Skip to main content

Is eccangerp.com a Scam? Security Check Results - 深圳市易仓科技有限公司 Reviews

Is eccangerp.com Safe? Security Analysis for 深圳市易仓科技有限公司

https://eccangerp.com

Check if eccangerp.com is a scam or legitimate. Free security scan and reviews.

TechnologyChinalarge
jQueryBootstrapSwiperLayuiLayer.js+1 more
Analyzed 8/2/2025Completed 2:56:48 PM
52
Security Score
MEDIUM RISK

AI Summary

深圳市易仓科技有限公司运营的ECCANG ERP网站提供跨境电商ERP解决方案,专注于多平台订单处理、海外仓管理、财务核算及物流成本优化。该公司拥有超过11年的技术积累,服务超过30000家客户,年GMV达数千亿人民币,市场定位为行业领先的跨境电商技术服务商。网站内容丰富,面向亚马逊及其他主流电商平台卖家,强调提升运营效率和降低成本。技术架构基于Yii框架,结合jQuery、Bootstrap等现代前端技术,整体性能和移动端优化表现良好。

Detected Technologies

jQueryBootstrapSwiperLayuiLayer.jsYii Framework (PHP)

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

ECCANG ERP通过整合60+电商平台和1600+物流商资源,构建了强大的跨境电商生态系统。其业务模式以SaaS软件服务为核心,辅以专业实施和售后支持,形成闭环客户服务。公司通过丰富的客户案例和合作伙伴展示,强化市场信任。营销主要依托百度联盟及在线咨询工具,聚焦中国及全球跨境卖家。缺乏公开的隐私政策和WHOIS注册信息是潜在风险点,但整体业务运营成熟,具备较强竞争力。

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

e*****@eccang.com

Phone Numbers (1)

133*******

Security Posture Analysis

Comprehensive Security Assessment

网站启用了HTTPS,且在页面中嵌入了CSRF防护令牌,显示一定的安全意识。未检测到安全相关HTTP头部,且缺少公开的安全政策和漏洞披露渠道,表明安全成熟度有待提升。表单验证机制较为完善,防止无效数据提交。WHOIS信息缺失可能影响域名信任度。建议加强安全头部配置,完善隐私合规文档,并公开安全事件响应流程以提升整体安全形象。

Strategic Recommendations

Priority Actions for Security Improvement

1

完善并公开隐私政策和Cookie政策,确保GDPR及相关法规合规。

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

深圳市易仓科技有限公司

Description:

易仓ERP是1000+亿级卖家正在使用,多平台多订单处理.亚马逊ERP系统6小时数据更新,财务核算又快又准,能够提高运营决策的准确度.易仓科技11年技术沉淀,打通60+电商平台,效率提升60%,多平台出海,就选ECCANG ERP

Key Services:
多平台订单处理多海外仓管理备货避险财务精确运营提效头程降本
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQueryBootstrapSwiperLayuiLayer.jsYii Framework (PHP)
Frameworks:
Yii
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
70/100
Best Practices:
  • CSRF tokens present in meta tags
  • Form validation with phone format checks
  • Use of HTTPS implied by external script URLs

Analytics & Tracking

Services:
Baidu Analytics
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Ad Networks:
Baidu Affiliate Marketing
Tracking Pixels:
Baidu Analytics
Marketing Tools:
Baidu AnalyticsAffiliate chat links
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is fully accessible with rich content and professional design.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

25/100
Score

Weak Strict-Transport-Security configuration

LOW

Current value: "max-age=15724800; includeSubDomains"

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

50/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

40/100
Score

No SPF record found

HIGH

SPF helps prevent email spoofing

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

62/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 46 days

Mixed Content Detected

MEDIUM

69 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

60/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age
6 years(mature)
Expiry Risk
none(466 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:47.112.237.58
Name Servers:
dns19.hichina.com
dns20.hichina.com
MX Records:
10: inbound-smtp.us-east-1.amazonaws.com
SOA:Serial: 2025042409, TTL: 600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:440ms

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

网站采用Yii PHP框架,结合Bootstrap和jQuery等前端技术,技术栈现代且成熟。页面结构清晰,SEO优化良好,移动端适配较好。使用百度统计和百度联盟进行流量分析和营销推广。页面加载速度适中,未见明显性能瓶颈。建议进一步优化安全配置和隐私合规性,提升整体技术成熟度和用户信任。
Analyze Another Website