Safety & Threats

Comprehensive malware detection, phishing analysis, and threat assessment. Click any check below to learn exactly how it works.

Malware/Phishing Indicators

Detects known malware, phishing attempts, typosquatting, and suspicious URL patterns using Google Safe Browsing API and heuristic analysis.

Critical Severity

SSL Certificate Status

Verifies that the website uses HTTPS encryption to protect data in transit between the user and the server.

Critical Severity

Form Security

Checks if HTML forms are present on non-HTTPS pages, which could expose sensitive user data to interception.

Critical Severity

Outdated Software Detection

Identifies potentially outdated frameworks, libraries, or CMS versions that may contain known vulnerabilities.

Medium Severity

SQL Injection Protection

Assesses server-side protection against SQL injection attacks that could compromise database security.

Critical Severity

XSS (Cross-Site Scripting) Protection

Evaluates protection against XSS attacks through Content Security Policy headers and input sanitization.

High Severity

Iframe Usage

Detects embedded iframes that could potentially load malicious content from untrusted third-party sources.

Medium Severity

External Scripts

Counts and analyzes external JavaScript sources that could introduce security vulnerabilities or tracking.

High Severity

Rate Limiting / Bot Protection

Checks for protection mechanisms against brute force attacks, credential stuffing, and automated bot abuse.

Medium Severity

Domain Registrar Status

Analyzes domain registration information via WHOIS to identify newly registered or suspicious domains.

Medium Severity

How Safety Scoring Works

Score Calculation

Each check contributes to the overall Safety & Threats score using calculateCategoryScore(). Checks with pass status add positive points, while fail and error statuses reduce the score based on severity.

Malware Override

If malware or phishing is detected, the entire category score is forced to 0 regardless of other check results. This ensures dangerous sites are always flagged appropriately.

Status Meanings

  • Pass: Check passed successfully
  • Warn: Potential issue detected
  • Info: Informational only
  • Fail: Security issue found
  • Error: Check could not complete