50
高风险
2026-05-21 04:30:32
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[HIGH] 敏感路径暴露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名sat.gob.mx
注册域名sat.gob.mx
顶级域名.gob.mx
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (3)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Strict-Transport-Security, Content-Security-Policy, Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: Apache
修复建议: 移除或修改 Server/X-Powered-By 响应头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env, /.git/config, /admin, /phpmyadmin, /wp-admin
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (2)
80
http
443
https
🌐DNS 记录
A: 3.162.112.61
A: 3.162.112.52
A: 3.162.112.83
A: 3.162.112.21
MX: 5 mx.sat.gob.mx.
MX: 0 mx1.sat.gob.mx.
NS: huitzilopochtli.sat.gob.mx.
NS: tochtli.sat.gob.mx.
NS: xolotl.sat.gob.mx.
NS: ns2.sat.gob.mx.
NS: quetzalcoatl.sat.gob.mx.
NS: tlahuizcalpantecuhtli.sat.gob.mx.
TXT: "MS=37B3EA4A77F1E456D15CD4599E82923FDA315A2A"
TXT: "_globalsign-domain-verification=t82VJNVSYK4T3qtpikzNSNDjddPYxcpw41XyiKtyzE"
TXT: "globalsign-domain-verification=grpLQeT7g5fBHAj72C8BhbZ5gDjX-pEQuCdTI4DvjT"
TXT: "google-site-verification=XdfR63wng0VZx0vjN4YncgBYQyVxUh_DGvRhuTKByTg"
TXT: "google-site-verification=pSiMe96bNRA0lq6Z1dWoMn0ODGFw_t9Ge-xkGc9-PRM"
TXT: "_globalsign-domain-verification=byuNWlenyMghHh1ehWS6MQNQJT5BPGR0j_5X1jGyPP"
TXT: "zF3jT6f18ek4cFP3IroxwbztcVqfb0J9EpmSgzoW6WrPntgMjQgdI+OMRlTjYDdCF9nt+j9atGqXHQ6PPGS+zw=="
TXT: "xpwp1jxcz89tt5sqk5gmgk6psbpvq22z"
TXT: "v=spf1 mx a ip4:200.57.3.0/24 ip4:200.33.84.0/24 ip4:200.33.74.0/24 -all"
TXT: "_globalsign-domain-verification=hCJ4CH4Gyy0j50zqP2eE8AfrHP3iQjxemXu17XFIJv"
SOA: huitzilopochtli.sat.gob.mx. seguridad.sat.gob.mx. 2030100527 300 300 300 300
📋HTTP 响应头
Server: Apache