50
高风险
2026-05-21 06:05:09
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[HIGH] 敏感路径暴露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名keywordtool.io
注册域名keywordtool.io
顶级域名.io
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (3)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: Content-Security-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: cloudflare
修复建议: 移除或修改 Server/X-Powered-By 响应头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env, /.git/config
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (4)
80
http
443
https
8080
unknown
8443
unknown
🌐DNS 记录
A: 104.20.18.50
A: 172.66.166.248
AAAA: 2606:4700:10::6814:1232
AAAA: 2606:4700:10::ac42:a6f8
MX: 1 aspmx.l.google.com.
MX: 5 alt1.aspmx.l.google.com.
MX: 5 alt2.aspmx.l.google.com.
MX: 10 alt3.aspmx.l.google.com.
MX: 10 alt4.aspmx.l.google.com.
NS: amir.ns.cloudflare.com.
NS: jean.ns.cloudflare.com.
TXT: "cursor-domain-verification-5e6mqk=p0CIXAYcNwI0VPrMcGbwgyE7v"
TXT: "pinterest-site-verification=275824c07c8d1f0b301ee11379107e38"
TXT: "anthropic-domain-verification-0sf9j7=5pweb1bSD6stN69NLljqlDg0J"
TXT: "google-site-verification=FLasc1d9Pu4EkcFFYs9zfYWBxqwJBzbdKRTIwPkPRe8"
TXT: "ahrefs-site-verification_d97f9d95d7ca32308e901dd595a2acd8ebd126e8b1862c02e1a1354be260e838"
TXT: "v=spf1 ip4:198.37.156.46 include:_spf.google.com include:spf.braintreegateway.com include:spf.protection.outlook.com include:customeriomail.com -all"
SOA: amir.ns.cloudflare.com. dns.cloudflare.com. 2404594237 10000 2400 604800 1800
📋HTTP 响应头
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15552000
Referrer-Policy: strict-origin-when-cross-origin
Server: cloudflare