中文

Website Security Scanner

Comprehensive security check · Vulnerability scan · Threat intel · SSL analysis

Home Scan List Scoring
sierraclub.org
Scan Time: 2026-05-21 08:05:21
Re-scan
35
Medium Risk
2026-05-21 08:05:21

Security Issues Found

  • ⚠️对外暴露了 3 个高风险服务端口
  • ⚠️[MEDIUM] 缺少 HTTP 安全头

Recommendations

  • 💡添加 DMARC 记录增强邮件安全
  • 💡配置 Web 服务器添加这些安全头
  • 💡使用防火墙限制对这些端口的访问

🌐Domain Info

Targetsierraclub.org
Registeredsierraclub.org
TLD.org

🛡️Threat Intelligence (7 platforms)

BlacklistNot Blacklisted
Malware0
Phishing0
Abuse Score0/100

🐛Vulnerabilities Found (1)

MEDIUM缺少 HTTP 安全头
缺少以下安全头: X-XSS-Protection, Permissions-Policy
Fix: 配置 Web 服务器添加这些安全头

🔌Open Ports (7)

21
ftp
80
http
443
https
3306
unknown
3389
unknown
8080
unknown
8443
unknown

🌐DNS Records

A: 199.83.133.200
A: 199.83.131.200
A: 199.83.134.200
MX: 100 alt4.aspmx.l.google.com.
MX: 10 aspmx.l.google.com.
MX: 100 alt3.aspmx.l.google.com.
MX: 50 alt2.aspmx.l.google.com.
MX: 50 alt1.aspmx.l.google.com.
NS: ns2.dnsmadeeasy.com.
NS: ns3.dnsmadeeasy.com.
NS: ns1.dnsmadeeasy.com.
NS: ns0.dnsmadeeasy.com.
NS: ns4.dnsmadeeasy.com.
TXT: "sbv5flvk2pkdq3e76mmnrrli8"
TXT: "globalsign-domain-verification=68BF77350A1290277BE354B71A983F8C"
TXT: "982gl.x.incapdns.net"
TXT: "v=spf1 include:_spf.sierraclub.org include:_spf.google.com include:_spf.salesforce.com include:em1936.sierraclub.org include:spf1.formassembly.com include:_spf1.mailgun.org include:_spf2.mailgun.org ~all"
TXT: "SFMC-K0zzqyWZlMjJFv92C2YatKuQvhb4Y43nYLjmPhV1"
TXT: "1bpf3tgu0clh4h7mte1jubr70u"
TXT: "globalsign-domain-verification=186c27a11733f8701e56a8ff834ff419"
TXT: "ZOOM_verify_JK16PB6bRcusiW_FlVtGPw"
TXT: "duo_sso_verification=dhFlnL9cZoy7na92QIsxPNSrSGTHcezShZMyEYrje3nhhLI9uPrDIzPsaAzz5leq"
TXT: "globalsign-domain-verification=FCF0FFE9248E5FB050EE4559A28A7873"
TXT: "globalsign-domain-verification=7A1E6B106E306B6D4BE38659D115C66A"
TXT: "globalsign-domain-verification=5e2ff394df8f2f33e431a33699610712"
TXT: "atlassian-sending-domain-verification=b8d03f39-cbee-42ce-a9d3-9282bbaad547"
TXT: "globalsign-domain-verification=6D904030DED169AF1097C90FD91F8893"
TXT: "apple-domain-verification=loQqMyydRX6GcsTz"
TXT: "facebook-domain-verification=q469pp5uo8p9bhs7whc8i3xrrxe9yb"
TXT: "MS=585E344DD5602BB42C97F00CA7BB76FA0F8C41F4"
TXT: "globalsign-domain-verification=40FC5B9372CD131A0B579E91633105DF"
TXT: "globalsign-domain-verification=8FD9F6C2739A2202373E780DD68C9DB7"
SOA: ns10.digicertdns.com. dns.digicertdns.com. 2009011186 43200 3600 1209600 180

📋HTTP Headers

X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' import: blob: https://www.googletagmanager.com
Referrer-Policy: strict-origin-when-cross-origin