Calorie Tracker & BMR Calculator to Reach Your Goals | MyFitnessPal (myfitnesspal.com) 网站安全检测报告

myfitnesspal.com

检测时间: 2026-05-21 03:14:56

重新检测

高风险

2026-05-21 03:14:56

发现的安全问题

⚠️被列入 1 个黑名单: AlienVault OTX
⚠️[HIGH] 敏感路径暴露
⚠️AlienVault OTX 有 3 个社区讨论（非直接威胁）
⚠️[LOW] 服务器信息泄露
⚠️[MEDIUM] 缺少 HTTP 安全头

修复建议

💡限制对这些路径的访问或添加认证
💡移除或修改 Server/X-Powered-By 响应头
💡添加 DMARC 记录增强邮件安全
💡配置 Web 服务器添加这些安全头
💡申请从黑名单中移除，并修复安全问题

🌐域名信息

目标域名myfitnesspal.com

注册域名myfitnesspal.com

顶级域名.com

🛡️威胁情报 (7 platforms)

BlacklistAlienVault OTX

Malware3

Phishing0

Abuse Score0/100

🐛发现的漏洞 (3)

MEDIUM缺少 HTTP 安全头

缺少以下安全头: X-Frame-Options, Referrer-Policy, Permissions-Policy

修复建议: 配置 Web 服务器添加这些安全头

LOW服务器信息泄露

响应头泄露服务器信息: Server: cloudflare

修复建议: 移除或修改 Server/X-Powered-By 响应头

HIGH敏感路径暴露

发现可访问的敏感路径: /.env, /.git/config

修复建议: 限制对这些路径的访问或添加认证

🔌开放端口 (4)

http

443

https

8080

unknown

8443

unknown

🌐DNS 记录

A: 104.18.34.245

A: 172.64.153.11

AAAA: 2a06:98c1:3109::6812:22f5

AAAA: 2606:4700:4405::ac40:990b

MX: 1 aspmx.l.google.com.

MX: 5 alt1.aspmx.l.google.com.

MX: 10 alt4.aspmx.l.google.com.

MX: 5 alt2.aspmx.l.google.com.

MX: 10 alt3.aspmx.l.google.com.

NS: gannon.ns.cloudflare.com.

NS: elisa.ns.cloudflare.com.

TXT: "0r4UVQn/K1PldOhFrE9MoJLiJXfQLSKU+uLPm4Z1uGfGrxtPLbQ+ymZcnBCVIkemqdAFahKrsLodU2cqFkkbtA=="

TXT: "cursor-domain-verification-f88819=Y8P5LsyqtmltA7MfMr2jwtMiQ"

TXT: "asn-verification=113e130f52ef13092231213dbadd8d30f0143c37b2c2744d24b16bfbc770372a"

TXT: "GUID=9928b8b1-f83f-4518-bf35-ac7504f9b417"

TXT: "loom-site-verification=edd4369291874aacb2b5aae6ea089158"

TXT: "atlassian-domain-verification=vRVlNNYB4Ta6QoLCQtsmdBc6emoab1Jsldy9az8E47tQW4cHajZHsi4rTq4HM0PE"

TXT: "segment-site-verification=xopGmJnxbn2rPzZXsS2fMLslPYUndBeJ"

TXT: "stripe-verification=4fa8f2705ed3ca0496b4d680bdec5d74213c22e6c1428282612504c2c55d7558"

TXT: "have-i-been-pwned-verification=37c31c95ebc27a82104fd378e23c6f3e"

TXT: "7aff834813804a3ea18721b6bce7740d"

TXT: "facebook-domain-verification=ckr53ulsmy1vs2dwppppt6xwhtc5fk"

TXT: "status-page-domain-verification=qh3cfw6syrg3"

TXT: "asv=57fab8da76cd7db6399386b2fbb8266e"

TXT: "1password-site-verification=VOWKAPWYWZCT5HUOWLC2SAZL5E"

TXT: "MS=ms95772151"

TXT: "google-site-verification=gB6gRbVH-PkcwwblYYT_s6peEZ-uOCU4SCN-m6t2-0Q"

TXT: "docusign=70668272-5104-4868-af0d-389211541998"

TXT: "MS=ms15058904"

TXT: "v=spf1 include:mail.zendesk.com include:_spf.google.com include:_spf.qualtrics.com ip4:208.185.229.40/29 -all"

TXT: "logmein-verification-code=25ce4838-7980-4719-b4c5-e76450a6066f"

TXT: "Pv0TLiWeowXZIsAw68NzAb3SgjY"

TXT: "openai-domain-verification=dv-UNBZKzk7GFSRuVEUk4KHWObW"

TXT: "anthropic-domain-verification-1mjwc0=ydAYQut9EZNXEQaKnOtAjzP66"

TXT: "google-site-verification=kHACMEqbYV5qgu3tprf-GnXzWeHvWVHgVncFCiQKlb4"

TXT: "apple-domain-verification=WCdjJmlbmQSDdvD3"

TXT: "ca3-b122d05a919141ba91aba958f04a3a83"

SOA: elisa.ns.cloudflare.com. dns.cloudflare.com. 2404705464 10000 2400 604800 1800

📋HTTP 响应头

X-XSS-Protection: 1; mode=block

X-Content-Type-Options: nosniff

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

Content-Security-Policy: base-uri 'self';object-src 'none';frame-ancestors 'self' *.dev.myfitnesspal.com *.trainerize.com https://api.gymengine.c

Server: cloudflare

网址安全检测平台