Is semwb.com Safe? Security Analysis for 企信网络
Check if semwb.com is a scam or legitimate. Free security scan and reviews.
AI Summary
企信网络是一家位于中国东莞的专业SEO及网络推广服务公司,拥有超过14年的行业经验。公司主要为东莞及周边地区的中小企业提供SEO优化、网站建设、百度推广及抖音推广等全网营销服务。网站内容丰富,展示了多个客户案例和服务项目,明确的联系方式增强了客户信任。技术上,网站采用了jQuery、百度地图API及Flexslider等技术,具备良好的移动端适配和基本的SEO优化。安全方面,网站启用了HTTPS,但缺少安全头部配置和隐私政策,存在一定的合规风险。WHOIS信息缺失,域名注册状态不明,降低了整体信任度。建议加强安全配置,完善隐私合规文件,并核实域名注册信息以提升业务可信度。
Detected Technologies
🧠AI Business Intelligence
Technology stack, business insights, and market analysis powered by AI.
Business Intelligence
Market & Strategic Analysis
企信网络定位为本地专业的SEO及数字营销服务提供商,主要面向东莞中小企业市场。其竞争优势在于多年行业经验和多样化的推广服务组合,包括百度和抖音推广。业务模式以服务为核心,收入来源主要依赖推广服务和网站建设。网站展示了丰富的客户案例,表明一定的市场认可度。合作伙伴链接较多,显示一定的行业生态圈。未来增长潜力依赖于加强数字合规和安全建设,以及拓展更广泛的客户基础。
Extracted Contact Information
Marketing Intelligence Data
Email Addresses (1)
Phone Numbers (1)
Security Posture Analysis
Comprehensive Security Assessment
当前安全成熟度处于基础水平,网站启用了HTTPS保障数据传输安全,但缺少关键安全头部如CSP、HSTS等,增加潜在风险。网站表单仅有客户端验证,缺少服务器端验证和防垃圾机制。未发现隐私政策和漏洞披露渠道,合规性不足。建议尽快完善安全策略,增加安全头部,实施多层验证机制,并公开隐私及安全政策以提升用户信任和合规性。
Strategic Recommendations
Priority Actions for Security Improvement
部署并配置安全HTTP头部(如Content-Security-Policy, X-Frame-Options, HSTS)以增强防护
✨Observations
AI-powered comprehensive website and business analysis.
AI-Enhanced Website Analysis
Business Insights
企信网络
东莞企信网络提供东莞seo、百度爱采购、百度推广包年,抖音seo,抖音代运营、网站建设、网站优化等全网推广,找东莞seo,东莞网站优化,东莞网站建设,全网推广,百度推广,网络推广运营,抖音推广公司联系企信网络,为你接单。
good
consistent
Technical Stack
moderate
good
basic
good
Security Assessment
- HTTPS enabled
- Form input validation on client side
Analytics & Tracking
Advertising & Marketing
Website Quality Assessment
Key Observations
Website is fully accessible with rich content and navigation
🛡️Security Headers
HTTP security headers analysis and recommendations.
Security Headers
HTTP security headers analysis
Missing Strict-Transport-Security header
HIGHForces HTTPS connections
Missing X-Content-Type-Options header
MEDIUMPrevents MIME type sniffing
Missing Content-Security-Policy header
HIGHControls resources the browser is allowed to load
Missing X-XSS-Protection header
MEDIUMLegacy XSS protection (deprecated but still recommended)
Missing Referrer-Policy header
LOWControls referrer information sent with requests
Missing Permissions-Policy header
MEDIUMControls browser features and APIs
Sensitive data may be cached
LOWCache-Control header should include "no-store" for sensitive pages
👤GDPR Compliance
Privacy and data protection assessment under GDPR regulations.
GDPR Compliance
Privacy and data protection assessment
No Privacy Policy found
HIGHGDPR requires a clear and accessible privacy policy
No Cookie Policy found
HIGHGDPR requires clear information about cookie usage
No Cookie Consent Banner found
HIGHGDPR requires explicit consent for non-essential cookies
GDPR Compliance Analysis
🛡️NIS2 Compliance
Network & Information Security Directive compliance assessment.
NIS2 Compliance
Network & Information Security Directive
No information security framework found
HIGHNIS2 requires documented cybersecurity and information security measures
No vulnerability disclosure policy
MEDIUMNIS2 encourages coordinated vulnerability disclosure
No security policy documentation found
HIGHNIS2 requires documented cybersecurity governance and risk management
No incident response procedures found
HIGHNIS2 requires documented incident response and business continuity plans
No business continuity planning found
MEDIUMNIS2 emphasizes operational resilience and business continuity
No security contact information
HIGHNIS2 requires clear incident reporting channels
No vulnerability reporting mechanism
MEDIUMClear vulnerability reporting supports coordinated disclosure
No NIS2 reference found
LOWConsider explicitly mentioning NIS2 compliance efforts
Critical sector without clear security compliance
HIGHDetected sectors: transport, digital
📧Email Security
SPF, DKIM, and DMARC validation and email security assessment.
Email Security
SPF, DKIM, and DMARC validation
No SPF record found
HIGHSPF helps prevent email spoofing
No MX records found
MEDIUMDomain cannot receive email without MX records
No DKIM record found
MEDIUMDKIM adds cryptographic signatures to emails
No BIMI Record
LOWBIMI displays brand logos in email clients
No MTA-STS Policy
MEDIUMMTA-STS enforces TLS for email delivery
No TLS-RPT Record
LOWTLS-RPT provides reporting for email TLS issues
No email authentication configured
CRITICALDomain is vulnerable to email spoofing
🏆SSL/TLS Security
Certificate validity and encryption analysis.
SSL/TLS Security
Certificate validity and encryption analysis
Unable to retrieve SSL certificate
CRITICALCould not establish secure connection to retrieve certificate information
Mixed Content Detected
MEDIUM9 resources loaded over insecure HTTP
OCSP Status
📊DNS Health
DNS configuration and security assessment.
DNS Health
DNS configuration and security assessment
No MX Records
LOWDomain cannot receive email without MX records
DNSSEC Not Enabled
MEDIUMDNSSEC is not configured for this domain
CAA Records Not Configured
LOWCertificate Authority Authorization (CAA) records not found
Domain Transfer Lock Not Enabled
MEDIUMDomain can be transferred without authorization
Domain Delete Lock Not Enabled
LOWDomain can be deleted without additional verification
Domain Registration Details
- •No domain protection locks enabled
DNS Records
DNSSEC Status
⚡Network Security
Port scanning and network exposure analysis.
Network Security
Port scanning and network exposure analysis
High-Risk Service Exposed: FTP
HIGHPort 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer
Service Exposed: SSH
MEDIUMPort 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced
Critical Service Exposed: Telnet
CRITICALPort 23 (Telnet) is publicly accessible - Telnet - Unencrypted remote access
Critical Service Exposed: MySQL
CRITICALPort 3306 (MySQL) is publicly accessible - MySQL - Database server
Critical Service Exposed: RDP
CRITICALPort 3389 (RDP) is publicly accessible - RDP - Remote Desktop, prime ransomware target
Critical Service Exposed: Redis
CRITICALPort 6379 (Redis) is publicly accessible - Redis - In-memory database
🔧Technical Analysis
Detailed technical findings and analysis from AI assessment.
Technical Analysis
Comprehensive security assessment findings