中文

Website Security Scanner

Comprehensive security check · Vulnerability scan · Threat intel · SSL analysis

Home Scan List Scoring
canadapost.ca
Scan Time: 2026-05-21 02:24:44
Re-scan
32
Medium Risk
2026-05-21 02:24:44

Security Issues Found

  • ⚠️[LOW] 服务器信息泄露
  • ⚠️被列入 1 个黑名单: AlienVault OTX
  • ⚠️[MEDIUM] 缺少 HTTP 安全头
  • ⚠️AlienVault OTX 有 1 个社区讨论(非直接威胁)

Recommendations

  • 💡添加 DMARC 记录增强邮件安全
  • 💡配置 Web 服务器添加这些安全头
  • 💡申请从黑名单中移除,并修复安全问题
  • 💡移除或修改 Server/X-Powered-By 响应头

🌐Domain Info

Targetcanadapost.ca
Registeredcanadapost.ca
TLD.ca

🛡️Threat Intelligence (7 platforms)

BlacklistAlienVault OTX
Malware1
Phishing0
Abuse Score0/100

🐛Vulnerabilities Found (2)

MEDIUM缺少 HTTP 安全头
缺少以下安全头: Permissions-Policy
Fix: 配置 Web 服务器添加这些安全头
LOW服务器信息泄露
响应头泄露服务器信息: Server: CloudFront
Fix: 移除或修改 Server/X-Powered-By 响应头

🔌Open Ports (2)

80
http
443
https

🌐DNS Records

A: 99.84.41.113
A: 99.84.41.51
A: 99.84.41.69
A: 99.84.41.20
MX: 10 mxa-0062aa01.gslb.pphosted.com.
MX: 10 mxb-0062aa01.gslb.pphosted.com.
NS: ns-453.awsdns-56.com.
NS: ns-546.awsdns-04.net.
NS: ns-1230.awsdns-25.org.
NS: ns-1674.awsdns-17.co.uk.
TXT: "I0N4N27132"
TXT: "_uxa6bwjyq0ie2nohf92y5y5eqf3qkuk"
TXT: "MS=C9E77D999D2BB0F0D32A685346AAA46B1993F408"
TXT: "google-gws-recovery-domain-verification=70785642"
TXT: "miro-verification=105a3c0840d90cdc994ca5b3d3489ad9a264e8af"
TXT: "onetrust-domain-verification=c91be7d1a417496d9a65cc09e10dc791"
TXT: "v=spf1 include:%{ir}.%{v}.canadapost.ca.spf.has.pphosted.com -all"
TXT: "yahoo-verification-key=Kv48E2FYDhoVX6lXzY3X1i7P4aCcsgtiC4KP0NrRKfE="
TXT: "google-site-verification=YleRVPySQ4vnly6SQlnl2dwUwvJu9v0pnwQUceISLKg"
TXT: "adobe-idp-site-verification=8e4a8699a6dcab4056e2726a439b17ddff450d48adf60b3b8197e6d29da95cb5"
TXT: "cisco-ci-domain-verification=39dc66c0cdd15fdec0a66f993a5e31ff606378f2cafcb21a32020497ebe2e3fa"
TXT: "atlassian-domain-verification=pyJBHBEPUPBys0SsUdwjDnWV0gNfXfYr75wp/IG/pCjo6M7uYaaEeT47kXB5fsTw"
SOA: ns-1230.awsdns-25.org. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

📋HTTP Headers

X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Security-Policy: frame-ancestors 'self'
Referrer-Policy: no-referrer-when-downgrade
Server: CloudFront