- Nikto 
---------------------------------------------------------------------------
+ Multiple IPs found: 44.240.158.19, 44.242.13.161, 52.38.7.83, 2600:1f14:62a:de81:b848:82ee:2416:447e, 2600:1f14:62a:de82:822d:a423:9e4c:da8d, 2600:1f14:62a:de80:69a8:7b12:8e5f:855d
+ Target IP:          44.240.158.19
+ Target Hostname:    netflix.com
+ Target Port:        80
+ Start Time:         2025-12-09 08:30:09 (GMT-8)
---------------------------------------------------------------------------
+ Server: No banner retrieved
+ /: Retrieved via header: 1.1 i-04bf43d768f9fae3f (us-west-2).
+ /: Uncommon header 'x-netflix-headerandmsl.profileguid.match' found, with contents: NA.
+ /: Uncommon header 'x-netflix.nfstatus' found, with contents: 1_21.
+ /: Uncommon header 'x-originating-url' found, with contents: http://netflix.com/.
+ /: Uncommon header 'x-netflix.proxy.execution-time' found, with contents: 2.
+ /: Uncommon header 'x-netflix-cookieandmsl.profileguid.match' found, with contents: NA.
+ /: Uncommon header 'x-netflix-headerandcookie.profileguid.match' found, with contents: NA.
+ /: Cookie nfvdid created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies
+ Root page / redirects to: https://netflix.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ /clientaccesspolicy.xml contains 16 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/
+ /crossdomain.xml contains 1 line which include the following domains: *.netflix.com . See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html
+ /44.240.158.19.cer: Uncommon header 'x-netflix.execution-time' found, with contents: 0.
+ /44.240.158.19.cer: Uncommon header 'x-b3-traceid' found, with contents: 69384e9ce23c48490b15069e6d958794.
+ /44.240.158.19.cer: Uncommon header 'x-netflix.request.toplevel.uuid' found, with contents: 995ddf31-e362-4dcc-b15f-3da27b661542-317658103.
+ /44.240.158.19.cer: Uncommon header 'x-envoy-upstream-service-time' found, with contents: 0.
+ /44.240.158.19.cer: Uncommon header 'x-request-id' found, with contents: ac474259-1e19-49b6-b8a1-71d4b44caf0b.
+ /44.240.158.19.cer: Uncommon header 'x-envoy-decorator-operation' found, with contents: lo_svc_http.
+ /EWS/Exchange.asmx: Uncommon header 'x-netflix.retry.server.policy' found, with contents: {"maxRetries":2}.
+ OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT .
+ HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server.
+ HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server.
+ Scan terminated: 1 error(s) and 20 item(s) reported on remote host
+ End Time:           2025-12-09 08:31:10 (GMT-8) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested