Skip to main content

Is baiz.ai a Scam? Security Check Results - 白泽(绍兴)文化传媒有限公司 Reviews

Is baiz.ai Safe? Security Analysis for 白泽(绍兴)文化传媒有限公司

https://baiz.ai

Check if baiz.ai is a scam or legitimate. Free security scan and reviews.

TechnologyChinamedium
Tailwind CSS 2.2.19Alpine.js 3.14.9Google Fonts (Inter)
Analyzed 8/2/2025Completed 6:21:35 PM
59
Security Score
MEDIUM RISK

AI Summary

尤里改是一家专注于智能广告自动化投放的技术公司,融合先进的AI算法和流程自动化技术,致力于为企业客户提供高效、无忧的广告投放解决方案。公司通过自动化账户管理、创意优化和智能预算调整,帮助广告主提升投资回报率和运营效率。网站内容丰富,设计现代且响应迅速,面向中国市场的广告投手和企业广告主。技术架构采用Tailwind CSS和Alpine.js,托管于Cloudflare,确保性能和安全性。安全方面,网站启用了HTTPS,域名状态安全,但缺少部分安全头和隐私合规机制。整体风险较低,建议加强隐私合规和安全策略披露以提升信任度。

Detected Technologies

Tailwind CSS 2.2.19Alpine.js 3.14.9Google Fonts (Inter)

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

尤里改定位为中国市场的广告自动化SaaS平台,提供从广告账户管理到AI智能优化的全流程服务。其业务模式结合软件服务和专业代投支持,覆盖多种广告投放模式和行业需求。公司强调自动化和智能化,降低广告投放门槛,提升效率和ROI。通过一对一售后指导和账户申诉服务,增强客户粘性和满意度。市场竞争力体现在技术驱动和专业服务结合,适合中小及中大型广告客户。公司成立于2025年,规模中等,具备持续更新和客户支持能力。

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

s*****@aff.cool

Phone Numbers (1)

767**

Security Posture Analysis

Comprehensive Security Assessment

网站安全措施包括HTTPS加密和Cloudflare托管,域名注册状态为clientTransferProhibited,防止未经授权的转移。未检测到安全头部配置,缺少安全政策和事件响应联系方式,存在隐私合规和安全披露不足。表单设计合理,未发现敏感信息泄露或明显漏洞。建议启用DNSSEC,完善安全头部,发布安全政策和漏洞披露渠道,提升整体安全成熟度和合规性。

Strategic Recommendations

Priority Actions for Security Improvement

1

启用DNSSEC以增强域名系统安全。

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

白泽(绍兴)文化传媒有限公司

Description:

尤里改融合先进AI与流程自动化,为企业打造无忧广告投放体验。从账户管理到创意优化,一站式解决方案让您的广告投资获得最大回报。

Key Services:
自动化广告投放AI智能优化广告账户管理专业广告代投账户自动申诉一对一售后指导
Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:
Tailwind CSS 2.2.19Alpine.js 3.14.9Google Fonts (Inter)
Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:
75/100
Best Practices:
  • HTTPS enforced (implied by Cloudflare usage and domain)
  • ClientTransferProhibited domain status
  • No exposed sensitive data in HTML
  • Secure form inputs with proper labels and placeholders

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:basic

Advertising & Marketing

Transparency Level:basic

Website Quality Assessment

Design Quality:excellent
User Experience:excellent
Content Relevance:excellent
Navigation Clarity:excellent
Professionalism:excellent
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content in Chinese language.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

35/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Third-party services without privacy policy

HIGH

Detected services: Cloudflare, Google APIs

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

60/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

75/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 37 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:baiz.ai
Issuer:WE1
Valid Until:9/9/2025 (37 days)
SANs:baiz.ai, *.baiz.ai

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age
0 years(young)
Expiry Risk
none(543 days)
Protection Level
basicDNSSEC OFF
Suspicious Indicators Detected
  • Privacy/proxy registration detected

DNS Records

A Records:104.21.16.1, 104.21.48.1, 104.21.96.1, 104.21.80.1, 104.21.112.1, 104.21.32.1, 104.21.64.1
AAAA Records:2606:4700:3030::6815:3001, 2606:4700:3030::6815:2001, 2606:4700:3030::6815:5001, 2606:4700:3030::6815:6001, 2606:4700:3030::6815:1001, 2606:4700:3030::6815:4001, 2606:4700:3030::6815:7001
Name Servers:
josh.ns.cloudflare.com
olga.ns.cloudflare.com
SOA:Serial: 2379600649, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:55ms

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

网站采用现代前端技术Tailwind CSS和Alpine.js,设计响应式且用户体验良好。托管于Cloudflare,利用其DNS和CDN服务提升性能和安全。页面结构清晰,SEO优化良好,字体和图标加载自可信CDN。无CMS痕迹,可能为定制开发。性能表现优异,移动端优化出色。技术栈现代但缺少部分安全配置,存在提升空间。整体技术架构适合业务需求,支持未来扩展和维护。
Analyze Another Website