- 掃描 ID:
- a6f5efc4-a409-42a8-a122-514e08e55063已完成
- 已提交的 URL:
- https://www.eset.com/已重新導向
- 報告完成時間:
風險 · 找到 0 個
Copy link可能帶來安全風險的做法
安全標頭 · 找到 7 個
Copy link可增強 Web 應用程式安全性的 HTTP 回應標頭
瞭解更多...| 名稱 | 價值 | 支援 | 資訊 |
|---|---|---|---|
| Strict-Transport-Security | max-age=15724800 | 良性 | 宣佈僅可透過安全連線 (HTTPS) 存取網站。 按一下以瞭解更多... |
| X-Frame-Options | SAMEORIGIN | 良性 | 表明是否應允許瀏覽器在 <frame>、<iframe>、<embed> 或 <object> 中呈現頁面。 按一下以瞭解更多... |
| X-Content-Type-Options | nosniff | 良性 | 表明應遵循在 Content-Type 標頭中公告的 MIME 類型,不得變更。 按一下以瞭解更多... |
| Content-Security-Policy | default-src 'self' https://*.extole.io; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.api.userway.org https://*.clarity.ms https://*.clickagy.com https://*.demdex.net https://*.eset.com https://*.events.ubembed.com https://*.extole.io https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.optimonk.com https://*.tawk.to https://*.tt.omtrdc.net https://*.zoominfo.com https://acsbapp.com https://ads.reddit.com https://adservice.google.com https://analytics.google.com https://analytics.tiktok.com https://analytics.twitter.com https://aorta.clickagy.com https://api.cloudsponge.com https://api.company-target.com https://api.userway.org https://bat.bing.com https://bat.bing.net https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.cookielaw.org https://cdn.linkedin.oribi.io https://cdn.userway.org https://cdn1.esetstatic.com https://collect.cloudsponge.com https://conversions-config.reddit.com https://cookies-data.onetrust.io https://ct.pinterest.com https://ep.smct.co https://eset.tt.omtrdc.net https://fapi.eset.cz https://front.optimonk.com https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://js.zi-scripts.com https://maps.googleapis.com https://mapsresources-pa.googleapis.com https://pixel-config.reddit.com https://privacyportal.onetrust.com https://process.acsbapp.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://scout.salesloft.com https://script.crazyegg.com https://smct.co https://stats.g.doubleclick.net https://t.co https://tag-logger.demandbase.com https://tracker.clickguard.com https://web1.acsbapp.com https://www.facebook.com https://www.g2.com https://www.google-analytics.com https://www.google.by https://www.google.ch https://www.google.co.uk https://www.google.co.uz https://www.google.com https://www.google.com.tj https://www.google.com.tr https://www.google.es https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.pl https://www.google.ru https://www.googletagmanager.com https://www.mczbf.com https://www.redditstatic.com https://www.redditstatic.com wss://*.hotjar.com wss://*.tawk.to; font-src 'self' data: https://*.extole.io https://*.gstatic.com https://acsbapp.com https://api.cloudsponge.com https://cdn-content.optimonk.com https://cdn-custom.optimonk.com https://cdn.acsbapp.com https://cdn.userway.org https://cf.xtlo.net https://embed.tawk.to https://fonts.smct.co https://fonts.smct.io https://origin.xtlo.net https://script.hotjar.com https://www.eset.com; form-action 'self' https://enjoy.eset.com https://int.forms.eset.com https://notify.eset.com https://protects.eset.com https://s1069307879.t.eloqua.com https://secure.eset-la.com https://store.eset.com https://support.eset.com https://webto.salesforce.com https://www.facebook.com; frame-ancestors 'self' https://www.eset.com; frame-src 'self' https://*.fls.doubleclick.net https://4144895.extforms.netsuite.com https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://buy.eset.com https://cdn.userway.org https://cj.dotomi.com https://download.eset.com https://embed.tawk.to https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://protectdemo.eset.com https://protects.eset.com https://s.company-target.com https://sgtm.eset.com https://smct.co https://support.eset.com https://td.doubleclick.net https://tpc.googlesyndication.com https://tr.snapchat.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.brighttalk.com https://www.buzzsprout.com https://www.emjcd.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.paperturn-view.com https://www.riddle.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.extole.io https://*.gstatic.com https://*.krxd.net https://*.tawk.to https://*.yahoo.co.jp https://aa.agkn.com https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.at https://adservice.google.ch https://adservice.google.co.jp https://adservice.google.com https://adservice.google.de https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://aorta.clickagy.com https://api.cloudsponge.com https://assets.capterra.com https://bat.bing.com https://bat.bing.net https://c.bing.com https://c.clarity.ms https://captcha.eset.com https://cdn.acsbapp.com https://cdn.cookielaw.org https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn.userway.org https://cdn1.esetstatic.com https://cf.xtlo.net https://cj.dotomi.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://dsum-sec.casalemedia.com https://editor-upload-cdn.optimonk.com https://events.smct.co https://fapi.eset.cz https://googleads.g.doubleclick.net https://home.eset.com https://i.ytimg.com https://id.rlcdn.com https://idsync.rlcdn.com https://images.g2crowd.com https://insight.adsrvr.org https://maps.googleapis.com https://match.adsrvr.org https://origin.xtlo.net https://pagead2.googlesyndication.com https://pixel-sync.sitescout.com https://pixel.rubiconproject.com https://proeesweufesto01.blob.core.windows.net https://proeeswusfesto01.blob.core.windows.net https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://px.steelhousemedia.com https://q.quora.com https://region1.analytics.google.com https://region1.google-analytics.com https://s786665.t.eloqua.com https://script.hotjar.com https://sgtm.eset.com https://ssitecat.eset.com https://ssl.google-analytics.com https://static.hotjar.com https://stats.g.doubleclick.net https://t.co https://tags.bluekai.com https://tags.w55c.net https://tawk.link https://tribl.io https://trk.crozdesk.com https://us-u.openx.net https://usermatch.krxd.net https://web1.acsbapp.com https://www.emjcd.com https://www.facebook.com https://www.google-analytics.com https://www.google.ad https://www.google.ae https://www.google.al https://www.google.am https://www.google.at https://www.google.az https://www.google.ba https://www.google.be https://www.google.bf https://www.google.bg https://www.google.bi https://www.google.bj https://www.google.bs https://www.google.bt https://www.google.by https://www.google.ca https://www.google.cd https://www.google.cf https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.cn https://www.google.co.ao https://www.google.co.bw https://www.google.co.cr https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.kr https://www.google.co.ls https://www.google.co.ma https://www.google.co.mz https://www.google.co.nz https://www.google.co.th https://www.google.co.tz https://www.google.co.ug https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.vi https://www.google.co.za https://www.google.co.zm https://www.google.co.zw https://www.google.com https://www.google.com.af https://www.google.com.ag https://www.google.com.ar https://www.google.com.au https://www.google.com.bd https://www.google.com.bh https://www.google.com.bn https://www.google.com.bo https://www.google.com.br https://www.google.com.bz https://www.google.com.co https://www.google.com.cu https://www.google.com.cy https://www.google.com.do https://www.google.com.ec https://www.google.com.eg https://www.google.com.et https://www.google.com.fj https://www.google.com.gh https://www.google.com.gi https://www.google.com.gt https://www.google.com.hk https://www.google.com.jm https://www.google.com.kh https://www.google.com.kw https://www.google.com.lb https://www.google.com.ly https://www.google.com.mm https://www.google.com.mt https://www.google.com.mx https://www.google.com.my https://www.google.com.na https://www.google.com.ng https://www.google.com.ni https://www.google.com.np https://www.google.com.om https://www.google.com.pa https://www.google.com.pe https://www.google.com.pg https://www.google.com.ph https://www.google.com.pk https://www.google.com.pr https://www.google.com.py https://www.google.com.qa https://www.google.com.sa https://www.google.com.sb https://www.google.com.sg https://www.google.com.sl https://www.google.com.sv https://www.google.com.tj https://www.google.com.tr https://www.google.com.tw https://www.google.com.ua https://www.google.com.uy https://www.google.com.vc https://www.google.com.vn https://www.google.cv https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dk https://www.google.dm https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ga https://www.google.ge https://www.google.gg https://www.google.gl https://www.google.gm https://www.google.gr https://www.google.gy https://www.google.hn https://www.google.hr https://www.google.ht https://www.google.hu https://www.google.ie https://www.google.im https://www.google.iq https://www.google.is https://www.google.it https://www.google.je https://www.google.jo https://www.google.kg https://www.google.ki https://www.google.kz https://www.google.la https://www.google.li https://www.google.lk https://www.google.lt https://www.google.lu https://www.google.lv https://www.google.md https://www.google.me https://www.google.mg https://www.google.mk https://www.google.ml https://www.google.mn https://www.google.mu https://www.google.mv https://www.google.mw https://www.google.ne https://www.google.nl https://www.google.no https://www.google.nr https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.rs https://www.google.ru https://www.google.rw https://www.google.sc https://www.google.se https://www.google.si https://www.google.sk https://www.google.sm https://www.google.sn https://www.google.so https://www.google.sr https://www.google.td https://www.google.tg https://www.google.tl https://www.google.tm https://www.google.tn https://www.google.tt https://www.google.vg https://www.google.vu https://www.googleadservices.com https://www.googletagmanager.com https://www.hotjar.com https://www.linkedin.com https://www.mczbf.com; manifest-src 'self'; media-src 'self' https://api.userway.org https://api.userway.org https://api.userway.org https://cdn.userway.org https://cdn.userway.org https://embed.tawk.to https://web1.acsbapp.com; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.cookielaw.org https://*.extole.io https://*.js.ubembed.com https://*.mountain.com https://*.optimonk.com https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://*.ubembed.com https://*.xtlo.net https://a.quora.com https://acsbap.com https://acsbapp.com https://analytics.tiktok.com https://api.cloudsponge.com https://assets.esetstatic.com https://bat.bing.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn.userway.org https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://ct.capterra.com https://d.la1-c2-cdg.salesforceliveagent.com https://d3pkntwtp2ukl5.cloudfront.net https://embed.playbuzz.com https://embed.tawk.to https://embed.typeform.com https://fapi.eset.cz https://gleam.io https://googleads.g.doubleclick.net https://img.en25.com https://img06.en25.com https://invitejs.trustpilot.com https://js.gleam.io https://js.smct.co https://js.smct.io https://js.zi-scripts.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://platform.twitter.com https://refer.eset.com https://s786665.t.eloqua.com https://scout-cdn.salesloft.com https://script.hotjar.com https://sgtm.eset.com https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://store.eset.com https://tag.demandbase.com https://tags.clickagy.com https://tpc.googlesyndication.com https://tribl.io https://trk.crozdesk.com https://visitor.technologyadvice.com https://widget.trustpilot.com https://ws.zoominfo.com https://www.brighttalk.com https://www.buzzsprout.com https://www.clarity.ms https://www.emjcd.com https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.at https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.ca https://www.google.cg https://www.google.ch https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.in https://www.google.co.jp https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uk https://www.google.co.uz https://www.google.co.ve https://www.google.co.za https://www.google.co.zw https://www.google.com https://www.google.cz https://www.google.de https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.fr https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.nl https://www.google.pl https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.sk https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.mczbf.com https://www.paperturn-view.com https://www.redditstatic.com https://www.riddle.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://*.extole.io https://*.tawk.to https://api.cloudsponge.com https://cdn-asset.optimonk.com https://cdn-content.optimonk.com https://cdn.jsdelivr.net https://cdn.userway.org https://fonts.googleapis.com https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com https://static.hotjar.com; worker-src 'self'; report-uri https://www-eset-com.api.cspconsole.com/v1/reports; report-to csp-endpoint; | 良性 | 控制允許使用者代理程式為給定頁面載入的資源。 按一下以瞭解更多... |
| Referrer-Policy | no-referrer-when-downgrade | 良性 | 控制要求中應包含多少推薦人資訊。 按一下以瞭解更多... |
| Clear-Site-Data | — | 良性 | 控制用戶端瀏覽器為來源伺服器儲存的資料。 按一下以瞭解更多... |
| X-Permitted-Cross-Domain-Policies | — | 良性 | 控制 Web 用戶端(例如,Adobe Flash Player 或 Adobe Acrobat)是否有權跨網域處理資料。 按一下以瞭解更多... |
| Permissions-Policy | — | 新 | 允許和拒絕在文件或 iframe 中使用瀏覽器功能。 按一下以瞭解更多... |
| Cross-Origin-Embedder-Policy | — | 新 | 設定將跨來源資源嵌入至文件中。 按一下以瞭解更多... |
| Cross-Origin-Opener-Policy | — | 新 | 確保頂層文件不會與跨來源文件共用瀏覽上下文群組。 按一下以瞭解更多... |
| Cross-Origin-Resource-Policy | — | 新 | 要求瀏覽器封鎖對給定資源的 no-cors 跨來源/跨網站要求。 按一下以瞭解更多... |
| X-XSS-Protection | 1; mode=block; report=https://eset.report-uri.com/r/d/xss/enforce | 已棄用 | 已棄用。偵測到反射式 Cross-site scripting (XSS) 攻擊時,阻止載入頁面。 按一下以瞭解更多... |
| Feature-Policy | accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'; ambient-light-sensor 'none'; autoplay 'none'; encrypted-media 'none'; fullscreen 'self' https://www.youtube.com; midi 'none'; picture-in-picture 'none'; speaker 'none'; vr 'none' | 已棄用 | 已棄用。取代為 Permissions-Policy 標頭。 按一下以瞭解更多... |
| Expect-CT | — | 已棄用 | 已棄用。選擇加入報告和/或強制執行憑證透明度要求。 按一下以瞭解更多... |
| Public-Key-Pins | — | 已棄用 | 已棄用。允許 HTTPS 網站抵制攻擊者使用錯誤核發或詐騙性憑證進行假冒。 按一下以瞭解更多... |
安全違規 · 找到 0 個
Copy link違反安全性原則的要求或資源
憑證 · 找到 13 個
Copy linkSSL/TLS 憑證可讓網站加密用戶端與伺服器之間的交易,並提供伺服器身分識別驗證
| 主旨 | 核發日期 | 到期日 |
|---|---|---|
| www.eset.com | 2025年1月13日 00:00:00 | 2026年1月18日 23:59:59 |
| *.esetstatic.com | 2024年9月30日 00:00:00 | 2025年10月3日 23:59:59 |
| api.eset.com | 2024年2月26日 00:00:00 | 2025年2月25日 23:59:59 |
| jsdelivr.net | 2024年7月30日 15:36:05 | 2025年8月31日 15:36:04 |
| *.google-analytics.com | 2024年12月9日 08:36:18 | 2025年3月3日 08:36:17 |
| api.buy.eset.com | 2024年4月3日 00:00:00 | 2025年4月2日 23:59:59 |
| tawk.to | 2024年11月19日 00:49:22 | 2025年2月17日 00:49:21 |
| 1667503734.rsc.cdn77.org | 2024年12月4日 04:53:02 | 2025年3月4日 04:53:01 |
| *.js.ubembed.com | 2024年12月5日 17:34:09 | 2025年3月5日 17:34:08 |
| sgtm.eset.com | 2024年7月23日 00:00:00 | 2025年7月22日 23:59:59 |