25
低风险
2026-05-21 03:28:05
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
🌐域名信息
目标域名creditkarma.com
注册域名creditkarma.com
顶级域名.com
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (2)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-Content-Type-Options, Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: CK-FG-server
修复建议: 移除或修改 Server/X-Powered-By 响应头
🔌开放端口 (2)
80
http
443
http
🌐DNS 记录
A: 104.111.193.103
MX: 10 alt1.aspmx.l.google.com.
MX: 0 mx1.intuit.iphmx.com.
MX: 20 alt3.aspmx.l.google.com.
MX: 5 mx2.intuit.iphmx.com.
MX: 20 alt4.aspmx.l.google.com.
MX: 10 aspmx.l.google.com.
MX: 10 alt2.aspmx.l.google.com.
NS: a9-66.akam.net.
NS: a28-65.akam.net.
NS: a4-66.akam.net.
NS: a16-64.akam.net.
NS: dns2.p03.nsone.net.
NS: a3-67.akam.net.
NS: dns3.p03.nsone.net.
NS: dns4.p03.nsone.net.
NS: a1-204.akam.net.
NS: dns1.p03.nsone.net.
TXT: "google-site-verification=H4ZwLsOG2yErTwo18ZQz49kk-mmHLHcVNX44NyLBBXk"
TXT: "smartsheet-site-validation=rAH8xvhRVZECrIev6e9_0Dk-8RP9rP4A"
TXT: "docker-verification=660715c2-19e8-47b6-a751-9127c586544f"
TXT: "wiz-domain-verification=11c32fae227d6860528fd62357c93aa6f4f60e0a97c583b7ef1c704822e3820b"
TXT: "twilio-domain-verification=0edb4af91a89a5c77c25383d8c8a023a"
TXT: "ZOOM_verify_jQ7M24XNzh4vAOQO7pywcV"
TXT: "wrike-verification=NjI2NjA2ODpiOTU0ZjkyN2NkZWZkMzRhZmU0ZTY3YjE5N2JiYTM1MTJhMTAzZDU1OGE3ZTE4MDM1ZGU2OWQ0MTZmMTNkNTYx"
TXT: "google-site-verification=yoAo3Ad3yVn1QU7z4o6HrsSgtSHuK8i6mUJwbYH0pl8"
TXT: "google-site-verification=gk0xvl6wd8YeXU2cR_cob9L6DsOpL691HR3tNUvtF1o"
TXT: "atlassian-domain-verification=aBtZ/AVcweAU1KvjUAScSboersB1KygFhqwY6bIlab8//AR6w2lqjDbadudE4XiS"
TXT: "apple-domain-verification=feFXLYzOE8yZGwRD"
TXT: "v=spf1 include:creditkarma.com._nspf.vali.email include:%{i}._ip.%{h}._ehlo.%{d}._spf.vali.email ~all"
TXT: "google-site-verification=ffLKN8WxOTuPncdnjSotkF-ORXCumaW75-26iwkBOuQ"
TXT: "lucid-verification=ksh5VEUN8qdc.peb3rwj"
TXT: "159748145-9421585"
TXT: "kkmtv5m74kw401tfvr72x570jlcsjb8d"
TXT: "google-site-verification=VbfCkobAAh24qJkeycGIDj8NsqMKq7SQvMhd2HRdE9o"
TXT: "mgverify=ad34107ab23998dd89bcbd714b3a4a224bf99611ca5c3a7d008de0330ac4cb7a"
TXT: "jamf-site-verification=EoCTajqnhbZg387Xy6GeGw"
TXT: "status-page-domain-verification=ht1zfkbv6gvf"
TXT: "anthropic-domain-verification-2zg1tr=CP4yr0NqRoDnWApz5DEMxNI37"
TXT: "google-site-verification=JvTVZpNwLIMzA83fuhseHAl-_ClLShsZ4BJwp9q11uk"
TXT: "_dmv3nyrwsc7erpdglwnm2eyo880e3or"
TXT: "google-site-verification=kBWF_gpfKwKe2YCTj7B5DuCkig6HZnimG5RQdaFdH6o"
TXT: "zendeskverification=e51d72884acd23d1"
TXT: "google-site-verification=xANRmV0Wnl6e_XWduYPDZQKDAcUXye_pAWIqgaawcNg"
TXT: "cursor-domain-verification-fn748r=3UUtnCNUARw6kkAEywBWIrrdK"
TXT: "openai-domain-verification=dv-6a1xERlHOoQnKRHoZQXNLaJ7"
TXT: "MS=ms29278637"
TXT: "00d5e000000kqf8eak"
TXT: "docusign=8b591c06-6ebb-43ac-b40a-e611c13d2a5c"
TXT: "adobe-idp-site-verification=f3d9e6877f43831d129a0b956b69d5e9e20fd92ebb6003f20af19f93fd6abb95"
TXT: "_7klw53su49nhcws5rf9h4gdamkbmh3l"
TXT: "asv=3ea2ee924c2fbdf2fba299cfd16120dd"
SOA: a1-204.akam.net. hostmaster.creditkarma.com. 2022121679 3600 600 604800 300
📋HTTP 响应头
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: base-uri 'self';connect-src 'self' *.creditkarma.com https://creditkarmacdn-a.akamaihd.net *.nr-data.net https://www.goo
Server: CK-FG-server