A Unified Fundraising Platform for Nonprofits | Bloomerang Fundraising (qgiv.com) Security Report | Score 30/100 (Medium Risk)

qgiv.com

Scan Time: 2026-05-21 02:14:02

Re-scan

Medium Risk

2026-05-21 02:14:02

Security Issues Found

⚠️[LOW] 服务器信息泄露
⚠️对外暴露了 1 个高风险服务端口
⚠️[MEDIUM] 缺少 HTTP 安全头

Recommendations

💡添加 DMARC 记录增强邮件安全
💡配置 Web 服务器添加这些安全头
💡移除或修改 Server/X-Powered-By 响应头
💡使用防火墙限制对这些端口的访问

🌐Domain Info

Targetqgiv.com

Registeredqgiv.com

TLD.com

🛡️Threat Intelligence (7 platforms)

BlacklistNot Blacklisted

Malware0

Phishing0

Abuse Score0/100

🐛Vulnerabilities Found (2)

MEDIUM缺少 HTTP 安全头

缺少以下安全头: X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Content-Security-Policy, Referrer-Policy, Permissions-Policy

Fix: 配置 Web 服务器添加这些安全头

LOW服务器信息泄露

响应头泄露服务器信息: Server: nginx

Fix: 移除或修改 Server/X-Powered-By 响应头

🔌Open Ports (3)

ssh

http

443

https

🌐DNS Records

A: 104.236.194.130

MX: 1 aspmx.l.google.com.

MX: 10 alt3.aspmx.l.google.com.

MX: 10 alt4.aspmx.l.google.com.

MX: 5 alt1.aspmx.l.google.com.

MX: 5 alt2.aspmx.l.google.com.

NS: ns-1384.awsdns-45.org.

NS: ns-1562.awsdns-03.co.uk.

NS: ns-184.awsdns-23.com.

NS: ns-581.awsdns-08.net.

TXT: "1password-site-verification=R77WWEIXA5CCLHWZTOAWEC5VFU"

TXT: "ZOOM_verify_I3Zuw5vQsmiQNKxTB92Uby"

TXT: "adobe-idp-site-verification=1946ee13db698f5e3167dc07664404dfe6458b580938a7982d606fb45b92746f"

TXT: "anthropic-domain-verification-vsb461=kzrxwMa57dtcvWqTUgLlOUHUm"

TXT: "atlassian-domain-verification=MjDaKKdF4UaGZJb83nOfatigaOMoRpQvPP2J7nFEFhuqNGFsAggBiA4/2RqPaDK4"

TXT: "docker-verification=363fe0a7-51a4-4142-b220-e24368531795"

TXT: "emf0cj7ev66385cb6t3r88o3lg" "adobe-idp-site-verification=1946ee13db698f5e3167dc07664404dfe6458b580938a7982d606fb45b92746f"

TXT: "facebook-domain-verification=gtcffinxbl7owx6jcgzrr86oek4vcp"

TXT: "google-site-verification=2nItpJvXjwvuFpQObApeyvrbTOsZGljNMaoYqVuWO4Q"

TXT: "knowbe4-site-verification=d0c667c2ffceda8f6241b4a3d32e2b64"

TXT: "slack-domain-verification=lpXHA8odD0Orp1d7I1VRF39wQrhwoayZNDIognF7"

TXT: "v=spf1 include:_s00776982.autospf.email -all"

SOA: ns-581.awsdns-08.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

📋HTTP Headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Server: nginx

Website Security Scanner