What is the security status of hongkangha.com?

hongkangha.com has a security score of 64/100, rated as Moderate Risk. The website may have security concerns that should be addressed.

Is hongkangha.com safe to use?

Our security scan shows hongkangha.com is Moderate Risk. SSL security issues detected. Always practice safe browsing habits.

Does hongkangha.com have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 64/100, the website is rated as Moderate Risk. However, websites can change over time, so always use updated security software.

What is hongkangha.com's trust score?

hongkangha.com has a security score of 64/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is hongkangha.com Safe? Security Analysis for 江苏弘康未来营养科技有限公司

https://hongkangha.com

Check if hongkangha.com is a scam or legitimate. Free security scan and reviews.

HealthcareChinasmall

jQuery 1.8.3Swiper.jsLayer.jsRequireJS

Analyzed 8/3/2025Completed 7:40:52 PM

Security Score

MEDIUM RISK

AI Summary

江苏弘康未来营养科技有限公司 is a specialized Chinese biotech company focused on the research, development, and manufacturing of hyaluronic acid products with various molecular weights. Founded in 2022 and located in Changzhou, China, the company serves clients in the pharmaceutical, skincare, and food industries. Their production capabilities include a 1500m² facility with advanced fermentation, hydrolysis, and spray drying equipment, enabling ton-scale production of low molecular weight hyaluronic acid. The website presents a professional image with detailed product and company information, targeting B2B customers in related sectors. Technically, the website employs legacy JavaScript libraries such as jQuery 1.8.3 and Swiper.js, with custom CMS infrastructure. The site is moderately performant and well-optimized for mobile devices, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and structured navigation. Analytics are handled via Baidu Analytics, indicating moderate user tracking. From a security perspective, the site uses HTTPS but lacks visible security headers and employs outdated JavaScript libraries, which may introduce vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Incident response and vulnerability disclosure information are absent, limiting transparency. WHOIS data aligns well with the website's business claims, supporting legitimacy. Overall, the site is functional and professional but would benefit from security and compliance enhancements. Strategic improvements in privacy policy publication, library updates, and security header implementation are recommended to strengthen trust and regulatory adherence.

Detected Technologies

jQuery 1.8.3Swiper.jsLayer.jsRequireJS

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The company positions itself as a niche manufacturer of specialized hyaluronic acid products with patented technology and a modern production facility. Its business model is B2B, supplying pharmaceutical, cosmetic, and food sectors. The website content emphasizes product quality, production scale, and technical expertise, targeting industry clients seeking reliable suppliers. The presence of multiple contact channels and detailed company background supports customer engagement and trust. The company appears to be in early growth stages, founded in 2022, with no parent or subsidiary companies indicated. Partnerships include website development and hosting providers. The company leverages its patented technology and production capacity as competitive advantages.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

j*****@hongkangha.com

Phone Numbers (2)

139*******

Physical Addresses (1)

常州市新北区东经120路198号北城天街1幢1603室

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a basic security posture with HTTPS enabled and no exposed sensitive data. However, the use of an outdated jQuery version (1.8.3) introduces potential vulnerabilities. The absence of security headers such as Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and X-Frame-Options reduces protection against common web attacks. No incident response or vulnerability disclosure mechanisms are provided, limiting the ability to handle security incidents effectively. Privacy and cookie policies are missing, which is a compliance risk. Overall, the security maturity is moderate but requires improvements to meet best practices and regulatory requirements.

Strategic Recommendations

Priority Actions for Security Improvement

Upgrade all JavaScript libraries, especially jQuery, to current secure versions to mitigate known vulnerabilities.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

江苏弘康未来营养科技有限公司

Description:

江苏弘康是一家专注于特定低分子量透明质酸钠及多种生物活性物研发与生产的科技创新型企业，主要生产不同分子量的透明质酸，产品广泛应用于医药、护肤、食品等领域。公司拥有1500平方米生产规模，含10万级洁净区，配备发酵体系、水解体系及喷雾干燥设备，年产低分子量透明质酸钠30吨。

Key Services:

特定低分子量透明质酸生产产品研发技术支持与服务

Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:

jQuery 1.8.3Swiper.jsLayer.jsRequireJS

Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:

60/100

Best Practices:

Use of HTTPS (implied by https URLs)
No exposed sensitive data in HTML
Contact form with validation

Analytics & Tracking

Services:

Baidu Analytics

Tracking Level:moderate

Privacy Compliance:poor

Advertising & Marketing

Tracking Pixels:

Baidu Analytics (hm.baidu.com)

Transparency Level:basic

Website Quality Assessment

Design Quality:good

User Experience:good

Content Relevance:good

Navigation Clarity:good

Professionalism:good

Trustworthiness:moderate

Key Observations

Website is a professional corporate site for a Chinese biotech/manufacturing company specializing in hyaluronic acid products.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

80/100

Score

Weak Referrer-Policy configuration

LOW

Current value: "unsafe-url"

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100

Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

SPF Details

Record:

v=spf1 include:spf.qiye.aliyun.com -all

DNS Lookups:1/10

Policy:-all

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

67/100

Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 37 days

Mixed Content Detected

MEDIUM

12 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Enabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100

Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age

3 years(established)

Expiry Risk

none(980 days)

Protection Level

noneDNSSEC OFF

Suspicious Indicators Detected

•No domain protection locks enabled

DNS Records

A Records:211.149.255.8

Name Servers:

dns19.hichina.com

dns20.hichina.com

MX Records:

5: mx1.qiye.aliyun.com

10: mx2.qiye.aliyun.com

15: mx3.qiye.aliyun.com

SOA:Serial: 2025032613, TTL: 600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:324ms

SPF Analysis

SPF Record:

v=spf1 include:spf.qiye.aliyun.com -all

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100

Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website is built on a custom CMS platform using legacy JavaScript libraries such as jQuery 1.8.3 and Swiper.js for UI components. RequireJS is used for module loading. The site loads Baidu Analytics for user tracking. Hosting appears to be on a Chinese IP address (211.149.255.8), consistent with the company's location. The site is mobile-optimized with responsive design and uses modern CSS variables for theming. Performance is moderate with some room for improvement. Accessibility features are basic, lacking ARIA landmarks or enhanced keyboard navigation. SEO is supported by meta tags and structured navigation menus. The site could benefit from modernization of the tech stack and improved accessibility compliance.

Analyze Another Website

Is hongkangha.com a Scam? Security Check Results - 江苏弘康未来营养科技有限公司 Reviews

Is hongkangha.com Safe? Security Analysis for 江苏弘康未来营养科技有限公司

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Extracted Contact Information

Email Addresses (1)

Phone Numbers (2)

Physical Addresses (1)

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Weak Referrer-Policy configuration

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

Critical sector without clear security compliance

📧Email Security

Email Security

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

SPF Details

🏆SSL/TLS Security

SSL/TLS Security

Weak Protocols Supported

Certificate Transparency Not Implemented

SSL Certificate Expires Within 90 Days

Mixed Content Detected

Partial SSL/TLS Assessment

Protocol Support

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

Domain Transfer Lock Not Enabled

Domain Delete Lock Not Enabled

Domain Registration Details

DNS Records

DNSSEC Status

DNS Performance

SPF Analysis

⚡Network Security

Network Security

Good Network Security Posture

🔧Technical Analysis

Technical Analysis

Additional Findings

Related Partner Domains

www.one-all.com