50
高风险
2026-05-21 04:24:40
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[HIGH] 敏感路径暴露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名wearesocial.com
注册域名wearesocial.com
顶级域名.com
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (3)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: Content-Security-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: cloudflare, X-Powered-By: WP Engine
修复建议: 移除或修改 Server/X-Powered-By 响应头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env, /.git/config, /phpmyadmin
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (4)
80
http
443
https
8080
unknown
8443
unknown
🌐DNS 记录
A: 141.193.213.21
A: 141.193.213.20
MX: 10 aspmx.l.google.com.
MX: 20 alt1.aspmx.l.google.com.
MX: 20 alt2.aspmx.l.google.com.
MX: 30 aspmx2.googlemail.com.
MX: 30 aspmx3.googlemail.com.
MX: 30 aspmx4.googlemail.com.
MX: 30 aspmx5.googlemail.com.
NS: ns-1327.awsdns-37.org.
NS: ns-1998.awsdns-57.co.uk.
NS: ns-213.awsdns-26.com.
NS: ns-629.awsdns-14.net.
TXT: "Sendinblue-code:5fd3fb156bb10403c5e4bb175ff0f8cc"
TXT: "ZOOM_verify_SC2dfCV4SKyJT1yHWiO7Mw"
TXT: "anthropic-domain-verification-yxc908=pKAWkD5iW6Di70tkidzbjw4uP"
TXT: "apple-domain-verification=BtjHeREaECw7zxBF"
TXT: "docusign=a9111f8c-4198-4d52-98a8-b30b4febbec5"
TXT: "dropbox-domain-verification=3tu3qm1h2371"
TXT: "extensis-domain-verification=1754c573-a3ef-4de4-aaa3-e858fb7adbe1"
TXT: "google-site-verification=kDjGB6sSfUhtC5R-EqlQ7AoPof2DVdbrJjdWMF7-e4I"
TXT: "v=spf1 include:_spf.google.com include:servers.mcsv.net include:spf.sendinblue.com ~all"
TXT: "workplace-domain-verification: 9fb7fe4d-16c7-4055-9bcf-b2ec02d2dc1f"
SOA: ns-629.awsdns-14.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
📋HTTP 响应头
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;
Referrer-Policy: no-referrer
Permissions-Policy: geolocation=(self "*.googleapis.com")
Server: cloudflare
X-Powered-By: WP Engine