怎么看一个网站是否安全

https://beian.miit.gov.cn/

苏 ICP 备 09033604 号-13
同程网络科技股份有限公司

@totoro625 谢谢，学到了

你好，16e-3 兄，通过域名看也许会存在域名过期被抢注的风险，可以通过 HTTPS 证书来看。之前有那种企业证书，带认证的，可以直接看到对应的企业，现在似乎不流行了。

我访问 https://file.40017.cn 获得了这个证书：

$ openssl x509 -in wx.17u.cn.pem -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:72:6a:a0:84:bc:f7:a6:6a:3b:0b:65:bb:90:56:f0:dd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=Let's Encrypt, CN=R10
Validity
Not Before: Aug 8 07:03:37 2025 GMT
Not After : Nov 6 07:03:36 2025 GMT
Subject: CN=wx.17u.cn
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c5:ac:73:17:8b:38:4e:78:c7:eb:71:f5:53:50:
51:34:3e:e0:24:f0:79:1c:26:37:b6:42:a0:2f:f3:
63:d2:05:df:94:a5:d8:e0:8d:83:82:69:30:ba:95:
49:8b:de:6a:c2:79:75:99:0a:57:75:b6:70:f6:4e:
a6:0a:0e:9b:1e:e2:aa:49:22:d5:ed:42:0a:01:5d:
e2:c0:fa:ad:29:a5:a2:c0:d7:27:3b:58:b3:9b:90:
dd:e9:cb:35:98:66:15:54:1f:d9:52:6c:43:d4:42:
1d:30:e0:d5:a2:89:84:88:17:90:89:db:0d:fe:c9:
0f:29:f6:65:13:d0:f6:54:d2:4c:da:52:ab:2d:0c:
62:40:8c:ee:7e:ca:3f:50:0c:89:2d:32:12:54:66:
26:89:48:6e:e8:5c:71:ed:b9:ec:3b:7d:7d:9a:fb:
40:34:6b:c9:af:d9:04:02:2b:c6:35:08:c1:ac:d5:
e4:1e:94:8d:90:ed:e1:e7:54:1a:b9:96:49:1b:c1:
f6:bf:ee:cf:d3:66:e3:57:8c:9e:f6:94:9f:ac:16:
c2:5f:16:63:69:fa:c0:db:9f:4d:95:95:b5:e1:f4:
f3:b4:9f:a3:e1:02:4a:a3:b8:3d:3d:0b:d3:c6:f0:
54:40:ae:e0:0c:06:8e:46:df:e3:6a:a9:0c:b6:93:
8d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Subject Key Identifier:
A1:E6:7D:0D:9B:99:E4:D0:85:D5:63:38:66:B8:E7:39:E6:39:9B:B2
X509v3 Authority Key Identifier:
BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
Authority Information Access:
CA Issuers - URI:http://r10.i.lencr.org/
X509v3 Subject Alternative Name:
DNS:api.elong.com, DNS:apmfront.17u.cn, DNS:app.ly.com, DNS:appgateway.ly.com, DNS:appnew.ly.com, DNS:autodiscover.ly.com, DNS:bjs-travel.17u.cn, DNS:css.40017.cn, DNS:cw.17u.cn, DNS:dttrip.cn, DNS:ebk.17u.cn, DNS:ebkapi.17u.cn, DNS:file.40017.cn, DNS:fileakamai.40017.cn, DNS:flights.17u.cn, DNS:ghotel.ly.com, DNS:guanjia.tcent.cn, DNS:hotel.17u.cn, DNS:hotel.elong.com, DNS:ihotel.elong.com, DNS:job.ly.com, DNS:join.ly.com, DNS:js.40017.cn, DNS:jy.17u.cn, DNS:m.17u.cn, DNS:m.dttrip.cn, DNS:m.elong.com, DNS:m.elongstatic.com, DNS:m.ly.com, DNS:mail.ly.com, DNS:mall.dttrip.cn, DNS:masapm.ly.com, DNS:mhotel.elong.com, DNS:mhr.ly.com, DNS:moa.17u.cn, DNS:moa.tcly.cn, DNS:mobile-api2011.elong.com, DNS:mobileapi.ly.com, DNS:mwf.17usoft.com, DNS:nb-google.elong.com, DNS:okr.17u.cn, DNS:oss.17usoft.com, DNS:pavo.elongstatic.com, DNS:pavoaka.elongstatic.com, DNS:pavoakamai.elongstatic.com, DNS:pavoquic.elongstatic.com, DNS:pic5.40017.cn, DNS:pic5aka.40017.cn, DNS:quic-hotel.17u.cn, DNS:quic-tcmapi.elong.com, DNS:s.ly.com, DNS:savior.elong.com, DNS:servicegw.ly.com, DNS:starfish-toca.tcent.cn, DNS:static.40017.cn, DNS:tcauth.17u.cn, DNS:tcflightfrontapi.17usoft.com, DNS:tchl.17u.cn, DNS:tcmapi.elong.com, DNS:tcmobileapi.17usoft.com, DNS:tcsk.17u.cn, DNS:toca-gw.17u.cn, DNS:toca-message.17u.cn, DNS:toca-sentry.17u.cn, DNS:toca-stream-api.17u.cn, DNS:toca-stream.17u.cn, DNS:toca-wps.17u.cn, DNS:toca.17u.cn, DNS:toca.17usoft.com, DNS:train.17u.cn, DNS:vbk.17u.cn, DNS:vstgif.17u.cn, DNS:vstlog.17u.cn, DNS:vstlog.17usoft.com, DNS:wiki.17u.cn, DNS:www.dttrip.cn, DNS:www.elong.com, DNS:www.ly.com, DNS:www.pingliu.com, DNS:www.tongchengbx.com, DNS:www.travelgo.com, DNS:wx.17u.cn, DNS:wxap.17u.cn, DNS:wxcdn.17u.cn, DNS:wxcf.17u.cn, DNS:wxquic.17u.cn, DNS:x.elong.com, DNS:xapiakamai.elong.com, DNS:xlog.elong.com
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
X509v3 CRL Distribution Points:
Full Name:
URI:http://r10.c.lencr.org/21.crl

CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A4:42:C5:06:49:60:61:54:8F:0F:D4:EA:9C:FB:7A:2D:
26:45:4D:87:A9:7F:2F:DF:45:59:F6:27:4F:3A:84:54
Timestamp : Aug 8 08:02:07.587 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:D4:99:85:D0:DB:05:31:C5:5B:B8:68:
3E:71:C2:7A:7B:AA:07:38:B0:4F:9B:DD:05:B4:89:7F:
AC:FF:47:29:0C:02:20:35:B0:0C:73:BC:63:1C:2C:7C:
48:EA:76:B9:4A:B7:DC:90:16:4D:CD:E6:AA:A7:4A:6C:
8F:5F:9C:39:90:80:85
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
Timestamp : Aug 8 08:02:07.642 2025 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:EC:03:D0:F3:3E:C5:00:D3:F2:EF:99:
F5:A7:33:4D:A0:52:42:C1:32:E3:72:50:91:01:B9:CA:
6D:9B:5E:A4:D8:02:21:00:83:76:1B:12:3D:5E:B9:A0:
83:FF:E7:17:CC:D4:07:76:98:B4:8D:03:5C:04:4C:B6:
6D:B1:80:6E:6D:8D:77:C7
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
52:f8:4f:7f:07:49:c1:64:d4:45:cc:5a:fd:b6:39:f6:ae:3f:
98:79:7d:66:3d:02:09:a3:78:87:6c:06:79:4b:b9:41:21:c2:
3d:81:8c:7f:da:4a:5b:df:f6:f3:87:d7:7e:5a:34:37:a3:b6:
e7:e8:60:62:50:89:55:9e:b6:fe:41:fa:a2:e7:8a:b7:1b:eb:
8d:48:7f:45:70:7d:5e:32:54:99:ce:ca:92:d0:5f:56:40:40:
ce:30:d5:f3:6f:d5:87:b2:cf:3f:50:06:75:66:4f:6c:2c:f6:
96:ba:42:2d:e9:28:8f:76:23:7e:fb:bb:2d:99:a1:42:b6:ee:
ac:24:ea:1f:50:7e:4d:a3:a3:08:c9:d8:bb:64:49:0b:db:73:
e9:f3:8c:9d:e3:dc:44:63:3f:8b:ab:2c:05:51:91:08:16:57:
17:55:11:9f:4f:ea:ba:08:88:28:ba:42:2f:61:32:32:3a:8b:
35:8b:1c:08:b6:68:33:75:2c:13:05:63:5e:9d:e0:37:84:f6:
5b:63:95:57:00:e3:10:9d:60:12:8b:d6:3b:a7:70:b4:8e:3e:
e4:69:9b:3a:4d:0e:a3:91:c5:db:33:b3:8f:06:b4:52:46:12:
6d:d2:59:9b:b9:7f:2f:8d:ff:6e:94:bf:0d:97:c0:0b:03:55:
83:3f:eb:58

看到其中有

www.elong.com
www.tongchengbx.com
m.ly.com
guanjia.tcent.cn

的域。证书泄漏的可能性不大，所以我的话，会对可信性增加一点，即，倾向相信对方即是同程网站的控制人

PS. 后来发现好像有一些在线工具也可以直接看，不用自己下载下来

@CEBBCAT 学到了，感谢分享