20
Low Risk
2026-05-21 05:16:17
Security Issues Found
- ⚠️[MEDIUM] 缺少 HTTP 安全头
Recommendations
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
🌐Domain Info
Targetbillmelater.com
Registeredbillmelater.com
TLD.com
🛡️Threat Intelligence (7 platforms)
BlacklistNot Blacklisted
Malware0
Phishing0
Abuse Score0/100
🐛Vulnerabilities Found (1)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-Frame-Options, Referrer-Policy
Fix: 配置 Web 服务器添加这些安全头
🔌Open Ports (2)
80
http
443
https
🌐DNS Records
A: 208.76.140.143
MX: 10 mx1.paypalcorp.com.
MX: 10 mx2.paypalcorp.com.
NS: pdns100.ultradns.com.
NS: pdns100.ultradns.net.
NS: ns1-pchnet.paypal.com.
NS: ns2-pchnet.paypal.com.
TXT: "MS=ms12915091"
TXT: "google-site-verification:c2yq7-fqaabWnH_q4tpi52ruBznq1C7dAaHV6nUqquI"
TXT: "v=spf1.0/pra include:ppcorp._spf.paypal.com include:rm04.net include:billmelater.messages1.com mx -all"
TXT: "v=spf2.0/pra include:ppcorp._spf.paypal.com include:rm04.net include:billmelater.messages1.com mx -all"
TXT: "v=spf1 include:ppcorp._spf.paypal.com include:rm04.net include:pp._spf.paypal.com include:billmelater.messages1.com mx -all"
SOA: ppdns.paypal.com. hostmaster.paypal.com. 1957 7200 600 1209600 300
📋HTTP Headers
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.c
Permissions-Policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https:/