- Nikto v2.5.0 --------------------------------------------------------------------------- + Multiple IPs found: 54.237.226.164, 3.230.129.93, 52.3.144.142, 2600:1f18:631e:2f83:49ee:beaa:2dfd:ae8f, 2600:1f18:631e:2f85:93a9:f7b0:d18:89a7, 2600:1f18:631e:2f84:4f7a:4092:e2e9:c617 + Target IP: 54.237.226.164 + Target Hostname: netflix.com + Target Port: 80 + Start Time: 2024-07-24 14:57:19 (GMT-4) --------------------------------------------------------------------------- + Server: No banner retrieved + /: Cookie nfvdid created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + /: Retrieved via header: 1.1 i-0b2dad736c379216b (us-east-1). + /: Uncommon header 'x-originating-url' found, with contents: http://netflix.com/. + /: Uncommon header 'x-netflix.proxy.execution-time' found, with contents: 2. + /: Uncommon header 'x-netflix.nfstatus' found, with contents: 1_21. + Root page / redirects to: https://netflix.com/ + No CGI Directories found (use '-C all' to force check all possible dirs) + /clientaccesspolicy.xml contains 16 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/ + /crossdomain.xml contains 1 line which include the following domains: *.netflix.com . See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html + /site.sql: Uncommon header 'x-netflix.execution-time' found, with contents: 0. + /site.sql: Uncommon header 'x-netflix.request.toplevel.uuid' found, with contents: 3ad64e3c-423f-4390-9650-e3a9b8d1a725-8651049. + OPTI+ OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT . + HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server. + HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web se+ Scan+ Scan terminated: 20 error(s) and 12 item(s) reported on remote host + End Time: 2024-07-24 14:57:42 (GMT-4) (23 seconds) --------------------------------------------------------------------------- + 1 host(s) tested