52
高风险
2026-05-21 07:43:52
发现的安全问题
- ⚠️[HIGH] 敏感路径暴露
- ⚠️被列入 1 个黑名单: AlienVault OTX
- ⚠️[MEDIUM] 缺少 HTTP 安全头
- ⚠️AlienVault OTX 有 2 个社区讨论(非直接威胁)
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡申请从黑名单中移除,并修复安全问题
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名synchrony.com
注册域名synchrony.com
顶级域名.com
🛡️威胁情报 (7 platforms)
BlacklistAlienVault OTX
Malware2
Phishing0
Abuse Score0/100
🐛发现的漏洞 (2)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-Frame-Options, Content-Security-Policy, Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (2)
80
http
443
https
🌐DNS 记录
A: 23.15.141.48
MX: 10 mxa-001ba401.gslb.pphosted.com.
MX: 10 mxb-001ba401.gslb.pphosted.com.
NS: a3-64.akam.net.
NS: a7-64.akam.net.
NS: a1-181.akam.net.
NS: a18-66.akam.net.
NS: a20-64.akam.net.
NS: a22-67.akam.net.
TXT: "MS=ms64680352"
TXT: "_2vt8il6bwhfka3w5kwi5leyhrg17zsm"
TXT: "_birprm1ig3zshd518thjpx8jzi7t9kd"
TXT: "QuoVadis=96172c92-c07c-42f5-9672-df2e76bf47e3"
TXT: "docusign=2e5aa548-069f-4ebd-b6df-525114a06980"
TXT: "docusign=6dc74e99-cd23-471b-befc-5eea06cd3165"
TXT: "docusign=7c2e2f91-df1b-474e-bd80-da475cc46395"
TXT: "docusign=ac0310ef-30fe-4a73-9cee-15ededa1b2aa"
TXT: "docusign=d81864f2-8763-4632-9eba-588bdd0592d9"
TXT: "docusign=f7b647db-f847-48c1-aa14-cb5e8795cc79"
TXT: "v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all"
TXT: "google-site-verification=-9KgSsEHOf5WcizQxwM7ANaXGQikn7EFL7rQhhcQ5qk"
TXT: "ej5PPjweaOPyx9e2jHKeplueSpdxSgdcOh6PFAsv1mL/VDiKI1kcaYg7NbzEND7D+p7b9wBrzOvJnEDsjXmkMw=="
TXT: "adobe-idp-site-verification=3292996a72217086396074679d263f26f9bc0ad29ea64dce2960ae8e5551db53"
TXT: "postman-domain-verification=d8195f4fc75e320d74a1c9b224edfa72dfc3796a1b23a5c030600c1511644c92"
SOA: a1-181.akam.net. hostmaster.synchrony.com. 2021060334 3600 600 604800 300
📋HTTP 响应头
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload, max-age= 31536000; includeSubdomains; preload
Server: