50
高风险
2026-05-21 02:12:29
发现的安全问题
- ⚠️[LOW] 服务器信息泄露
- ⚠️[HIGH] 敏感路径暴露
- ⚠️[MEDIUM] 缺少 HTTP 安全头
修复建议
- 💡添加 DMARC 记录增强邮件安全
- 💡配置 Web 服务器添加这些安全头
- 💡移除或修改 Server/X-Powered-By 响应头
- 💡限制对这些路径的访问或添加认证
🌐域名信息
目标域名ausha.co
注册域名ausha.co
顶级域名.co
🛡️威胁情报 (7 platforms)
Blacklist未列入黑名单
Malware0
Phishing0
Abuse Score0/100
🐛发现的漏洞 (3)
MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-Frame-Options, X-XSS-Protection, Strict-Transport-Security, Content-Security-Policy, Referrer-Policy
修复建议: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: cloudflare
修复建议: 移除或修改 Server/X-Powered-By 响应头
HIGH敏感路径暴露
发现可访问的敏感路径: /.env, /.git/config
修复建议: 限制对这些路径的访问或添加认证
🔌开放端口 (4)
80
http
443
https
8080
unknown
8443
unknown
🌐DNS 记录
A: 104.18.4.78
A: 104.18.5.78
AAAA: 2606:4700::6812:44e
AAAA: 2606:4700::6812:54e
MX: 1 aspmx.l.google.com.
MX: 10 aspmx2.googlemail.com.
MX: 10 aspmx3.googlemail.com.
MX: 5 alt1.aspmx.l.google.com.
MX: 5 alt2.aspmx.l.google.com.
NS: miguel.ns.cloudflare.com.
NS: sky.ns.cloudflare.com.
TXT: "241822"
TXT: "Sendinblue-code:304e4881d7ff091092392d43a7faaafb"
TXT: "ca3-5630ab74b2664c7cbf7d262ab6d130ec"
TXT: "ca3-a31a300419004f37ba4fa20a8b148d70"
TXT: "google-site-verification=Ahwp2hX0mcQV8BrBMGWPjIOe725LfTjH0d68HzWmwR8"
TXT: "google-site-verification=TJjP30fySer85MpCXNTDNeW2-GfezS-DUgslfHvvalI"
TXT: "google-site-verification=WKckrYGek-38FVcezzkgCAfEZCRakctXJQeiI8caOtM"
TXT: "v=spf1 include:_spf.google.com include:mailgun.org include:spf.sendinblue.com -all"
SOA: miguel.ns.cloudflare.com. dns.cloudflare.com. 2404543230 10000 2400 604800 1800
📋HTTP 响应头
X-Content-Type-Options: nosniff
Permissions-Policy: ch-viewport-width=(self "https://img.ausha.co")
Server: cloudflare