25
低风险
2026-05-21 07:29:54
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
🌐域名信息
目标域名nme.com
注册域名nme.com
顶级域名.com
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (2)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-XSS-Protection, Content-Security-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: nginx/1.28.3
修复建议: 移除或修改 Server/X-Powered-By 响应头
🔌开放端口 (2)
80
http
443
https
🌐DNS 记录
A: 13.226.69.77
A: 13.226.69.19
A: 13.226.69.21
A: 13.226.69.86
MX: 1 aspmx.l.google.com.
MX: 10 aspmx2.googlemail.com.
MX: 10 aspmx3.googlemail.com.
MX: 5 alt1.aspmx.l.google.com.
MX: 5 alt2.aspmx.l.google.com.
NS: ns-1202.awsdns-22.org.
NS: ns-1706.awsdns-21.co.uk.
NS: ns-347.awsdns-43.com.
NS: ns-712.awsdns-25.net.
TXT: "58MnJEoXdyJ+VV9wD9ELZ6tr+0aezw/NannP5F3DdLKPdwNFmLFNejayYH52x769S5SV+7PoS3NHbAcnRXBl7Q=="
TXT: "atlassian-domain-verification=pDFQcG7FV8zwSKfgsdubSvD5GUc4xGL16w39GVfqcgCGuVtR9h3wahqjaUzwO1A3"
TXT: "dailymotion-domain-verification=dmn1pp0z5vjwov39b"
TXT: "facebook-domain-verification=y86blg0pd7x9z1plp7tixlq51wsl3p"
TXT: "google-site-verification=fK5NrcIIrvnswmM3H9p9QzkxrQUmhw_onJLYQ_U09uw"
TXT: "klaviyo-site-verification=WVti9F"
TXT: "v=spf1 include:_spf.google.com include:mandrillapp.com include:spf.gorgias.com ~all"
SOA: ns-1202.awsdns-22.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
📋HTTP 响应头
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.28.3