Skip to main content

Is cnwanlan.com a Scam? Security Check Results - 皖缆集团股份有限公司 Reviews

Is cnwanlan.com Safe? Security Analysis for 皖缆集团股份有限公司

https://cnwanlan.com

Check if cnwanlan.com is a scam or legitimate. Free security scan and reviews.

EnergyChinamedium
jQuery 1.8.3AOS (Animate On Scroll)Swiper.jsSlick sliderCSS3 animations
Analyzed 8/2/2025Completed 9:49:23 PM
44
Security Score
HIGH RISK

AI Summary

皖缆集团股份有限公司 is a medium-sized Chinese manufacturing company specializing in various types of electric heating tapes and related products, serving industrial sectors such as energy, petrochemical, power, and transportation. Founded in 2006 and headquartered in Tianchang City, Anhui Province, the company offers a comprehensive range of products including self-regulating and constant power electric heating tapes, solar electric heating tapes, heating cables, and instrumentation cables. Their business model combines product manufacturing with consulting, design, installation, and after-sales services, positioning them as a regional solution provider in their industry. Technically, the website employs legacy technologies such as jQuery 1.8.3 alongside modern UI libraries like AOS and Swiper.js for animations and sliders. The site is moderately optimized for performance and mobile devices but lacks advanced accessibility features and modern CMS indications. SEO is basic with standard meta tags but no structured data or Open Graph tags detected. From a security perspective, the site lacks visible security headers and uses an outdated jQuery version, which may expose it to vulnerabilities. The contact form includes a CAPTCHA mechanism, which is a positive security measure. However, the absence of privacy and cookie policies, as well as missing WHOIS domain registration details, reduces overall trustworthiness. The domain WHOIS query returned no match, suggesting recent registration or privacy protection, which conflicts with the company's stated founding year and may warrant further verification. Overall, the website is professionally designed with good content quality and clear business information but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and compliance.

Detected Technologies

jQuery 1.8.3AOS (Animate On Scroll)Swiper.jsSlick sliderCSS3 animations

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

皖缆集团股份有限公司 operates in the energy and manufacturing sectors, focusing on industrial electric heating solutions. Their competitive advantage lies in a broad product portfolio and integrated service offerings from design to maintenance. The company targets industrial clients requiring reliable heating solutions for pipelines, storage tanks, and instrumentation. Revenue streams likely include product sales, project consulting, and after-sales services. The website's extensive case studies and product details indicate a mature market presence with regional recognition. The external linked domains suggest partnerships with related industrial suppliers and service providers, enhancing their ecosystem. Growth indicators include a comprehensive product range and active content updates, though the lack of privacy and security policies may impact international expansion. Strategic observations recommend enhancing digital trust signals and compliance to support broader market penetration.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

w*****@cnwanlan.com

Phone Numbers (2)

400*******
055*******

Security Posture Analysis

Comprehensive Security Assessment

The current security maturity level is moderate but with notable gaps. The use of an outdated jQuery version (1.8.3) introduces potential vulnerabilities that could be exploited. The absence of standard security headers such as Content-Security-Policy, X-Frame-Options, and Strict-Transport-Security reduces protection against common web attacks. The contact form employs CAPTCHA, mitigating automated spam risks. No evidence of HTTPS enforcement or HSTS was found in the provided data, which is critical for secure communications. Privacy and cookie policies are missing, indicating compliance gaps with GDPR and other data protection regulations. Incident response information and security contact channels are not provided, limiting readiness for security events. Overall, the security posture requires significant improvements to align with best practices and regulatory requirements.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and enforce HTTPS site-wide with valid SSL certificates and HSTS headers.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

皖缆集团股份有限公司

Description:

皖缆集团股份有限公司经营各类电伴热带产品,有防冻电伴热带、防爆电伴热带、恒功率电伴热带、自限温电伴热带、高温电伴热带、隧道电伴热带、消防电伴热带等产品。皖缆集团股份有限公司坚持以可靠、高效、节能的产品理念,为用户提供符合环境要求的产品咨询、设计、制造、安装、调试及维护等电伴热解决方案。

Key Services:
Self-regulating electric heating tapeConstant power electric heating tapeSolar electric heating tapeHeating sampling composite pipesSkin effect electric heatingHeating cablesElectric heating beltsElectric heatersInstrumentation cablesHigh and low voltage switch cabinets
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQuery 1.8.3AOS (Animate On Scroll)Swiper.jsSlick sliderCSS3 animations
Performance:

moderate

Mobile:

basic

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:
50/100
Best Practices:
  • Use of CAPTCHA on contact form

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:poor

Advertising & Marketing

Transparency Level:poor

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is fully accessible with rich content

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

35/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

50/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

30/100
Score

No SPF record found

HIGH

SPF helps prevent email spoofing

No MX records found

MEDIUM

Domain cannot receive email without MX records

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

Mixed Content Detected

MEDIUM

19 resources loaded over insecure HTTP

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100
Score

No MX Records

LOW

Domain cannot receive email without MX records

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

No DMARC Record

MEDIUM

DMARC policy not configured

DNS Records

A Records:60.247.160.206
Name Servers:
ns11.xincache.comDNS only
ns12.xincache.comDNS only

DNSSEC Status

DNSSEC Not Enabled

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a combination of legacy and modern front-end technologies, including jQuery 1.8.3, AOS for scroll animations, Swiper.js and Slick slider for carousels, and CSS3 animations. The site structure is HTML5 with responsive meta tags but mobile optimization is basic. No CMS or backend platform is identified from the source. Performance is moderate with some modern UI enhancements but could benefit from optimization and modernization. The presence of multiple external CSS and JS files from the same domain suggests self-hosted assets. No advanced SEO structured data or Open Graph tags were detected, limiting social media integration and search engine richness. Accessibility features are minimal, and no ARIA roles or landmarks were found. Overall, the technical infrastructure is functional but dated, with modernization opportunities to improve security, performance, and user experience.
Analyze Another Website