- Nikto v2.5.0 --------------------------------------------------------------------------- + Multiple IPs found: 3.211.157.115, 3.225.92.8, 54.160.93.182, 2600:1f18:631e:2f83:49ee:beaa:2dfd:ae8f, 2600:1f18:631e:2f85:93a9:f7b0:d18:89a7, 2600:1f18:631e:2f84:4f7a:4092:e2e9:c617 + Target IP: 3.211.157.115 + Target Hostname: netflix.com + Target Port: 80 + Start Time: 2024-08-17 11:21:53 (GMT-4) --------------------------------------------------------------------------- + Server: No banner retrieved + /: Cookie nfvdid created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + /: Retrieved via header: 1.1 i-07e4d9521570e22d6 (us-east-1). + /: Uncommon header 'x-netflix.nfstatus' found, with contents: 1_21. + /: Uncommon header 'x-netflix.proxy.execution-time' found, with contents: 2. + /: Uncommon header 'x-originating-url' found, with contents: http://netflix.com/. + Root page / redirects to: https://netflix.com/ + No CGI Directories found (use '-C all' to force check all possible dirs) + /clientaccesspolicy.xml contains 16 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/ + /crossdomain.xml contains 1 line which include the following domains: *.netflix.com . See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html + /backup.tar.gz: Uncommon header 'x-netflix.execution-time' found, with contents: 0. + /backup.tar.gz: Uncommon header 'x-netflix.request.toplevel.uuid' found, with contents: 7bf0efcd-aa4c-4222-8a41-a99a1be7b795-231717022. + OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT . + HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server. + HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server. + Scan terminated: 20 error(s) and 12 item(s) reported on remote host + End Time: 2024-08-17 11:22:22 (GMT-4) (29 seconds) --------------------------------------------------------------------------- + 1 host(s) tested