Comprehensive security check · Vulnerability scan · Threat intel · SSL analysis
Our platform aggregates eight authoritative global threat intelligence and security detection platforms. Using a scientific weighted scoring mechanism, we evaluate target websites across SSL/TLS configuration, HTTP security headers, DNS records, open ports, threat intelligence, and vulnerability scanning. Results are for reference only and do not constitute a security guarantee.
The comprehensive score ranges from 0 to 100. Higher scores indicate greater risk. Each threat intelligence platform is assigned different weights based on its credibility and confirmation level, preventing single false positives from distorting results.
| Dimension | Trigger Condition | Weight/Score | Note |
|---|---|---|---|
| Google Safe Browsing | Officially flagged as threat | +50 | Official confirmation, highest weight |
| PhishTank | Confirmed phishing site | +45 | Human verified, very high weight |
| SSL Certificate Expired | Certificate has expired | +40 | Directly impacts user security |
| VirusTotal | ≥5% engines flag malicious & harmless insufficient to offset | +0~20 | Ratio-based; harmless votes offset false positives |
| URLhaus | Malware distribution URLs found | +0~25 | Scored by malicious URL count |
| AbuseIPDB | IP reputation ≥80 & reports ≥5 | +0~25 | High threshold reduces CDN false positives |
| IBM X-Force | Risk score ≥7/10 (High) | +0~20 | Only high risk scores significantly |
| AlienVault OTX | Actual malware samples found (not community discussion) | +0~15 | Alexa Top 100k sites score halved |
| SSL Labs Grade | Grade F/T (severe config errors) | +0~35 | A+ to B barely scored |
| Vulnerability Detection | High/Medium/Low severity vulnerabilities | +5~25 | Graded by severity |
| Port Exposure | Open SSH/MySQL/RDP etc. | +5/port | Stackable |
| Missing Security Headers | Missing X-Frame-Options etc. | +15 | Medium risk, recommended fix |
Safe (0~9): No obvious security issues found. SSL configuration is good, no negative threat intelligence records.
Low Risk (10~29): Minor configuration flaws (e.g., missing some HTTP security headers). Recommended to optimize but does not affect basic security.
Medium Risk (30~49): Identifiable security issues (e.g., SSL expiring soon,少量 threat intelligence associations). Should be fixed soon.
High Risk (50~69): Clear security threats exist (e.g., expired certificate, multiple blacklist records, high-risk vulnerabilities). Immediate action required.
Critical Risk (70~100): Confirmed malicious/phishing site by official security agencies, or severe vulnerabilities exist. Access may endanger users.
Large websites (e.g., Baidu, Google, Twitter) are frequently impersonated or used as redirect targets for phishing pages due to their massive user base. This causes them to be associated with security incidents on some threat intelligence platforms (e.g., VirusTotal, AlienVault OTX), but this does not mean the main site itself is compromised. We have optimized our scoring algorithm for this: VirusTotal introduces a harmless-engine offset mechanism; AbuseIPDB raises thresholds to reduce CDN false positives; Alexa Top 100k sites automatically receive halved OTX association scores. If you believe a well-known site is falsely flagged, refer to Google Safe Browsing and PhishTank results, as these are officially/human-verified with extremely low false positive rates.
Cybersecurity is dynamic. Scan results only reflect the security status at the time of scanning. Threat intelligence data has latency, and zero-day vulnerabilities cannot be covered by existing rules. This platform is based on public APIs and automated scripts for detection. Results are for security research and reference only, and do not constitute any security commitment or legal advice. For critical business systems, please combine with professional penetration testing and continuous monitoring for comprehensive assessment.
📧 Questions or suggestions? Contact huochai12@gmail.com