primumterminus.com

The path https://primumterminus.com/.env returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

The path https://primumterminus.com/.git/config returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

No CSP header found. The application is vulnerable to cross-site scripting (XSS) and data injection attacks.

No Strict-Transport-Security header found. Users can be downgraded from HTTPS to HTTP via man-in-the-middle attacks.

The path https://primumterminus.com/backup returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

The path https://primumterminus.com/api/docs returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

The path https://primumterminus.com/swagger.json returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

The path https://primumterminus.com/openapi.json returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

The path https://primumterminus.com/robots.txt returned HTTP 200. This may expose configuration files, secrets, or API documentation to unauthorized users.

No X-Frame-Options header found. The application may be vulnerable to clickjacking attacks.

No Permissions-Policy header found. Browser features like camera, microphone, and geolocation are not explicitly restricted.

The SSL certificate for primumterminus.com expires on 2026-07-06. Plan renewal to avoid disruption.