- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 3.230.129.93, 52.3.144.142, 54.237.226.164, 2600:1f18:631e:2f80:77e5:13a7:6533:7584, 2600:1f18:631e:2f84:ceae:e049:1e:6a96, 2600:1f18:631e:2f82:c8cd:27b2:ac:8dbf
+ Target IP:          3.230.129.93
+ Target Hostname:    netflix.com
+ Target Port:        80
+ Start Time:         2024-11-28 02:31:17 (GMT-5)
---------------------------------------------------------------------------
+ Server: No banner retrieved
+ /: Cookie nfvdid created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ /: Retrieved via header: 1.1 i-07952b8f958c4662c (us-east-1).
+ /: Uncommon header 'x-netflix.proxy.execution-time' found, with contents: 2.
+ /: Uncommon header 'x-netflix.nfstatus' found, with contents: 1_21.
+ /: Uncommon header 'x-originating-url' found, with contents: http://netflix.com/.
+ Root page / redirects to: https://netflix.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /clientaccesspolicy.xml contains 16 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/
+ /crossdomain.xml contains 1 line which include the following domains: *.netflix.com . See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html
+ /database.cer: Uncommon header 'x-netflix.request.toplevel.uuid' found, with contents: a4205b0b-b0bd-49db-827d-503ced45f9e6-57054771.
+ /database.cer: Uncommon header 'x-netflix.execution-time' found, with contents: 0.
+ /database.cer: Uncommon header 'x-envoy-decorator-operation' found, with contents: lo_svc.
+ /database.cer: Uncommon header 'x-b3-traceid' found, with contents: 67481c5b1360038f24713293d05409b1.
+ /database.cer: Uncommon header 'x-request-id' found, with contents: 4865e476-5d41-4a04-ad58-ae6710731769.
+ /database.cer: Uncommon header 'x-envoy-upstream-service-time' found, with contents: 0.
+ OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT .
+ HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
+ HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
+ Scan terminated: 20 error(s) and 16 item(s) reported on remote host
+ End Time:           2024-11-28 02:32:02 (GMT-5) (45 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested