25
低风险
2026-05-21 07:14:33
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
🌐域名信息
目标域名loading.es
注册域名loading.es
顶级域名.es
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (2)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-XSS-Protection, X-Content-Type-Options, Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: nginx, X-Powered-By: PHP/8.1.34
修复建议: 移除或修改 Server/X-Powered-By 响应头
🔌开放端口 (2)
80
http
443
https
🌐DNS 记录
A: 91.146.96.100
AAAA: 2a01:71c0:1:1:100::1
MX: 10 bob.loading.es.
NS: ns-52-c.gandi.net.
NS: ns-79-b.gandi.net.
NS: ns-110-a.gandi.net.
TXT: "include:servers.mcsv.net ~all"
TXT: "v=spf1 include:_spf.loading.es include:spf.crowdtech.com include:spf.mydomainprovider.com include:servers.mcsv.net ~all"
SOA: ns1.gandi.net. hostmaster.gandi.net. 1779106225 10800 3600 604800 10800
📋HTTP 响应头
X-Frame-Options: sameorigin
Strict-Transport-Security: max-age=63072000
Content-Security-Policy: frame-ancestors 'self' http://tutorialcorreo.xsi.es http://correo.natural.es http://correo.mundored.com http://mundored.
Server: nginx
X-Powered-By: PHP/8.1.34