Orlando Sentinel – Orlando Sentinel: Your source for Orlando breaking news, sports, business, entertainment, weather and traffic (orlandosentinel.com) 网站安全检测报告

orlandosentinel.com

检测时间: 2026-05-21 07:30:29

重新检测

高风险

2026-05-21 07:30:29

发现的安全问题

⚠️被列入 1 个黑名单: AlienVault OTX
⚠️AlienVault OTX 有 1 个社区讨论（非直接威胁）
⚠️[HIGH] 敏感路径暴露
⚠️[LOW] 服务器信息泄露
⚠️[MEDIUM] 缺少 HTTP 安全头

修复建议

💡限制对这些路径的访问或添加认证
💡移除或修改 Server/X-Powered-By 响应头
💡添加 DMARC 记录增强邮件安全
💡配置 Web 服务器添加这些安全头
💡申请从黑名单中移除，并修复安全问题

🌐域名信息

目标域名orlandosentinel.com

注册域名orlandosentinel.com

顶级域名.com

🛡️威胁情报 (7 platforms)

BlacklistAlienVault OTX

Malware1

Phishing0

Abuse Score0/100

🐛发现的漏洞 (3)

MEDIUM缺少 HTTP 安全头

缺少以下安全头: X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Strict-Transport-Security, Referrer-Policy, Permissions-Policy

修复建议: 配置 Web 服务器添加这些安全头

LOW服务器信息泄露

响应头泄露服务器信息: Server: nginx

修复建议: 移除或修改 Server/X-Powered-By 响应头

HIGH敏感路径暴露

发现可访问的敏感路径: /.env

修复建议: 限制对这些路径的访问或添加认证

🔌开放端口 (2)

http

443

https

🌐DNS 记录

A: 192.0.66.219

MX: 1 aspmx.l.google.com.

MX: 5 alt1.aspmx.l.google.com.

MX: 5 alt2.aspmx.l.google.com.

NS: ns-1494.awsdns-58.org.

NS: ns-1929.awsdns-49.co.uk.

NS: ns-318.awsdns-39.com.

NS: ns-670.awsdns-19.net.

TXT: "knowbe4-site-verification=90309b4eacebd82470e924deb428c541"

TXT: "MS=ms13717258"

TXT: "tsh0eincv0t3bkcva1c667uro2"

TXT: "google-site-verification=NHvVLYXT5cz9ssD6_U_QnxhKiuCTHJ1wg23BGCXGWP4"

TXT: "eo9csuhr0u8rgto25gncobju8g"

TXT: "nt3srkcdxlmkw3t756p4ls2cmr4mqnpr"

TXT: "facebook-domain-verification=othk5g4e3i65wfkyq7ataew55v5t1x"

TXT: "google-site-verification=ZGFcREiSUnYs2xvCXSIKZwJpP3QB6POA3UlpuwX8OBk"

TXT: "google-site-verification=ChkrZgLMrnIbzEoxM6mrXcjvBb5sDmMNKh-ZWwq_5YM"

TXT: "n447qt1cgnktfmdslldpjqa7m1"

TXT: "tollbit-domain-verification=30bb5dc8538e74f981c692aef9fb95f576c6de344fdca1e716e8ee4a6ee5fc1f"

TXT: "hucq9oebjdhnpo231ru64sqlu4"

TXT: "v=spf1 include:_spf.google.com include:spf.protection.outlook.com include:de._spf.fagms.net include:email.bounceexchange.com include:emsd1.com ip4:198.21.3.53 ip4:159.183.220.8 exists:%{i}.spf.sitel.iphmx.com -all"

TXT: "_globalsign-domain-verification=eRi2ZQZJ99fAou8jrSC06eUJpasrvj8YgWl21vaW5G"

TXT: "8a745dda887740a89d51752008c9c280"

TXT: "7e2evqs0fhns3181r2qr7a85h7"

TXT: "google-site-verification=zD2nVmXE-sPZY57DExbG6w-tXXTUxHPDfLLCX60YEXw"

TXT: "google-site-verification=78ZASkqBu26R5ggV8qhHNpSfdR0ScoweGrePdoBpL0k"

TXT: "k35e145lm6o41ftm0bu41p5gli"

TXT: "bntlt7a869guderdu33t64dms5"

TXT: "google-site-verification=jlfo-VLc9Vs78W0VlXdD5VtYrKYNkWBZefIQFya9rgQ"

TXT: "google-site-verification=wIPKSLJfqAhH2uXcP7yA0v171idjs01g5pHRdkXGP-s"

TXT: "36lq2g4sg448wwfzv308spjlwwvwpl5n"

TXT: "1t01p8l91of55fv98hq62avf7r"

TXT: "globalsign-domain-verification=KaParXxs1OHDy7o8CMbPpHBN-2m_mzwdPqKMMQ66a6"

SOA: ns-1494.awsdns-58.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

📋HTTP 响应头

Content-Security-Policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob: *.vi

Server: nginx

网址安全检测平台