25
低风险
2026-05-21 07:33:02
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
🌐域名信息
目标域名bea.gov
注册域名bea.gov
顶级域名.gov
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (2)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: X-Powered-By: PHP/8.3.31
修复建议: 移除或修改 Server/X-Powered-By 响应头
🔌开放端口 (2)
80
http
443
https
🌐DNS 记录
A: 150.171.110.70
AAAA: 2603:1061:14:143::1
MX: 10 mx1.bea.gov.
MX: 20 mx2.bea.gov.
NS: blue.foundationdns.com.
NS: blue.foundationdns.net.
NS: blue.foundationdns.org.
TXT: "Mf1jbZKEdUYEj6KxffMKn4FePdWdG0e6ImWjfxIAcpx7uS9UIhP85uIDaA8kE9O4ZNbk+GyJGzr3uQ6Ece8jDw=="
TXT: "adobe-idp-site-verification=2b3acdf4edeec1546e0aade0d83f7a87efd37d00d73cfa9b8f126045d9180811"
TXT: "v=spf1 ip6:2610:20:3005:1::10 ip6:2610:20:3005:1::11 ip4:192.149.12.0/24 ip4:170.110.225.186 include:spf.dynect.net include:e2ma.net include:spf.protection.outlook.com ~all"
SOA: blue.foundationdns.com. dns.cloudflare.com. 2404778107 10000 2400 604800 1800
📋HTTP 响应头
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: report-uri /report-csp-violation
X-Powered-By: PHP/8.3.31