50
高风险
2026-05-21 04:56:59
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[HIGH] 敏感路径暴露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名insites.com
注册域名insites.com
顶级域名.com
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (3)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, Strict-Transport-Security, Content-Security-Policy, Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: nginx
修复建议: 移除或修改 Server/X-Powered-By 响应头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env, /.git/config, /admin, /phpmyadmin, /wp-admin, /api
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (3)
80
http
443
https
8443
unknown
🌐DNS 记录
A: 35.172.94.1
A: 100.24.208.97
MX: 1 aspmx.l.google.com.
MX: 10 aspmx2.googlemail.com.
MX: 10 aspmx3.googlemail.com.
MX: 5 alt1.aspmx.l.google.com.
MX: 5 alt2.aspmx.l.google.com.
NS: ns-1032.awsdns-01.org.
NS: ns-1980.awsdns-55.co.uk.
NS: ns-248.awsdns-31.com.
NS: ns-745.awsdns-29.net.
TXT: "1password-site-verification=6NG5SCM3QNEG5PHPH42RPYQOJM"
TXT: "ahrefs-site-verification_10c527cb2e6edd80aeb38da1938b146729c4d9492ab01f4ab088556d319fd3f5"
TXT: "detectify-verification=08b58440a807f21a71a0d67d9de79786"
TXT: "google-site-verification=FrB8LNNiNzmDY9KpF8GVWiMXRJXxEq5e781TL0DM6IM"
TXT: "google-site-verification=c8hb3lMOHN7aE_itn86zDk3kFvj_7r7tFuBWouQxjkY"
TXT: "stripe-verification=ecc36216b8889650cd0a1c02e3248c17f14a24e9fb9c186c6b13c4d37f21e581"
TXT: "v=spf1 include:amazonses.com include:mail.insites.com include:mail.zendesk.com include:spf.mtasv.net include:servers.mcsv.net include:_spf.google.com include:26125189.spf01.hubspotemail.net ~all"
SOA: ns-1032.awsdns-01.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
📋HTTP 响应头
Server: nginx