No Security Risks Detected
This domain appears to be safe and secure
Disclaimer: This assessment is based on automated analysis of publicly available information. Results are for informational purposes only. For critical applications, consult security professionals.
Scan Information
Refresh page after 10 minutes
for updated results
Page Information
Host Information
Technologies
SSL Certificate
Performance Statistics
HTTP Headers
Technology Stack Analysis
HSTS
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.
cdnjs
cdnjs is a free distributed JS library delivery service.
Cloudflare
Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.
HTTP/3
HTTP/3 is the third major version of the Hypertext Transfer Protocol used to exchange information on the World Wide Web.
External Links 14
www.linkedin.com
github
github.com
telegram
t.me
blog
blog.mlgzackfly.tw
ZD-2026-00491 某單位 商品目錄頁面 keyword 參數反射型 XSS 漏洞
zeroday.hitcon.org
ZD-2026-00490 某單位 結帳流程備註(remark)欄位儲存型跨站腳本攻擊(Stored XSS)
zeroday.hitcon.org
ZD-2026-00489 某單位 會員資料維護頁面 nickname /name 欄位儲存型跨站腳本攻擊(Stored XSS)
zeroday.hitcon.org
ZD-2026-00409 某單位 API JWT 簽名密鑰可猜測,可偽造 Token 繞過所有 API 端點認證
zeroday.hitcon.org
ZD-2026-00407 某單位 Kibana 監控平台未經授權公開暴露,洩漏 2.3 億筆數據
zeroday.hitcon.org
ZD-2026-00383 某單位 內部客戶管理 API 未授權存取,免費帳號即可取得 2,405 間診所完整資料(聯絡人、手機、地址、Email、統編),且 VAT 欄位被濫用儲存明文密碼
zeroday.hitcon.org
ZD-2026-00382 某單位 API 未授權存取 — 完整商業數據洩漏(方案定價、客戶合約、購買紀錄)
zeroday.hitcon.org
ZD-2026-00369 某單位 端點無需認證,可取得任意診所的 JWT 並讀取真實病患預約紀錄(姓名、身分證、手機、就診科別)
zeroday.hitcon.org
ZD-2026-00354 某單位 後端 API 無認證存取,洩露約 3,773 位醫師身分證字號、執照號碼,及 20,956 間醫療院所完整資料
zeroday.hitcon.org
ZD-2026-00344 某單位 公開 AI Copilot 端點透過 Prompt Injection 洩露內部公司文件(含銀行帳號)
zeroday.hitcon.org