Is shipinjianceyi.com Safe? Security Analysis for 山东云唐智能科技有限公司
Check if shipinjianceyi.com is a scam or legitimate. Free security scan and reviews.
AI Summary
山东云唐智能科技有限公司是一家专注于研发、生产和销售食品安全及环境检测仪器的制造商,提供包括食品添加剂检测仪、农药残留检测仪、土壤检测仪器及气象监测设备等多种高智能检测设备。公司拥有自主研发能力和多项认证资质,面向食品检测实验室、农产品检测机构及科研单位等专业客户群体。网站内容丰富,产品分类清晰,体现了较强的行业专业性和市场定位。技术基础采用传统网页技术结合百度统计和在线客服工具,整体性能表现中等,移动端优化基础。安全方面,网站使用HTTPS但缺少安全头部配置,隐私及合规政策缺失,WHOIS信息缺乏,影响域名信任度。建议加强安全策略和隐私合规建设以提升整体安全和合规水平。
Detected Technologies
🧠AI Business Intelligence
Technology stack, business insights, and market analysis powered by AI.
Business Intelligence
Market & Strategic Analysis
该公司在食品安全检测领域具有较强的市场竞争力,依托自主研发和制造优势,直接面向终端客户销售,减少中间环节,价格具有竞争力。合作伙伴网络广泛,涵盖多个相关行业企业,显示良好的行业合作生态。业务模式以制造和解决方案提供为主,目标客户为实验室及监管机构,体现专业化和细分市场定位。网站内容专业且详实,支持客户快速了解产品和解决方案,具备一定的品牌建设和市场推广能力。
Extracted Contact Information
Marketing Intelligence Data
Phone Numbers (1)
Physical Addresses (1)
Security Posture Analysis
Comprehensive Security Assessment
当前网站安全措施有限,缺少关键安全头部配置,未发现安全政策或事件响应信息,隐私政策和Cookie政策缺失,存在合规风险。HTTPS使用为正面因素,但WHOIS信息缺失降低域名信任度。无明显漏洞或敏感信息泄露,安全风险中等。建议完善安全头部,增加隐私合规声明,建立安全事件响应流程,提升整体安全成熟度。
Strategic Recommendations
Priority Actions for Security Improvement
部署并配置安全HTTP头部(如Content-Security-Policy, X-Frame-Options, HSTS等)
✨Observations
AI-powered comprehensive website and business analysis.
AI-Enhanced Website Analysis
Business Insights
山东云唐智能科技有限公司
山东云唐智能科技有限公司生产研发制造食品添加剂检测仪,食品安全分析仪,高智能食品微生物综合分析仪,仪器能检测白酒甲醇乙醇,食品添加剂,食品重金属,蜂蜜浓度,食用油品质,粮食食用油成分等各类样品,无中间商赚差价,厂家直销,价格实惠,欢迎咨询.
good
consistent
Technical Stack
moderate
basic
basic
good
Security Assessment
- HTTPS usage assumed (URL is https)
- No exposed sensitive data in HTML
- No vulnerable libraries detected
Analytics & Tracking
Advertising & Marketing
Website Quality Assessment
Key Observations
Website is fully accessible with rich content and product listings.
🛡️Security Headers
HTTP security headers analysis and recommendations.
Security Headers
HTTP security headers analysis
Missing Strict-Transport-Security header
HIGHForces HTTPS connections
Missing X-Frame-Options header
HIGHPrevents clickjacking attacks
Missing X-Content-Type-Options header
MEDIUMPrevents MIME type sniffing
Missing Content-Security-Policy header
HIGHControls resources the browser is allowed to load
Missing X-XSS-Protection header
MEDIUMLegacy XSS protection (deprecated but still recommended)
Missing Referrer-Policy header
LOWControls referrer information sent with requests
Missing Permissions-Policy header
MEDIUMControls browser features and APIs
👤GDPR Compliance
Privacy and data protection assessment under GDPR regulations.
GDPR Compliance
Privacy and data protection assessment
No Privacy Policy found
HIGHGDPR requires a clear and accessible privacy policy
No Cookie Policy found
HIGHGDPR requires clear information about cookie usage
No Cookie Consent Banner found
HIGHGDPR requires explicit consent for non-essential cookies
GDPR Compliance Analysis
🛡️NIS2 Compliance
Network & Information Security Directive compliance assessment.
NIS2 Compliance
Network & Information Security Directive
No information security framework found
HIGHNIS2 requires documented cybersecurity and information security measures
No vulnerability disclosure policy
MEDIUMNIS2 encourages coordinated vulnerability disclosure
No security policy documentation found
HIGHNIS2 requires documented cybersecurity governance and risk management
No incident response procedures found
HIGHNIS2 requires documented incident response and business continuity plans
No business continuity planning found
MEDIUMNIS2 emphasizes operational resilience and business continuity
No security contact information
HIGHNIS2 requires clear incident reporting channels
No vulnerability reporting mechanism
MEDIUMClear vulnerability reporting supports coordinated disclosure
No NIS2 reference found
LOWConsider explicitly mentioning NIS2 compliance efforts
Critical sector without clear security compliance
HIGHDetected sectors: digital
📧Email Security
SPF, DKIM, and DMARC validation and email security assessment.
Email Security
SPF, DKIM, and DMARC validation
No DKIM record found
MEDIUMDKIM adds cryptographic signatures to emails
No BIMI Record
LOWBIMI displays brand logos in email clients
No MTA-STS Policy
MEDIUMMTA-STS enforces TLS for email delivery
No TLS-RPT Record
LOWTLS-RPT provides reporting for email TLS issues
No email authentication configured
CRITICALDomain is vulnerable to email spoofing
🏆SSL/TLS Security
Certificate validity and encryption analysis.
SSL/TLS Security
Certificate validity and encryption analysis
Weak Protocols Supported
HIGHServer supports weak protocols: TLSv1.1
OCSP Stapling Not Enabled
LOWOCSP stapling improves performance and privacy
Certificate Transparency Not Implemented
LOWCertificate is not logged in Certificate Transparency logs
SSL Certificate Expires Within 90 Days
MEDIUMSSL certificate expires in 55 days
Mixed Content Detected
MEDIUM3 resources loaded over insecure HTTP
Partial SSL/TLS Assessment
LOWCompleted 3 of 4 security checks due to time constraints
Protocol Support
OCSP Status
📊DNS Health
DNS configuration and security assessment.
DNS Health
DNS configuration and security assessment
DNSSEC Not Enabled
MEDIUMDNSSEC is not configured for this domain
CAA Records Not Configured
LOWCertificate Authority Authorization (CAA) records not found
No DMARC Record
MEDIUMDMARC policy not configured
DNS Records
DNSSEC Status
DNS Performance
⚡Network Security
Port scanning and network exposure analysis.
Network Security
Port scanning and network exposure analysis
High-Risk Service Exposed: FTP
HIGHPort 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer
🔧Technical Analysis
Detailed technical findings and analysis from AI assessment.
Technical Analysis
Comprehensive security assessment findings