,
  'lowercase_incoming_headers' => 1,
  'uri_prefix' => '',
  'retry' => 0,
  'http_space2' => ' ',
  'ssl' => 0,
  'ignore_duplicate_headers' => 1,
  'method' => 'GET',
  'MAGIC' => 31339,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'force_open' => 0,
  'port' => 443,
  'invalid_protocol_return_value' => 1,
  'max_size' => 0,
  'version' => '1.1',
  'uri_param_sep' => '?',
  'http_space1' => ' ',
  'force_bodysnatch' => 0,
  'ssl_save_info' => 1,
  'timeout' => 10
  },
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'whisker' => {
  'http_eol' => "\r\n",
  'protocol' => 'HTTP',
  'uri' => '/YvwEbGlZ.access',
  'stats_syns' => 12,
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'uri_requested' => '/YvwEbGlZ.access',
  'http_space2' => ' ',
  'lowercase_incoming_headers' => 1,
  'http_data_sent' => 1,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'socket_state' => 0,
  'MAGIC' => 31340,
  'message' => 'Bad Request',
  'stats_reqs' => 12,
  'version' => '1.1',
  'code' => 400,
  'http_space1' => ' '
  },
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'content-length' => 264,
  'server' => 'nginx'
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'ssl_rsacertfile' => undef,
  'normalize_incoming_headers' => 1,
  'protocol' => 'HTTP',
  'ssl_certfile' => undef,
  'http_eol' => "\r\n",
  'include_host_in_uri' => 0,
  'uri_postfix' => '',
  'force_close' => 0,
  'trailing_slurp' => 0,
  'keep-alive' => 1,
  'uri' => '/YvwEbGlZ.wwwacl',
  'lowercase_incoming_headers' => 1,
  'uri_prefix' => '',
  'method' => 'GET',
  'ssl' => 0,
  'ignore_duplicate_headers' => 1,
  'retry' => 0,
  'http_space2' => ' ',
  'MAGIC' => 31339,
  'force_open' => 0,
  'port' => 443,
  'require_newline_after_headers' => 0,
  'host' => 'yahvehyireh.com',
  'invalid_protocol_return_value' => 1,
  'max_size' => 0,
  'version' => '1.1',
  'force_bodysnatch' => 0,
  'uri_param_sep' => '?',
  'http_space1' => ' ',
  'ssl_save_info' => 1,
  'timeout' => 10
  },
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00'
  };
  D:Thu Feb 5 21:27:48 2015 'Result Hash' = {
  'whisker' => {
  'protocol' => 'HTTP',
  'http_eol' => "\r\n",
  'uri' => '/YvwEbGlZ.wwwacl',
  'uri_requested' => '/YvwEbGlZ.wwwacl',
  'data' => "\r\n<title>400 The plain HTTP request was sent to HTTPS port</title>\r\n<body bgcolor="white">\r\n

  400 Bad Request

  \r\nThe plain HTTP request was sent to HTTPS port\r\n

  ---

  nginx\r\n\r\n\r\n",
  'stats_syns' => 13,
  'header_order' => [
  'server',
  'date',
  'content-type',
  'content-length',
  'connection'
  ],
  'lowercase_incoming_headers' => 1,
  'http_data_sent' => 1,
  'http_space2' => ' ',
  'MAGIC' => 31340,
  'socket_state' => 0,
  'stats_reqs' => 13,
  'message' => 'Bad Request',
  'code' => 400,
  'version' => '1.1',
  'http_space1' => ' '
  },
  'date' => 'Thu, 05 Feb 2015 21:27:48 GMT',
  'connection' => 'close',
  'content-type' => 'text/html; charset=UTF-8',
  'server' => 'nginx',
  'content-length' => 264
  };
  D:Thu Feb 5 21:27:48 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'force_close' => 0,
  'uri_postfix' => '',
  'uri' => '/YvwEbGlZ.pwd',
  'keep-alive' => 1,
  'trailing_slurp' => 0,
  'protocol' => 'HTTP',
  'normalize_incoming_headers' => 1,
  'ssl_rsacertfile' => undef,
  'http_eol' => "\r\n",
  'ssl_certfile' => undef,
  'include_host_in_uri' => 0,
  'lowercase_incoming_headers' => 1,
  'uri_prefix' => '',
  'http_space2' => ' ',
  'retry' => 0,
  'ignore_duplicate_headers' => 1,
  'ssl' => 0,
  'method' => 'GET',
  'invalid_protocol_return_value' => 1,
  'MAGIC' => 31339,
  'host' => 'yahvehyireh.com',
  'require_newline_after_headers' => 0,
  'force_open' => 0,
  'port' => 443,

D:Thu Feb 5 21:45:21 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_parked_strings
D:Thu Feb 5 21:45:21 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_404_strings
D:Thu Feb 5 21:45:21 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_outdated
D:Thu Feb 5 21:45:21 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_variables
D:Thu Feb 5 21:45:21 2015 - Loading DB: /Users/moomoo/Downloads/nikto-master/program/databases/db_tests

- Nikto v2.1.6

D:Thu Feb 5 21:45:21 2015 WARNING: No init found for nikto_core
D:Thu Feb 5 21:45:21 2015 'Request Hash' = {
'User-Agent' => 'Mozilla/5.00',
'Connection' => 'Keep-Alive',
'Host' => 'yahvehyireh.com',
'whisker' => {
'uri_prefix' => '',
'ignore_duplicate_headers' => 1,
'ssl_save_info' => 1,
'retry' => 0,
'max_size' => 0,
'timeout' => 10,
'ssl_rsacertfile' => undef,
'method' => 'HEAD',
'trailing_slurp' => 0,
'http_eol' => "\r\n",
'require_newline_after_headers' => 0,
'http_space1' => ' ',
'MAGIC' => 31339,
'lowercase_incoming_headers' => 1,
'include_host_in_uri' => 0,
'keep-alive' => 1,
'port' => 443,
'uri' => '/',
'force_bodysnatch' => 0,
'version' => '1.1',
'host' => 'yahvehyireh.com',
'ssl' => 1,
'force_close' => 0,
'protocol' => 'HTTP',
'uri_postfix' => '',
'uri_param_sep' => '?',
'ssl_certfile' => undef,
'invalid_protocol_return_value' => 1,
'force_open' => 0,
'normalize_incoming_headers' => 1,
'http_space2' => ' '
}
};
D:Thu Feb 5 21:45:21 2015 'Result Hash' = {
'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
'timing-allow-origin' => '',
'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
'vary' => 'Accept-Encoding',
'date' => 'Thu, 05 Feb 2015 21:45:21 GMT',
'content-type' => 'text/html; charset=UTF-8',
'x-content-type-options' => 'nosniff',
'x-frame-options' => 'deny',
'x-xss-protection' => '1; mode=block',
'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';',
'server' => 'nginx',
'whisker' => {
'lowercase_incoming_headers' => 1,
'code' => 200,
'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
'header_order' => [
'server',
'date',
'content-type',
'connection',
'vary',
'strict-transport-security',
'x-frame-options',
'x-xss-protection',
'x-content-type-options',
'content-security-policy',
'p3p',
'timing-allow-origin'
],
'message' => 'OK',
'uri' => '/',
'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
'version' => '1.1',
'protocol' => 'HTTP',
'http_data_sent' => 1,
'ssl_cert_altnames' => [
2,
'yahvehyireh.com',
2,
'www.yahvehyireh.com'
],
'http_space2' => ' ',
'socket_state' => 0,
'ssl_cipher' => 'DHE-RSA-AES256-SHA',
'uri_requested' => '/',
'stats_reqs' => 1,
'stats_syns' => 1,
'http_eol' => "\r\n",
'http_space1' => ' ',
'MAGIC' => 31340
},
'connection' => 'keep-alive'
};
D:Thu Feb 5 21:45:21 2015 - HTTPS Server found: yahvehyireh.com:443 nginx
D:Thu Feb 5 21:45:22 2015 'Request Hash' = {
'Host' => 'yahvehyireh.com',
'User-Agent' => 'Mozilla/5.00',
'Connection' => 'Keep-Alive',
'whisker' => {
'ignore_duplicate_headers' => 1,
'uri_prefix' => '',
'max_size' => 0,
'timeout' => 10,
'retry' => 0,
'ssl_save_info' => 1,
'http_eol' => "\r\n",
'trailing_slurp' => 0,
'method' => 'GET',
'ssl_rsacertfile' => undef,
'MAGIC' => 31339,
'require_newline_after_headers' => 0,
'http_space1' => ' ',
'port' => 443,
'keep-alive' => 1,
'lowercase_incoming_headers' => 1,
'include_host_in_uri' => 0,
'version' => '1.1',
'host' => 'yahvehyireh.com',
'force_bodysnatch' => 0,
'uri' => '/',
'invalid_protocol_return_value' => 1,
'ssl_certfile' => undef,
'uri_postfix' => '',
'uri_param_sep' => '?',
'protocol' => 'HTTP',
'force_close' => 0,
'ssl' => 1,
'http_space2' => ' ',
'normalize_incoming_headers' => 1,
'force_open' => 0
}
};
D:Thu Feb 5 21:45:22 2015 'Result Hash' = {
'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';',
'server' => 'nginx',
'whisker' => {
'stats_syns' => 2,
'stats_reqs' => 2,
'uri_requested' => '/',
'ssl_cipher' => 'DHE-RSA-AES256-SHA',
'MAGIC' => 31340,
'http_space1' => ' ',
'http_eol' => "\r\n",
'data' => "<!doctype html>\n\n\n\t<meta charset="UTF-8">\n\t<title>Yahveh Yireh - Freely Give</title>\n\t<link rel="stylesheet" type="text/css" href="//yahvehyireh.com/assets/css/styles.css">\n\t<script type="text/javascript" src="//yahvehyireh.com/assets/js/main.js"></script>\n\t<link rel="apple-touch-icon" sizes="57x57" href="//yahvehyireh.com/apple-touch-icon-57x57.png">\n\t<link rel="apple-touch-icon" sizes="114x114" href="//yahvehyireh.com/apple-touch-icon-114x114.png">\n\t<link rel="apple-touch-icon" sizes="72x72" href="//yahvehyireh.com/apple-touch-icon-72x72.png">\n\t<link rel="apple-touch-icon" sizes="144x144" href="//yahvehyireh.com/apple-touch-icon-144x144.png">\n\t<link rel="apple-touch-icon" sizes="60x60" href="//yahvehyireh.com/apple-touch-icon-60x60.png">\n\t<link rel="apple-touch-icon" sizes="120x120" href="//yahvehyireh.com/apple-touch-icon-120x120.png">\n\t<link rel="apple-touch-icon" sizes="76x76" href="//yahvehyireh.com/apple-touch-icon-76x76.png">\n\t<link rel="apple-touch-icon" sizes="152x152" href="//yahvehyireh.com/apple-touch-icon-152x152.png">\n\t<link rel="apple-touch-icon" sizes="180x180" href="//yahvehyireh.com/apple-touch-icon-180x180.png">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-192x192.png" sizes="192x192">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-160x160.png" sizes="160x160">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-96x96.png" sizes="96x96">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-16x16.png" sizes="16x16">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-32x32.png" sizes="32x32">\n\t<meta name="apple-mobile-web-app-title" content="Yahveh">\n\t<meta name="application-name" content="Yahveh">\n\t<meta name="msapplication-TileColor" content="#2b5797">\n\t<meta name="msapplication-TileImage" content="//yahvehyireh.com/mstile-144x144.png">\n\n\n\t

\n\t\t

\n\t\n",
'version' => '1.1',
'uri' => '/',
'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
'header_order' => [
'server',
'date',
'content-type',
'transfer-encoding',
'connection',
'vary',
'strict-transport-security',
'x-frame-options',
'x-xss-protection',
'x-content-type-options',
'content-security-policy',
'p3p',
'timing-allow-origin'
],
'message' => 'OK',
'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
'lowercase_incoming_headers' => 1,
'code' => 200,
'socket_state' => 0,
'http_space2' => ' ',
'ssl_cert_altnames' => [
2,
'yahvehyireh.com',
2,
'www.yahvehyireh.com'
],
'http_data_sent' => 1,
'protocol' => 'HTTP'
},
'connection' => 'keep-alive',
'x-frame-options' => 'deny',
'x-xss-protection' => '1; mode=block',
'x-content-type-options' => 'nosniff',
'content-type' => 'text/html; charset=UTF-8',
'date' => 'Thu, 05 Feb 2015 21:45:22 GMT',
'transfer-encoding' => 'chunked',
'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
'timing-allow-origin' => '',
'vary' => 'Accept-Encoding'
};

• Target IP: 54.72.255.20
• Target Hostname: yahvehyireh.com

+ Target Port: 443

• SSL Info: Subject: /OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com
  Altnames: yahvehyireh.com, www.yahvehyireh.com
  Ciphers: DHE-RSA-AES256-SHA
  Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA

+ Start Time: 2015-02-05 21:45:21 (GMT0)

• Server: nginx
  D:Thu Feb 5 21:45:22 2015 'Request Hash' = {
  'whisker' => {
  'invalid_protocol_return_value' => 1,
  'ssl_certfile' => undef,
  'uri_postfix' => '',
  'uri_param_sep' => '?',
  'ssl' => 1,
  'force_close' => 0,
  'protocol' => 'HTTP',
  'http_space2' => ' ',
  'normalize_incoming_headers' => 1,
  'force_open' => 0,
  'port' => 443,
  'keep-alive' => 1,
  'lowercase_incoming_headers' => 1,
  'include_host_in_uri' => 0,
  'host' => 'yahvehyireh.com',
  'version' => '1.1',
  'uri' => '/',
  'force_bodysnatch' => 0,
  'http_eol' => "\r\n",
  'trailing_slurp' => 0,
  'method' => 'GET',
  'ssl_rsacertfile' => undef,
  'MAGIC' => 31339,
  'require_newline_after_headers' => 0,
  'http_space1' => ' ',
  'ignore_duplicate_headers' => 1,
  'uri_prefix' => '',
  'timeout' => 10,
  'max_size' => 0,
  'ssl_save_info' => 1,
  'retry' => 0
  },
  'Host' => 'yahvehyireh.com',
  'Connection' => 'Keep-Alive',
  'User-Agent' => 'Mozilla/5.00'
  };
  D:Thu Feb 5 21:45:22 2015 'Result Hash' = {
  'x-frame-options' => 'deny',
  'x-xss-protection' => '1; mode=block',
  'x-content-type-options' => 'nosniff',
  'whisker' => {
  'protocol' => 'HTTP',
  'http_space2' => ' ',
  'socket_state' => 0,
  'http_data_sent' => 1,
  'ssl_cert_altnames' => [
  2,
  'yahvehyireh.com',
  2,
  'www.yahvehyireh.com'
  ],
  'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
  'header_order' => [
  'server',
  'date',
  'content-type',
  'transfer-encoding',
  'connection',
  'vary',
  'strict-transport-security',
  'x-frame-options',
  'x-xss-protection',
  'x-content-type-options',
  'content-security-policy',
  'p3p',
  'timing-allow-origin'
  ],
  'message' => 'OK',
  'lowercase_incoming_headers' => 1,
  'code' => 200,
  'version' => '1.1',
  'uri' => '/',
  'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
  'http_eol' => "\r\n",
  'data' => "<!doctype html>\n\n\n\t<meta charset="UTF-8">\n\t<title>Yahveh Yireh - Freely Give</title>\n\t<link rel="stylesheet" type="text/css" href="//yahvehyireh.com/assets/css/styles.css">\n\t<script type="text/javascript" src="//yahvehyireh.com/assets/js/main.js"></script>\n\t<link rel="apple-touch-icon" sizes="57x57" href="//yahvehyireh.com/apple-touch-icon-57x57.png">\n\t<link rel="apple-touch-icon" sizes="114x114" href="//yahvehyireh.com/apple-touch-icon-114x114.png">\n\t<link rel="apple-touch-icon" sizes="72x72" href="//yahvehyireh.com/apple-touch-icon-72x72.png">\n\t<link rel="apple-touch-icon" sizes="144x144" href="//yahvehyireh.com/apple-touch-icon-144x144.png">\n\t<link rel="apple-touch-icon" sizes="60x60" href="//yahvehyireh.com/apple-touch-icon-60x60.png">\n\t<link rel="apple-touch-icon" sizes="120x120" href="//yahvehyireh.com/apple-touch-icon-120x120.png">\n\t<link rel="apple-touch-icon" sizes="76x76" href="//yahvehyireh.com/apple-touch-icon-76x76.png">\n\t<link rel="apple-touch-icon" sizes="152x152" href="//yahvehyireh.com/apple-touch-icon-152x152.png">\n\t<link rel="apple-touch-icon" sizes="180x180" href="//yahvehyireh.com/apple-touch-icon-180x180.png">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-192x192.png" sizes="192x192">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-160x160.png" sizes="160x160">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-96x96.png" sizes="96x96">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-16x16.png" sizes="16x16">\n\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-32x32.png" sizes="32x32">\n\t<meta name="apple-mobile-web-app-title" content="Yahveh">\n\t<meta name="application-name" content="Yahveh">\n\t<meta name="msapplication-TileColor" content="#2b5797">\n\t<meta name="msapplication-TileImage" content="//yahvehyireh.com/mstile-144x144.png">\n\n\n\t\n\t\t
  \n\t\n",
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'uri_requested' => '/',
  'ssl_cipher' => 'DHE-RSA-AES256-SHA',
  'stats_syns' => 3,
  'stats_reqs' => 3
  },
  'connection' => 'keep-alive',
  'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';',
  'server' => 'nginx',
  'vary' => 'Accept-Encoding',
  'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
  'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
  'timing-allow-origin' => '*',
  'date' => 'Thu, 05 Feb 2015 21:45:22 GMT',
  'content-type' => 'text/html; charset=UTF-8',
  'transfer-encoding' => 'chunked'
  };
• Uncommon header 'timing-allow-origin' found, with contents: *
• The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
  D:Thu Feb 5 21:45:22 2015 'Request Hash' = {
  'whisker' => {
  'force_open' => 0,
  'normalize_incoming_headers' => 1,
  'http_space2' => ' ',
  'ssl_certfile' => undef,
  'invalid_protocol_return_value' => 1,
  'force_close' => 0,
  'protocol' => 'HTTP',
  'ssl' => 1,
  'uri_postfix' => '',
  'uri_param_sep' => '?',
  'version' => '1.1',
  'host' => 'yahvehyireh.com',
  'uri' => '/DJRwsWpJ.phtml',
  'force_bodysnatch' => 0,
  'port' => 443,
  'lowercase_incoming_headers' => 1,
  'include_host_in_uri' => 0,
  'keep-alive' => 1,
  'MAGIC' => 31339,
  'http_space1' => ' ',
  'require_newline_after_headers' => 0,
  'trailing_slurp' => 0,
  'http_eol' => "\r\n",
  'ssl_rsacertfile' => undef,
  'method' => 'GET',
  'ssl_save_info' => 1,
  'retry' => 0,
  'max_size' => 0,
  'timeout' => 10,
  'ignore_duplicate_headers' => 1,
  'uri_prefix' => ''
  },
  'Connection' => 'Keep-Alive',
  'User-Agent' => 'Mozilla/5.00',
  'Host' => 'yahvehyireh.com'
  };
  D:Thu Feb 5 21:45:22 2015 'Result Hash' = {
  'date' => 'Thu, 05 Feb 2015 21:45:22 GMT',
  'content-type' => 'text/html; charset=UTF-8',
  'transfer-encoding' => 'chunked',
  'vary' => 'Accept-Encoding',
  'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
  'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
  'timing-allow-origin' => '',
  'connection' => 'keep-alive',
  'whisker' => {
  'http_space2' => ' ',
  'socket_state' => 0,
  'http_data_sent' => 1,
  'ssl_cert_altnames' => [
  2,
  'yahvehyireh.com',
  2,
  'www.yahvehyireh.com'
  ],
  'protocol' => 'HTTP',
  'version' => '1.1',
  'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
  'uri' => '/DJRwsWpJ.phtml',
  'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
  'message' => 'Not Found',
  'header_order' => [
  'server',
  'date',
  'content-type',
  'transfer-encoding',
  'connection',
  'vary',
  'strict-transport-security',
  'x-frame-options',
  'x-xss-protection',
  'x-content-type-options',
  'content-security-policy',
  'p3p',
  'timing-allow-origin'
  ],
  'code' => 404,
  'lowercase_incoming_headers' => 1,
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'http_eol' => "\r\n",
  'data' => "<!doctype html>\n\n\t\n\t\t<meta charset="UTF-8">\n\t\t<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">\n\t\t<title>Oops! - Not Found</title>\n\t\t<link rel="stylesheet" href="//yahvehyireh.com/assets/css/redirect.css" type="text/css"/>\n\t\t<link rel="apple-touch-icon" sizes="57x57" href="//yahvehyireh.com/apple-touch-icon-57x57.png">\n\t\t<link rel="apple-touch-icon" sizes="114x114" href="//yahvehyireh.com/apple-touch-icon-114x114.png">\n\t\t<link rel="apple-touch-icon" sizes="72x72" href="//yahvehyireh.com/apple-touch-icon-72x72.png">\n\t\t<link rel="apple-touch-icon" sizes="144x144" href="//yahvehyireh.com/apple-touch-icon-144x144.png">\n\t\t<link rel="apple-touch-icon" sizes="60x60" href="//yahvehyireh.com/apple-touch-icon-60x60.png">\n\t\t<link rel="apple-touch-icon" sizes="120x120" href="//yahvehyireh.com/apple-touch-icon-120x120.png">\n\t\t<link rel="apple-touch-icon" sizes="76x76" href="//yahvehyireh.com/apple-touch-icon-76x76.png">\n\t\t<link rel="apple-touch-icon" sizes="152x152" href="//yahvehyireh.com/apple-touch-icon-152x152.png">\n\t\t<link rel="apple-touch-icon" sizes="180x180" href="//yahvehyireh.com/apple-touch-icon-180x180.png">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-192x192.png" sizes="192x192">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-160x160.png" sizes="160x160">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-96x96.png" sizes="96x96">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-16x16.png" sizes="16x16">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-32x32.png" sizes="32x32">\n\t\t<meta name="apple-mobile-web-app-title" content="Yahveh">\n\t\t<meta name="application-name" content="Yahveh">\n\t\t<meta name="msapplication-TileColor" content="#2b5797">\n\t\t<meta name="msapplication-TileImage" content="//yahvehyireh.com/mstile-144x144.png">\n\t\n\t\n\t\t\n\t\t\n\t\t
  \n\t\t\t

  Ooops!!

  \n\t\t\t<p class="warning">We couldn't find that one!

  \n\t\t\t

  \n\t\t\t\t<a id="location" href="//yahvehyireh.com/DJRwsWpJ.phtml">/DJRwsWpJ.phtml\n\t\t\t

  \n\t\t\t

  \xe2\x80\x9cAsk, and it will be given to you. Search, and you will find. Knock, and the door will be opened to you.\xe2\x80\x9d - Matthew 7:7 (NIRV)

  \n\t\t
  \n\t\t\n\t\t\n\t\t<script type="text/javascript" src="//yahvehyireh.com/assets/js/main.js"></script>\n\t\n",
  'stats_syns' => 4,
  'stats_reqs' => 4,
  'uri_requested' => '/DJRwsWpJ.phtml',
  'ssl_cipher' => 'DHE-RSA-AES256-SHA'
  },
  'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';',
  'server' => 'nginx',
  'x-content-type-options' => 'nosniff',
  'x-frame-options' => 'deny',
  'x-xss-protection' => '1; mode=block'
  };
  D:Thu Feb 5 21:45:22 2015 'Request Hash' = {
  'whisker' => {
  'ssl_save_info' => 1,
  'retry' => 0,
  'max_size' => 0,
  'timeout' => 10,
  'uri_prefix' => '',
  'ignore_duplicate_headers' => 1,
  'http_space1' => ' ',
  'require_newline_after_headers' => 0,
  'MAGIC' => 31339,
  'ssl_rsacertfile' => undef,
  'method' => 'GET',
  'trailing_slurp' => 0,
  'http_eol' => "\r\n",
  'uri' => '/DJRwsWpJ.LCDispatcher',
  'force_bodysnatch' => 0,
  'host' => 'yahvehyireh.com',
  'version' => '1.1',
  'lowercase_incoming_headers' => 1,
  'include_host_in_uri' => 0,
  'keep-alive' => 1,
  'port' => 443,
  'force_open' => 0,
  'normalize_incoming_headers' => 1,
  'http_space2' => ' ',
  'protocol' => 'HTTP',
  'force_close' => 0,
  'ssl' => 1,
  'uri_param_sep' => '?',
  'uri_postfix' => '',
  'ssl_certfile' => undef,
  'invalid_protocol_return_value' => 1
  },
  'User-Agent' => 'Mozilla/5.00',
  'Connection' => 'Keep-Alive',
  'Host' => 'yahvehyireh.com'
  };
  D:Thu Feb 5 21:45:22 2015 'Result Hash' = {
  'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
  'timing-allow-origin' => '',
  'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
  'vary' => 'Accept-Encoding',
  'content-type' => 'text/html; charset=UTF-8',
  'date' => 'Thu, 05 Feb 2015 21:45:22 GMT',
  'transfer-encoding' => 'chunked',
  'x-xss-protection' => '1; mode=block',
  'x-frame-options' => 'deny',
  'x-content-type-options' => 'nosniff',
  'server' => 'nginx',
  'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';',
  'whisker' => {
  'stats_syns' => 5,
  'stats_reqs' => 5,
  'uri_requested' => '/DJRwsWpJ.LCDispatcher',
  'ssl_cipher' => 'DHE-RSA-AES256-SHA',
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'http_eol' => "\r\n",
  'data' => "<!doctype html>\n\n\t\n\t\t<meta charset="UTF-8">\n\t\t<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">\n\t\t<title>Oops! - Not Found</title>\n\t\t<link rel="stylesheet" href="//yahvehyireh.com/assets/css/redirect.css" type="text/css"/>\n\t\t<link rel="apple-touch-icon" sizes="57x57" href="//yahvehyireh.com/apple-touch-icon-57x57.png">\n\t\t<link rel="apple-touch-icon" sizes="114x114" href="//yahvehyireh.com/apple-touch-icon-114x114.png">\n\t\t<link rel="apple-touch-icon" sizes="72x72" href="//yahvehyireh.com/apple-touch-icon-72x72.png">\n\t\t<link rel="apple-touch-icon" sizes="144x144" href="//yahvehyireh.com/apple-touch-icon-144x144.png">\n\t\t<link rel="apple-touch-icon" sizes="60x60" href="//yahvehyireh.com/apple-touch-icon-60x60.png">\n\t\t<link rel="apple-touch-icon" sizes="120x120" href="//yahvehyireh.com/apple-touch-icon-120x120.png">\n\t\t<link rel="apple-touch-icon" sizes="76x76" href="//yahvehyireh.com/apple-touch-icon-76x76.png">\n\t\t<link rel="apple-touch-icon" sizes="152x152" href="//yahvehyireh.com/apple-touch-icon-152x152.png">\n\t\t<link rel="apple-touch-icon" sizes="180x180" href="//yahvehyireh.com/apple-touch-icon-180x180.png">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-192x192.png" sizes="192x192">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-160x160.png" sizes="160x160">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-96x96.png" sizes="96x96">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-16x16.png" sizes="16x16">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-32x32.png" sizes="32x32">\n\t\t<meta name="apple-mobile-web-app-title" content="Yahveh">\n\t\t<meta name="application-name" content="Yahveh">\n\t\t<meta name="msapplication-TileColor" content="#2b5797">\n\t\t<meta name="msapplication-TileImage" content="//yahvehyireh.com/mstile-144x144.png">\n\t\n\t\n\t\t\n\t\t\n\t\t
  \n\t\t\t

  Ooops!!

  \n\t\t\t<p class="warning">We couldn't find that one!

  \n\t\t\t

  \n\t\t\t\t<a id="location" href="//yahvehyireh.com/DJRwsWpJ.LCDispatcher">/DJRwsWpJ.LCDispatcher\n\t\t\t

  \n\t\t\t

  \xe2\x80\x9cAsk, and it will be given to you. Search, and you will find. Knock, and the door will be opened to you.\xe2\x80\x9d - Matthew 7:7 (NIRV)

  \n\t\t
  \n\t\t\n\t\t\n\t\t<script type="text/javascript" src="//yahvehyireh.com/assets/js/main.js"></script>\n\t\n",
  'version' => '1.1',
  'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
  'uri' => '/DJRwsWpJ.LCDispatcher',
  'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
  'message' => 'Not Found',
  'header_order' => [
  'server',
  'date',
  'content-type',
  'transfer-encoding',
  'connection',
  'vary',
  'strict-transport-security',
  'x-frame-options',
  'x-xss-protection',
  'x-content-type-options',
  'content-security-policy',
  'p3p',
  'timing-allow-origin'
  ],
  'lowercase_incoming_headers' => 1,
  'code' => 404,
  'http_space2' => ' ',
  'socket_state' => 0,
  'ssl_cert_altnames' => [
  2,
  'yahvehyireh.com',
  2,
  'www.yahvehyireh.com'
  ],
  'http_data_sent' => 1,
  'protocol' => 'HTTP'
  },
  'connection' => 'keep-alive'
  };
  D:Thu Feb 5 21:45:22 2015 'Request Hash' = {
  'Host' => 'yahvehyireh.com',
  'User-Agent' => 'Mozilla/5.00',
  'Connection' => 'Keep-Alive',
  'whisker' => {
  'version' => '1.1',
  'host' => 'yahvehyireh.com',
  'force_bodysnatch' => 0,
  'uri' => '/DJRwsWpJ.htr',
  'port' => 443,
  'keep-alive' => 1,
  'lowercase_incoming_headers' => 1,
  'include_host_in_uri' => 0,
  'normalize_incoming_headers' => 1,
  'http_space2' => ' ',
  'force_open' => 0,
  'invalid_protocol_return_value' => 1,
  'ssl_certfile' => undef,
  'uri_postfix' => '',
  'uri_param_sep' => '?',
  'protocol' => 'HTTP',
  'force_close' => 0,
  'ssl' => 1,
  'timeout' => 10,
  'max_size' => 0,
  'retry' => 0,
  'ssl_save_info' => 1,
  'ignore_duplicate_headers' => 1,
  'uri_prefix' => '',
  'MAGIC' => 31339,
  'http_space1' => ' ',
  'require_newline_after_headers' => 0,
  'http_eol' => "\r\n",
  'trailing_slurp' => 0,
  'method' => 'GET',
  'ssl_rsacertfile' => undef
  }
  };
  D:Thu Feb 5 21:45:22 2015 'Result Hash' = {
  'vary' => 'Accept-Encoding',
  'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
  'timing-allow-origin' => '',
  'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
  'transfer-encoding' => 'chunked',
  'date' => 'Thu, 05 Feb 2015 21:45:22 GMT',
  'content-type' => 'text/html; charset=UTF-8',
  'x-frame-options' => 'deny',
  'x-content-type-options' => 'nosniff',
  'x-xss-protection' => '1; mode=block',
  'connection' => 'keep-alive',
  'whisker' => {
  'uri_requested' => '/DJRwsWpJ.htr',
  'ssl_cipher' => 'DHE-RSA-AES256-SHA',
  'stats_syns' => 6,
  'stats_reqs' => 6,
  'http_eol' => "\r\n",
  'data' => "<!doctype html>\n\n\t\n\t\t<meta charset="UTF-8">\n\t\t<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">\n\t\t<title>Oops! - Not Found</title>\n\t\t<link rel="stylesheet" href="//yahvehyireh.com/assets/css/redirect.css" type="text/css"/>\n\t\t<link rel="apple-touch-icon" sizes="57x57" href="//yahvehyireh.com/apple-touch-icon-57x57.png">\n\t\t<link rel="apple-touch-icon" sizes="114x114" href="//yahvehyireh.com/apple-touch-icon-114x114.png">\n\t\t<link rel="apple-touch-icon" sizes="72x72" href="//yahvehyireh.com/apple-touch-icon-72x72.png">\n\t\t<link rel="apple-touch-icon" sizes="144x144" href="//yahvehyireh.com/apple-touch-icon-144x144.png">\n\t\t<link rel="apple-touch-icon" sizes="60x60" href="//yahvehyireh.com/apple-touch-icon-60x60.png">\n\t\t<link rel="apple-touch-icon" sizes="120x120" href="//yahvehyireh.com/apple-touch-icon-120x120.png">\n\t\t<link rel="apple-touch-icon" sizes="76x76" href="//yahvehyireh.com/apple-touch-icon-76x76.png">\n\t\t<link rel="apple-touch-icon" sizes="152x152" href="//yahvehyireh.com/apple-touch-icon-152x152.png">\n\t\t<link rel="apple-touch-icon" sizes="180x180" href="//yahvehyireh.com/apple-touch-icon-180x180.png">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-192x192.png" sizes="192x192">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-160x160.png" sizes="160x160">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-96x96.png" sizes="96x96">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-16x16.png" sizes="16x16">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-32x32.png" sizes="32x32">\n\t\t<meta name="apple-mobile-web-app-title" content="Yahveh">\n\t\t<meta name="application-name" content="Yahveh">\n\t\t<meta name="msapplication-TileColor" content="#2b5797">\n\t\t<meta name="msapplication-TileImage" content="//yahvehyireh.com/mstile-144x144.png">\n\t\n\t\n\t\t\n\t\t\n\t\t
  \n\t\t\t

  Ooops!!

  \n\t\t\t<p class="warning">We couldn't find that one!

  \n\t\t\t

  \n\t\t\t\t<a id="location" href="//yahvehyireh.com/DJRwsWpJ.htr">/DJRwsWpJ.htr\n\t\t\t

  \n\t\t\t

  \xe2\x80\x9cAsk, and it will be given to you. Search, and you will find. Knock, and the door will be opened to you.\xe2\x80\x9d - Matthew 7:7 (NIRV)

  \n\t\t
  \n\t\t\n\t\t\n\t\t<script type="text/javascript" src="//yahvehyireh.com/assets/js/main.js"></script>\n\t\n",
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'header_order' => [
  'server',
  'date',
  'content-type',
  'transfer-encoding',
  'connection',
  'vary',
  'strict-transport-security',
  'x-frame-options',
  'x-xss-protection',
  'x-content-type-options',
  'content-security-policy',
  'p3p',
  'timing-allow-origin'
  ],
  'message' => 'Not Found',
  'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
  'code' => 404,
  'lowercase_incoming_headers' => 1,
  'version' => '1.1',
  'uri' => '/DJRwsWpJ.htr',
  'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
  'protocol' => 'HTTP',
  'socket_state' => 0,
  'http_space2' => ' ',
  'http_data_sent' => 1,
  'ssl_cert_altnames' => [
  2,
  'yahvehyireh.com',
  2,
  'www.yahvehyireh.com'
  ]
  },
  'server' => 'nginx',
  'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';'
  };
  D:Thu Feb 5 21:45:22 2015 'Request Hash' = {
  'Connection' => 'Keep-Alive',
  'User-Agent' => 'Mozilla/5.00',
  'Host' => 'yahvehyireh.com',
  'whisker' => {
  'retry' => 0,
  'ssl_save_info' => 1,
  'timeout' => 10,
  'max_size' => 0,
  'uri_prefix' => '',
  'ignore_duplicate_headers' => 1,
  'require_newline_after_headers' => 0,
  'http_space1' => ' ',
  'MAGIC' => 31339,
  'ssl_rsacertfile' => undef,
  'method' => 'GET',
  'trailing_slurp' => 0,
  'http_eol' => "\r\n",
  'uri' => '/DJRwsWpJ.c',
  'force_bodysnatch' => 0,
  'host' => 'yahvehyireh.com',
  'version' => '1.1',
  'lowercase_incoming_headers' => 1,
  'include_host_in_uri' => 0,
  'keep-alive' => 1,
  'port' => 443,
  'force_open' => 0,
  'normalize_incoming_headers' => 1,
  'http_space2' => ' ',
  'force_close' => 0,
  'protocol' => 'HTTP',
  'ssl' => 1,
  'uri_postfix' => '',
  'uri_param_sep' => '?',
  'ssl_certfile' => undef,
  'invalid_protocol_return_value' => 1
  }
  };
  D:Thu Feb 5 21:45:22 2015 'Result Hash' = {
  'date' => 'Thu, 05 Feb 2015 21:45:22 GMT',
  'content-type' => 'text/html; charset=UTF-8',
  'transfer-encoding' => 'chunked',
  'p3p' => 'CP=YY has no P3P policy, why? https://yahvehyireh.com/manage/p3p/',
  'strict-transport-security' => 'max-age=16070400; includesubdomains; preload',
  'timing-allow-origin' => '',
  'vary' => 'Accept-Encoding',
  'content-security-policy' => 'default-src 'none'; connect-src 'self'; font-src 'self'; frame-src 'none'; img-src 'self' https://www.google-analytics.com; media-src 'self'; object-src https://yahvehyireh.com/resources/dawn-mag-archive/; script-src 'self' https://www.google-analytics.com; style-src 'self';',
  'server' => 'nginx',
  'connection' => 'keep-alive',
  'whisker' => {
  'http_space2' => ' ',
  'socket_state' => 0,
  'ssl_cert_altnames' => [
  2,
  'yahvehyireh.com',
  2,
  'www.yahvehyireh.com'
  ],
  'http_data_sent' => 1,
  'protocol' => 'HTTP',
  'version' => '1.1',
  'ssl_cert_issuer' => '/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA',
  'uri' => '/DJRwsWpJ.c',
  'ssl_cert_subject' => '/OU=Domain Control Validated/OU=PositiveSSL/CN=yahvehyireh.com',
  'message' => 'Not Found',
  'header_order' => [
  'server',
  'date',
  'content-type',
  'transfer-encoding',
  'connection',
  'vary',
  'strict-transport-security',
  'x-frame-options',
  'x-xss-protection',
  'x-content-type-options',
  'content-security-policy',
  'p3p',
  'timing-allow-origin'
  ],
  'code' => 404,
  'lowercase_incoming_headers' => 1,
  'MAGIC' => 31340,
  'http_space1' => ' ',
  'http_eol' => "\r\n",
  'data' => "<!doctype html>\n\n\t\n\t\t<meta charset="UTF-8">\n\t\t<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">\n\t\t<title>Oops! - Not Found</title>\n\t\t<link rel="stylesheet" href="//yahvehyireh.com/assets/css/redirect.css" type="text/css"/>\n\t\t<link rel="apple-touch-icon" sizes="57x57" href="//yahvehyireh.com/apple-touch-icon-57x57.png">\n\t\t<link rel="apple-touch-icon" sizes="114x114" href="//yahvehyireh.com/apple-touch-icon-114x114.png">\n\t\t<link rel="apple-touch-icon" sizes="72x72" href="//yahvehyireh.com/apple-touch-icon-72x72.png">\n\t\t<link rel="apple-touch-icon" sizes="144x144" href="//yahvehyireh.com/apple-touch-icon-144x144.png">\n\t\t<link rel="apple-touch-icon" sizes="60x60" href="//yahvehyireh.com/apple-touch-icon-60x60.png">\n\t\t<link rel="apple-touch-icon" sizes="120x120" href="//yahvehyireh.com/apple-touch-icon-120x120.png">\n\t\t<link rel="apple-touch-icon" sizes="76x76" href="//yahvehyireh.com/apple-touch-icon-76x76.png">\n\t\t<link rel="apple-touch-icon" sizes="152x152" href="//yahvehyireh.com/apple-touch-icon-152x152.png">\n\t\t<link rel="apple-touch-icon" sizes="180x180" href="//yahvehyireh.com/apple-touch-icon-180x180.png">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-192x192.png" sizes="192x192">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-160x160.png" sizes="160x160">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-96x96.png" sizes="96x96">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-16x16.png" sizes="16x16">\n\t\t<link rel="icon" type="image/png" href="//yahvehyireh.com/favicon-32x32.png" sizes="32x32">\n\t\t<meta name="apple-mobile-w

[mauipete]

Version 2.1.6 - getting a Header missing for "X-Content-Type-Options" even though it's defined.

In nikto_headers.plugin I believe

This line : if (!defined $result->{'X-Content-Type-Options'}) {

should be: if (!defined $result->{'x-content-type-options'}) {

Thanks for your work on this program

[ghost]

Seems this was partly fixed by ab9560c ?

[tautology0]

Yeah; sorry I fixed it whilst I was there. I just needed to fully test it before I close off the call (which I should be doing tomorrow).

[ghost]

No worries, just wanted to make @shimmyshack aware of this possible fix. Maybe should have noted that. :-)

[tautology0]

It appears to work fully with tests against real world servers; so I'm going to close this as fixed. @shimmyshack, if you're still getting the problem with trunk, could you open up the call again and we'll do some more digging. Thanks!

[ghost]

The only header still acting like this is the anti-clickjacking
X-Frame-Options header, which is reported as not present, when in fact it
is present as:

x-frame-options: deny

Everything else seems fine :) thank you for your work!

Using brew install nikto just now, v2.1.5 inspecting a vhost equal to host,
port 443. Server is nginx/SPDY

[tautology0]

[BTW I had to edit your comment as your mobile number was in the email footer]

I'll be honest; I've tried to reproduce the issue, even using the domain above, and am not succeeding. Burp definitely shows that you're using the right headers, but I can't get Nikto to alert on it.

Though now I see that I have to add support for public key pinning too :-)

[ghost]

Thanks for the edit! Oh yeah pkp what fun! It could be that one or two pages (maybe error pages) don't have the header. I'll dump some packets, recheck and report back.