What is the security status of szshangtai.com?

szshangtai.com has a security score of 40/100, rated as Potentially Unsafe. The website may have security concerns that should be addressed.

Is szshangtai.com safe to use?

Our security scan shows szshangtai.com is Potentially Unsafe. SSL security issues detected. Always practice safe browsing habits.

Does szshangtai.com have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 40/100, the website is rated as Potentially Unsafe. However, websites can change over time, so always use updated security software.

What is szshangtai.com's trust score?

szshangtai.com has a security score of 40/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

深

Is szshangtai.com Safe? Security Analysis for 深圳市尚泰装饰设计工程有限公司

https://szshangtai.com

Check if szshangtai.com is a scam or legitimate. Free security scan and reviews.

Real EstateChinamedium

jQueryselectivizrSuperSlideBaidu AnalyticsBaidu Share+1 more

Analyzed 8/4/2025Completed 2:40:45 AM

Security Score

HIGH RISK

AI Summary

深圳市尚泰装饰设计工程有限公司是一家专注于商业空间装修设计与施工的中型企业，主要服务于深圳地区的餐饮、办公室、娱乐会所等商业客户。公司以全案设计和一站式装修服务为核心，拥有丰富的行业经验和多项认证资质，市场定位为深圳市十大靠谱工装装饰公司之一，长期服务于多家500强企业。技术基础包括使用主流JavaScript库和第三方服务如百度统计和Zoosnet在线客服，网站设计专业且内容丰富，支持基本的移动端访问。安全方面，网站启用了HTTPS，但缺少关键安全HTTP头，且未发现隐私或Cookie政策的完整合规机制。WHOIS信息缺失，降低了域名的信任度，但整体业务信息和网站内容显示其为合法且专业的商业实体。

Detected Technologies

jQueryselectivizrSuperSlideBaidu AnalyticsBaidu ShareZoosnet live chat

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

该公司在深圳商业装修市场拥有稳固的地位，凭借15年以上的行业经验和3000多个商业空间案例积累了丰富的客户资源。其业务模式涵盖设计、施工、材料采购及家具配套，形成完整产业链服务。合作伙伴包括多家知名品牌和相关设计公司，显示出良好的合作生态。网站内容展示了多样化的装修案例和团队介绍，体现出较强的市场竞争力和品牌影响力。缺乏公开的财务数据和成立年份限制了对其成长性和规模的进一步分析。

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

S*****@szshangtai.cn

Phone Numbers (1)

075*******

Security Posture Analysis

Comprehensive Security Assessment

网站采用HTTPS保障数据传输安全，但未检测到常见的安全HTTP头如Content-Security-Policy、Strict-Transport-Security等，存在一定安全隐患。第三方脚本的使用增加了潜在的隐私风险，且缺少明确的隐私和Cookie同意机制，可能不完全符合GDPR等隐私法规。未发现安全事件响应或漏洞披露相关信息，表明安全管理体系尚不完善。建议加强安全头配置，完善隐私合规措施，并建立安全事件响应流程以提升整体安全成熟度。

Strategic Recommendations

Priority Actions for Security Improvement

部署并配置关键安全HTTP头（CSP、HSTS、X-Frame-Options等）以提升防护能力。

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

深圳市尚泰装饰设计工程有限公司

Description:

尚泰装饰设计为深圳客户提供精工装饰服务,主营项目：餐饮空间设计,办公室装修,娱乐会所装修,店面装修设计,商业空间设计,酒吧以及美容院装修,是深圳市十大靠谱工装装饰公司之一。

Key Services:

餐饮空间设计办公室装修娱乐会所装修店面装修设计商业空间设计酒吧装修美容院装修

Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:

jQueryselectivizrSuperSlideBaidu AnalyticsBaidu ShareZoosnet live chat

Performance:

moderate

Mobile:

basic

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:

65/100

Best Practices:

HTTPS enforced via JavaScript redirect
No exposed sensitive data in HTML
Use of live chat with external provider

Analytics & Tracking

Services:

Baidu Analytics

Tracking Level:moderate

Privacy Compliance:basic

Advertising & Marketing

Tracking Pixels:

Baidu Analytics

Marketing Tools:

Baidu ShareZoosnet live chat

Transparency Level:basic

Website Quality Assessment

Design Quality:good

User Experience:good

Content Relevance:good

Navigation Clarity:good

Professionalism:good

Trustworthiness:moderate

Key Observations

Website is fully accessible with rich content and no blocking detected

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100

Score

Critical sector without clear security compliance

HIGH

Detected sectors: transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

60/100

Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

37/100

Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Soon

HIGH

SSL certificate expires in 23 days

HSTS Not Enabled

MEDIUM

HTTP Strict Transport Security (HSTS) is not configured

Mixed Content Detected

MEDIUM

14 resources loaded over insecure HTTP

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

Domain Age

11 years(mature)

Expiry Risk

low(213 days)

Protection Level

noneDNSSEC OFF

Suspicious Indicators Detected

•No domain protection locks enabled

DNS Records

A Records:120.77.60.166

Name Servers:

dns31.hichina.com

dns32.hichina.com

MX Records:

10: mxw.mxhichina.com

DNSSEC Status

DNSSEC Not Enabled

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

20/100

Score

High-Risk Service Exposed: FTP

HIGH

Port 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

网站基于传统的HTML和JavaScript技术栈，使用jQuery及相关插件实现交互和动画效果。集成了百度统计和百度分享等中国主流分析及社交工具，辅以Zoosnet在线客服系统。网站结构清晰，SEO优化较好，支持移动端访问但优化程度一般。未检测到现代前端框架或CMS，可能存在技术更新空间。性能表现中等，建议进一步优化资源加载和响应速度。缺少安全HTTP头和隐私合规机制是当前技术风险点。

Analyze Another Website

Is szshangtai.com a Scam? Security Check Results - 深圳市尚泰装饰设计工程有限公司 Reviews

Is szshangtai.com Safe? Security Analysis for 深圳市尚泰装饰设计工程有限公司

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Extracted Contact Information

Email Addresses (1)

Phone Numbers (1)

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Missing Strict-Transport-Security header

Missing X-Frame-Options header

Missing X-Content-Type-Options header

Missing Content-Security-Policy header

Missing X-XSS-Protection header

Missing Referrer-Policy header

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

Critical sector without clear security compliance

📧Email Security

Email Security

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

No email authentication configured

🏆SSL/TLS Security

SSL/TLS Security

Weak Protocols Supported

OCSP Stapling Not Enabled

Certificate Transparency Not Implemented

SSL Certificate Expires Soon

HSTS Not Enabled

Mixed Content Detected

Protocol Support

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

Domain Transfer Lock Not Enabled

Domain Delete Lock Not Enabled

No DMARC Record

Domain Registration Details

DNS Records

DNSSEC Status

⚡Network Security

Network Security

High-Risk Service Exposed: FTP

Service Exposed: SSH

🔧Technical Analysis

Technical Analysis