- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 44.242.60.85, 44.237.234.25, 44.234.232.238, 2600:1f14:62a:de85:d7:e7a1:8f7d:f6f5, 2600:1f14:62a:de84:880a:88cc:a16:5423, 2600:1f14:62a:de83:c61a:d6e:18b0:65f7
+ Target IP:          44.242.60.85
+ Target Hostname:    netflix.com
+ Target Port:        80
+ Start Time:         2025-12-07 16:17:17 (GMT-8)
---------------------------------------------------------------------------
+ Server: No banner retrieved
+ /: Retrieved via header: 1.1 i-0354751b34d8d552a (us-west-2).
+ /: Uncommon header 'x-netflix-cookieandmsl.profileguid.match' found, with contents: NA.
+ /: Uncommon header 'x-netflix-headerandmsl.profileguid.match' found, with contents: NA.
+ /: Uncommon header 'x-netflix.nfstatus' found, with contents: 1_21.
+ /: Uncommon header 'x-netflix.proxy.execution-time' found, with contents: 1.
+ /: Uncommon header 'x-netflix-headerandcookie.profileguid.match' found, with contents: NA.
+ /: Uncommon header 'x-originating-url' found, with contents: http://netflix.com/.
+ /: Cookie nfvdid created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ Root page / redirects to: https://netflix.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /clientaccesspolicy.xml contains 16 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/
+ /crossdomain.xml contains 1 line which include the following domains: *.netflix.com . See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html
+ /dump.tar: Uncommon header 'x-envoy-decorator-operation' found, with contents: lo_svc_http.
+ /dump.tar: Uncommon header 'x-netflix.execution-time' found, with contents: 0.
+ /dump.tar: Uncommon header 'x-netflix.request.toplevel.uuid' found, with contents: a9eb9398-86b1-4a8f-8dc2-bfa6ec8a3df2-212887983.
+ /dump.tar: Uncommon header 'x-b3-traceid' found, with contents: 6936191699936900def925bdf9e0b533.
+ /dump.tar: Uncommon header 'x-envoy-upstream-service-time' found, with contents: 0.
+ /dump.tar: Uncommon header 'x-request-id' found, with contents: 42c735f8-8748-4095-ba22-f2d7c3188c07.
+ OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT .
+ HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
+ HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
+ Scan terminated: 1 error(s) and 19 item(s) reported on remote host
+ End Time:           2025-12-07 16:18:18 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested