Skip to main content

Is hai.tg a Scam? Security Check Results - 新加坡海王科技公司 Reviews

hai.tg favicon

Is hai.tg Safe? Security Analysis for 新加坡海王科技公司

https://hai.tg

Check if hai.tg is a scam or legitimate. Free security scan and reviews.

TechnologySingaporesmall
jQueryBootstrapFont AwesomeSwiper.js
Analyzed 8/2/2025Completed 6:24:18 PM
60
Security Score
MEDIUM RISK

AI Summary

海王出海是一家专注于海外社交流量推广的技术和营销资源平台,隶属于新加坡海王科技公司,成立于2021年。该网站提供丰富的跨境电商、社交媒体营销工具和资源导航,涵盖Facebook、WhatsApp、LINE、Instagram、Twitter等多个主流平台,面向跨境行业运营人员和广告优化师。技术上,网站采用了jQuery、Bootstrap、Font Awesome和Swiper等现代前端技术,具备良好的移动端适配和用户体验。安全方面,网站启用了HTTPS,但缺乏关键安全头部和隐私合规政策,存在改进空间。整体风险适中,建议加强隐私政策建设和安全防护措施以提升合规性和用户信任。

Detected Technologies

jQueryBootstrapFont AwesomeSwiper.js

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

该网站定位于跨境电商和海外社交流量推广领域,提供多样化的营销工具和资源链接,形成了较为完善的合作伙伴生态。通过丰富的内容和工具推荐,吸引目标客户群体——跨境运营人员和广告优化师。业务模式以资源导航和推广服务为主,结合广告合作实现收入。市场竞争中,网站以中文内容和针对性强的工具集为优势,具备一定的行业影响力。未来可通过完善合规政策和增强安全措施提升市场竞争力。

Security Posture Analysis

Comprehensive Security Assessment

网站当前安全成熟度中等,启用HTTPS保障数据传输安全,但缺少内容安全策略(CSP)、严格传输安全(HSTS)等安全头部。表单使用GET方法,存在潜在数据泄露风险。未发现明显敏感信息泄露或恶意代码。缺乏隐私政策和Cookie政策,可能导致合规风险。建议加强安全头部配置,改进表单安全,完善隐私合规文档,并定期进行安全审计。

Strategic Recommendations

Priority Actions for Security Improvement

1

优先实施和配置安全HTTP头部,如Content-Security-Policy和Strict-Transport-Security

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

新加坡海王科技公司

Description:

海王出海专注海外社交流量推广,提供亚马逊、独立站、跨境电商和外贸行业站外引流营销工具资源和网址导航,涵盖Facebook广告投放、Google广告投放及多平台群控协议、引流加粉、海外接码、海外推广等资源,适合跨境行业运营人员和广告优化师系统性学习。

Key Services:
社交流量推广营销工具资源网址导航广告投放支持群控协议及引流工具海外接码服务
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQueryBootstrapFont AwesomeSwiper.js
Frameworks:
Bootstrap
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
60/100
Best Practices:
  • HTTPS usage inferred (site uses https URL)
  • No exposed sensitive data in HTML
  • Forms use GET method with minimal fields

Analytics & Tracking

Services:
51.la
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Ad Networks:
OTca (custom ad scripts)
Tracking Pixels:
51.la (Chinese analytics/tracking)
Marketing Tools:
Facebook AdsGoogle Ads
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is fully accessible with no blocking or WAF challenges.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Weak X-Frame-Options configuration

LOW

Current value: "SAMEORIGIN, SAMEORIGIN"

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Weak Referrer-Policy configuration

LOW

Current value: "same-origin"

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

73/100
Score

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Privacy policy may not be GDPR compliant

MEDIUM

Privacy policy lacks explicit GDPR compliance elements

GDPR Compliance Analysis

Privacy Policy85% confidence
Cookie Policy85% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

40/100
Score

No SPF record found

HIGH

SPF helps prevent email spoofing

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

65/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 58 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Mixed Content Detected

MEDIUM

5 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:hai.tg
Issuer:WE1
Valid Until:9/30/2025 (58 days)
SANs:hai.tg, *.hai.tg

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

60/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Protection Level
none
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:104.21.96.1, 104.21.32.1, 104.21.80.1, 104.21.64.1, 104.21.112.1, 104.21.48.1, 104.21.16.1
AAAA Records:2606:4700:3030::6815:5001, 2606:4700:3030::6815:6001, 2606:4700:3030::6815:7001, 2606:4700:3030::6815:3001, 2606:4700:3030::6815:1001, 2606:4700:3030::6815:2001, 2606:4700:3030::6815:4001
Name Servers:
junade.ns.cloudflare.comDNS only
monika.ns.cloudflare.comDNS only
SOA:Serial: 2376952107, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:57ms

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

网站基于自研CMS,采用主流前端框架Bootstrap和jQuery,结合Swiper实现响应式和交互效果。页面结构清晰,SEO优化较好,支持移动端访问。性能表现中等,部分资源通过缓存机制优化。缺乏现代安全头部和隐私合规组件,存在技术债务。建议引入现代前端构建工具和安全扫描流程,提升整体技术质量和安全水平。
Analyze Another Website