- Nikto v2.5.0/
+ Target Host: demo.lnr-argentina.com.ar
+ Target Port: 8081
+ GET /: The anti-clickjacking X-Frame-Options header is not present. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options: 
+ GET /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/: 
- Nikto v2.5.0/
+ Target Host: demo.lnr-argentina.com.ar
+ Target Port: 7003
+ GET /: Cookie XSRF-TOKEN created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies: 
+ GET /: Retrieved x-powered-by header: PHP/8.2.24.
+ GET /: The anti-clickjacking X-Frame-Options header is not present. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options: 
+ GET /: Uncommon header 'x-ratelimit-limit' found, with contents: 500.
+ GET /: Uncommon header 'x-ratelimit-remaining' found, with contents: 500.
+ GET /: The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type. See: https://www.netsparker.com/web-vulnerability-scanner/vulnerabilities/missing-content-type-header/: 
+ GET /login/: Drupal Link header found with value: <http://demo.lnr-argentina.com.ar/build/assets/app-fd450321.css>; rel="preload"; as="style", <http://demo.lnr-argentina.com.ar/build/assets/app-14e0704c.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/Login-c7e521bd.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/Checkbox-1d4a17f0.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/GuestLayout-af3fca90.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/InputError-8f35c16c.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/InputLabel-b3a43e02.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/PrimaryButton-bd93988f.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/TextInput-4b60fa95.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/SecondaryButton-f02be6e1.js>; rel="modulepreload", <http://demo.lnr-argentina.com.ar/build/assets/ApplicationLogo-850e2eb5.js>; rel="modulepreload". See: https://www.drupal.org/: 
+ GET /login/: This might be interesting.
+ GET /.htaccess: Contains configuration and/or authorization information.
+ GET /api/soap/?wsdl=1: Retrieved access-control-allow-origin header: *.
