Skip to main content

Is 22kf.com a Scam? Security Check Results - eName Technology Co., Ltd. Reviews

22kf.com favicon

Is 22kf.com Safe? Security Analysis for eName Technology Co., Ltd.

https://22kf.com

Check if 22kf.com is a scam or legitimate. Free security scan and reviews.

OtherChinasmall
jQuerySwiper.jsChart.jsBaidu Analytics
Analyzed 8/3/2025Completed 3:03:13 PM
48
Security Score
HIGH RISK

AI Summary

22kf.com is a Chinese gaming information portal specializing in the popular '传奇' (Legend) series of online games. It provides authoritative and regularly updated information on new game servers, game news, and special topics targeting the large community of Legend game players in China. The website has been operational since 2013, indicating a stable presence in its niche market. Its business model centers on content aggregation and publishing, serving as a go-to resource for players seeking the latest server openings and game updates. The site is positioned as a leading platform within its domain, supported by consistent branding and a clear focus on its target audience. Technically, the website employs common web technologies including jQuery, Swiper.js for UI components, Chart.js for data visualization, and Baidu Analytics for user tracking. The site is served over HTTPS, ensuring basic transport security, but lacks advanced security headers and DNSSEC, which could enhance its security posture. The website design is professional with good navigation and content relevance, though mobile optimization and accessibility are basic. SEO practices appear adequate with proper meta tags and structured content. From a security perspective, the site shows moderate maturity. While HTTPS is implemented and domain registration is stable with protective domain status flags, there is no visible privacy policy, cookie consent mechanism, or incident response information. The absence of security headers and DNSSEC are notable gaps. No forms or user input mechanisms were detected, reducing attack surface but also limiting user engagement features. The site does not appear to handle sensitive user data directly. Overall, the security posture is functional but could be improved to meet modern compliance and best practices. The overall risk assessment is moderate. The site is legitimate and stable but lacks comprehensive privacy and security disclosures. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and publishing incident response and vulnerability disclosure information to enhance trust and compliance. These improvements would strengthen the site's security culture and better protect its user base.

Detected Technologies

jQuerySwiper.jsChart.jsBaidu Analytics

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

22kf.com operates in the niche market of Chinese online gaming, specifically focusing on the Legend series of games. Its competitive advantage lies in its authoritative and comprehensive aggregation of new server openings and game-related news, attracting a dedicated player base. The business model is content-driven, likely monetized through advertising and partnerships with related gaming sites, as evidenced by friendly links to similar domains. The target customers are Legend game players seeking timely and reliable server information. Growth indicators include frequent content updates and a broad range of topics covering new releases, recommendations, and specialized game guides. The partnership ecosystem appears limited but relevant, with links to other gaming portals. The company behind the domain registration is a known registrar, eName Technology Co., Ltd., suggesting professional domain management. Overall, the site maintains a focused market presence with potential for expansion through enhanced user engagement and compliance.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

j*****@163.com

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a basic to moderate security posture. HTTPS is enforced, which is mandatory for secure communications. Domain registration includes clientDeleteProhibited and clientTransferProhibited statuses, preventing unauthorized domain changes. However, DNSSEC is not enabled, which is a missed opportunity to secure DNS queries. The absence of security headers such as Content-Security-Policy, X-Frame-Options, and others reduces protection against common web attacks. No privacy or cookie policies are published, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is available, limiting transparency and preparedness for security incidents. The site does not collect user data via forms, reducing risk exposure but also limiting user interaction. Overall, the security posture is functional but requires enhancements to meet modern standards and regulatory requirements.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC on the domain to improve DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

eName Technology Co., Ltd.

Description:

国内最权威的传奇发布网-二二开服网每天为广大传奇玩家提供上千条传奇开服信息,是您查找传奇游戏的最佳选择!

Key Services:
传奇游戏新服发布游戏资讯更新专题内容新服表信息
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQuerySwiper.jsChart.jsBaidu Analytics
Performance:

moderate

Mobile:

basic

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
55/100
Best Practices:
  • HTTPS enabled
  • Domain status clientDeleteProhibited and clientTransferProhibited

Analytics & Tracking

Services:
Baidu Analytics
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Tracking Pixels:
Baidu Analytics
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is a Chinese language gaming information portal focused on '传奇' (Legend) game servers and news.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

30/100
Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

50/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

30/100
Score

No SPF record found

HIGH

SPF helps prevent email spoofing

No MX records found

MEDIUM

Domain cannot receive email without MX records

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

92/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 83 days

HSTS Missing includeSubDomains

LOW

HSTS header does not include subdomains

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Certificate Details

Subject:*.22kf.com
Issuer:R10
Valid Until:10/26/2025 (83 days)
SANs:*.22kf.com, 22kf.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

55/100
Score

DNS Resolution Failed

CRITICAL

Unable to resolve domain A records

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

DNS Records

Name Servers:
ns1.dnsip.comDNS only
ns2.dnsip.comDNS only

DNSSEC Status

DNSSEC Not Enabled

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

40/100
Score

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a traditional web technology stack with jQuery, Swiper.js for interactive UI elements, and Chart.js for graphical data representation. Baidu Analytics is integrated for user behavior tracking, indicating a focus on data-driven insights. The site is served over HTTPS, ensuring encrypted communication. The HTML structure is valid and includes appropriate meta tags for SEO. However, the site lacks modern frameworks or CMS indications, suggesting a custom or legacy build. Performance is moderate, with multiple external CSS and JS files loaded from the same domain and Baidu domains. Mobile optimization is basic, with meta tags indicating PC device targeting but no explicit responsive design features detected. Accessibility features are minimal. There is no evidence of advanced hosting or CDN usage. Overall, the technical implementation is stable but could benefit from modernization and performance optimization.
Analyze Another Website