50
高风险
2026-05-21 07:48:52
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[HIGH] 敏感路径暴露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名arts.gov
注册域名arts.gov
顶级域名.gov
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (3)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: Referrer-Policy, Permissions-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: nginx
修复建议: 移除或修改 Server/X-Powered-By 响应头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env, /.git/config
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (2)
80
http
443
https
🌐DNS 记录
A: 3.212.25.176
MX: 0 arts-gov.mail.eo.outlook.com.
NS: sauthns2.qwest.net.
NS: sauthns1.qwest.net.
TXT: "openai-domain-verification=dv-8rVD1S1J7rbrnpsmloYYys6p"
TXT: "s01sn4oe9e1hlmbjhvab1lh6nb"
TXT: "anthropic-domain-verification-m5r2f4=DW3lZujVUTHCQGTEYnMS3WO95"
TXT: "f20eblhhhjv1g18qg6g17g1n1t"
TXT: "docusign=cdcddd9b-32f8-48df-86b8-5ebda78cf583"
TXT: "google-site-verification=VixI3Qk2LAK5-Co8cK8Ff7OV768K6XQnbaNVZUJ0o2w"
TXT: "MS=ms50378164"
TXT: "v=spf1 include:spf.protection.outlook.com include:sendgrid.net include:spf.constantcontact.com ip4:12.14.15.218 ip4:207.159.110.197 ip4:204.144.124.70 ~all"
TXT: "3jfiqicltk91dfluh1a6gao1el"
TXT: "ohn7s49kjf902vt82pv4k0b4u1"
TXT: "adobe-idp-site-verification=07cd01819c145766f659b25e738a15364f0bfe964a0e2aee8dfec1eaea797174"
TXT: "neaartsgov.azurewebsites.net"
SOA: sauthns2.qwest.net. abuse.centurylinkservices.net. 2260507024 900 601 86400 3600
📋HTTP 响应头
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: report-uri /report-csp-violation
Server: nginx