Is trade-wind.co Safe? Security Analysis for 信风AI外贸获客智能体
Check if trade-wind.co is a scam or legitimate. Free security scan and reviews.
AI Summary
The website www.trade-wind.co represents 信风AI外贸获客智能体, a small technology company specializing in AI-driven lead generation solutions for foreign trade businesses, primarily targeting Chinese exporters. Their platform aggregates over 100 global trade data sources and offers automated outreach via email, WhatsApp, social media, and AI-powered calls. The business model is SaaS with a pay-per-result pricing approach, positioning them as a niche player in the AI sales development and automation market. The site is professionally designed using the Framer platform and integrates modern marketing and analytics tools such as Google Analytics and Intercom. However, the absence of explicit privacy, cookie, and terms of service policies, along with fully redacted WHOIS data, limits transparency and trust to some extent. Security headers and SSL configuration details are not evident from the data provided, suggesting room for improvement in security posture. Overall, the site is accessible and content-rich, but privacy compliance and domain transparency are areas needing attention.
Detected Technologies
🧠AI Business Intelligence
Technology stack, business insights, and market analysis powered by AI.
Business Intelligence
Market & Strategic Analysis
信风AI外贸获客智能体 leverages its 30 years of industrial import-export experience and backing from notable investors and accelerators to offer a comprehensive AI-powered B2B lead generation platform. Their competitive advantage lies in real-time data aggregation from diverse sources including customs data, social media, exhibitions, and geographic data, combined with AI-driven communication automation. The pay-per-result pricing model is innovative in reducing upfront costs for clients. The target customers are Chinese exporters seeking efficient overseas customer acquisition. The company appears to be in a growth phase with strategic partnerships and a focus on technology innovation. However, lack of public contact information and corporate transparency could hinder trust-building with potential clients.
Extracted Contact Information
Marketing Intelligence Data
Email Addresses (1)
Security Posture Analysis
Comprehensive Security Assessment
The website employs HTTPS and integrates trusted analytics and marketing tools, indicating a baseline security posture. However, no security headers were detected, and no explicit security or incident response policies are published. The absence of privacy and cookie policies raises compliance concerns, especially regarding GDPR and other data protection regulations. WHOIS data is fully redacted, which is common but reduces domain transparency. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security maturity is moderate but could be enhanced by implementing security headers, publishing privacy and incident response policies, and improving transparency.
Strategic Recommendations
Priority Actions for Security Improvement
Implement and publish comprehensive privacy and cookie policies with clear consent mechanisms to improve GDPR compliance.
✨Observations
AI-powered comprehensive website and business analysis.
AI-Enhanced Website Analysis
Business Insights
信风AI外贸获客智能体
信风AI是专精于外贸获客的AI智能体,为您实时搜索全球100+外贸数据渠道,通过邮件、Whatsapp、社媒、AI电话精准触达海外客户。信风AI类Deepseek AI联网搜索,自动过滤无效数据,首创按结果付费,让您的外贸开发效率倍增。
good
consistent
Technical Stack
moderate
good
basic
good
Security Assessment
- Use of HTTPS (implied by canonical URL and Google Analytics)
- No exposed sensitive data found in HTML
Analytics & Tracking
Advertising & Marketing
Website Quality Assessment
Key Observations
Website is fully accessible with no blocking or WAF challenge.
🛡️Security Headers
HTTP security headers analysis and recommendations.
Security Headers
HTTP security headers analysis
👤GDPR Compliance
Privacy and data protection assessment under GDPR regulations.
GDPR Compliance
Privacy and data protection assessment
No Privacy Policy found
HIGHGDPR requires a clear and accessible privacy policy
No Cookie Policy found
HIGHGDPR requires clear information about cookie usage
No Cookie Consent Banner found
HIGHGDPR requires explicit consent for non-essential cookies
Third-party services without privacy policy
HIGHDetected services: Google Analytics, YouTube
GDPR Compliance Analysis
🛡️NIS2 Compliance
Network & Information Security Directive compliance assessment.
NIS2 Compliance
Network & Information Security Directive
No information security framework found
HIGHNIS2 requires documented cybersecurity and information security measures
No vulnerability disclosure policy
MEDIUMNIS2 encourages coordinated vulnerability disclosure
No security policy documentation found
HIGHNIS2 requires documented cybersecurity governance and risk management
No incident response procedures found
HIGHNIS2 requires documented incident response and business continuity plans
No business continuity planning found
MEDIUMNIS2 emphasizes operational resilience and business continuity
No security contact information
HIGHNIS2 requires clear incident reporting channels
No vulnerability reporting mechanism
MEDIUMClear vulnerability reporting supports coordinated disclosure
No NIS2 reference found
LOWConsider explicitly mentioning NIS2 compliance efforts
📧Email Security
SPF, DKIM, and DMARC validation and email security assessment.
Email Security
SPF, DKIM, and DMARC validation
No SPF record found
HIGHSPF helps prevent email spoofing
No DKIM record found
MEDIUMDKIM adds cryptographic signatures to emails
No BIMI Record
LOWBIMI displays brand logos in email clients
No MTA-STS Policy
MEDIUMMTA-STS enforces TLS for email delivery
No TLS-RPT Record
LOWTLS-RPT provides reporting for email TLS issues
No email authentication configured
CRITICALDomain is vulnerable to email spoofing
🏆SSL/TLS Security
Certificate validity and encryption analysis.
SSL/TLS Security
Certificate validity and encryption analysis
Weak Protocols Supported
HIGHServer supports weak protocols: TLSv1.1
OCSP Stapling Not Enabled
LOWOCSP stapling improves performance and privacy
Certificate Transparency Not Implemented
LOWCertificate is not logged in Certificate Transparency logs
SSL Certificate Expires Within 90 Days
MEDIUMSSL certificate expires in 79 days
Weak SSL Key Length
HIGHSSL certificate uses 256-bit key, which is considered weak
Mixed Content Detected
MEDIUM1 resources loaded over insecure HTTP
Partial SSL/TLS Assessment
LOWCompleted 3 of 4 security checks due to time constraints
Protocol Support
OCSP Status
📊DNS Health
DNS configuration and security assessment.
DNS Health
DNS configuration and security assessment
DNSSEC Not Enabled
MEDIUMDNSSEC is not configured for this domain
CAA Records Not Configured
LOWCertificate Authority Authorization (CAA) records not found
Domain Transfer Lock Not Enabled
MEDIUMDomain can be transferred without authorization
Domain Delete Lock Not Enabled
LOWDomain can be deleted without additional verification
No DMARC Record
MEDIUMDMARC policy not configured
Domain Registration Details
- •No domain protection locks enabled
DNS Records
DNSSEC Status
⚡Network Security
Port scanning and network exposure analysis.
Network Security
Port scanning and network exposure analysis
Good Network Security Posture
LOWNo unnecessary services detected on common risky ports
🔧Technical Analysis
Detailed technical findings and analysis from AI assessment.
Technical Analysis
Comprehensive security assessment findings