- Nikto --------------------------------------------------------------------------- + Multiple IPs found: 3.211.157.115, 54.160.93.182, 3.225.92.8, 2600:1f18:631e:2f85:93a9:f7b0:d18:89a7, 2600:1f18:631e:2f83:49ee:beaa:2dfd:ae8f, 2600:1f18:631e:2f84:4f7a:4092:e2e9:c617 + Target IP: 3.211.157.115 + Target Hostname: www.netflix.com + Target Port: 80 + Start Time: 2024-12-03 01:23:38 (GMT-5) --------------------------------------------------------------------------- + Server: No banner retrieved + /: Cookie nfvdid created without the httponly flag. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies + /: Retrieved via header: 1.1 i-05cacad7a8ca83ed0 (us-east-1). + /: Uncommon header 'x-netflix.proxy.execution-time' found, with contents: 1. + /: Uncommon header 'x-originating-url' found, with contents: http://www.netflix.com/. + /: Uncommon header 'x-netflix.nfstatus' found, with contents: 1_21. + Root page / redirects to: https://www.netflix.com/ + No CGI Directories found (use '-C all' to force check all possible dirs) + /clientaccesspolicy.xml contains 16 lines which should be manually viewed for improper domains or wildcards. See: https://www.acunetix.com/vulnerabilities/web/insecure-clientaccesspolicy-xml-file/ + /crossdomain.xml contains 1 line which include the following domains: *.netflix.com . See: http://jeremiahgrossman.blogspot.com/2008/05/crossdomainxml-invites-cross-site.html + /Microsoft-Server-ActiveSync/default.eas: Uncommon header 'x-netflix.retry.server.policy' found, with contents: {"maxRetries":1,"retryAfterSeconds":15}. + /netflix.com.cer: Uncommon header 'x-b3-traceid' found, with contents: 674ea40158f3afab1e62c4c2c00db23c. + /netflix.com.cer: Uncommon header 'x-netflix.request.toplevel.uuid' found, with contents: 5a0c6d3b-6cf3-41f8-8e0a-389cbed1b361-472379442. + /netflix.com.cer: Uncommon header 'x-request-id' found, with contents: cdf53696-d63b-47ef-94a2-be2650ccd659. + /netflix.com.cer: Uncommon header 'x-netflix.execution-time' found, with contents: 0. + /netflix.com.cer: Uncommon header 'x-envoy-decorator-operation' found, with contents: lo_svc. + /netflix.com.cer: Uncommon header 'x-envoy-upstream-service-time' found, with contents: 0. + OPTIONS: Allowed HTTP Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT . + HTTP method ('Allow' Header): 'PUT' method could allow clients to save files on the web server. + HTTP method ('Allow' Header): 'DELETE' may allow clients to remove files on the web server. + Scan terminated: 1 error(s) and 17 item(s) reported on remote host + End Time: 2024-12-03 01:24:39 (GMT-5) (61 seconds) --------------------------------------------------------------------------- + 1 host(s) tested