- Nikto v2.6.0
---------------------------------------------------------------------------
+ Target IP:          18.214.125.52
+ Target Hostname:    smugmug.com
+ Target Port:        80
+ Platform:           Unknown
+ Start Time:         2026-05-18 13:05:13 (GMT-4)
---------------------------------------------------------------------------
+ Server: nginx
+ Multiple IPs found: 18.214.125.52, 3.219.126.241, 34.202.146.137
+ [999100] /: Uncommon header(s) 'smug-cdn' found, with contents: cloudflare (via smugmug.com).
+ [999100] /: Uncommon header(s) 'x-s' found, with contents: 100.10.117:2186518.
+ [999100] /: Uncommon header(s) 'x-ttfb' found, with contents: 0.0084.
+ [999100] /: Uncommon header(s) 'x-ttfb-l' found, with contents: .
+ [999100] /: Uncommon header(s) 'x-env' found, with contents: a=live, b=www, c=ec58e149, d=i-047341acea6a8e1da.
+ [999100] /: Uncommon header(s) 'x-request-id' found, with contents: b3516e5a.
+ No CGI Directories found (use '-C all' to force check all possible dirs). CGI tests skipped.
+ [999962] /: Server banner changed from 'nginx' to 'awselb/2.0'.
+ [013587] /: Suggested security header missing: permissions-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy
+ [013587] /: Suggested security header missing: referrer-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
+ [013587] /: Suggested security header missing: x-content-type-options. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
+ [013587] /: Suggested security header missing: content-security-policy. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
+ [999986] http://127.0.0.1:2301/%20HTTP/1.0: Retrieved x-powered-by header: SmugMug/1.0.
+ [000427] http://127.0.0.1:2301/%20HTTP/1.0: Link header(s) found with value(s): <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-top-37d768d80ac28de84ded6e5d3da0c8a5.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/smugpage/core-config-5efa9cc3ebbd8bf397caafdcb3681938.js>; rel="preload"; as="script"; crossorigin, <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/img/fonts/sofia-pro/v2/stylesheet.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://api.smugmug.com>; rel="preconnect", <https://photos.smugmug.com>; rel="preconnect", <//videos.smugmug.com>; rel="dns-prefetch", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/core-bdb9ed898405d6d87848c3c1afdc155c.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/widget_bundle-20bc74bce7e7338ca255e98030267d05.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/css/0/0/0/smugmug/gallery_bundle-fb2939b3065c75d49948de0ded6732c3.css>; rel="preload"; as="style", <https://cdn.smugmug.com>; rel="preconnect", <https://cdn.smugmug.com/include/js/bundles/nodepage-UVHRWUYK.js>; rel="preload"; as="script"; crossorigin. See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Link
+ [999100] http://127.0.0.1:2301/%20HTTP/1.0: Uncommon header(s) 'x-smugmug-values' found, with contents: 2/5 - Thrill Our Customers.
+ [999100] http://127.0.0.1:2301/%20HTTP/1.0: Uncommon header(s) 'x-smugmug-hiring' found, with contents: How to love what you do: https://jobs.smugmug.com/.
+ Scan terminated: 0 errors and 15 items reported on the remote host
+ End Time:           2026-05-18 13:06:14 (GMT-4) (61 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested