What is the security status of writingo.net?

writingo.net has a security score of 47/100, rated as Potentially Unsafe. The website may have security concerns that should be addressed.

Is writingo.net safe to use?

Our security scan shows writingo.net is Potentially Unsafe. SSL security issues detected. Always practice safe browsing habits.

Does writingo.net have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 47/100, the website is rated as Potentially Unsafe. However, websites can change over time, so always use updated security software.

What is writingo.net's trust score?

writingo.net has a security score of 47/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is writingo.net Safe? Security Analysis for 字节跳动

https://writingo.net

Check if writingo.net is a scam or legitimate. Free security scan and reviews.

TechnologyChinalarge

ReactAxiosLodashModern JavaScript (ES6+)Polyfills for browser compatibility

Analyzed 9/4/2025Completed 10:19:42 PM

Security Score

HIGH RISK

AI Summary

The website '火山写作' is an AI-powered writing assistant platform launched by ByteDance, targeting Chinese-speaking users. It offers integrated services such as content creation, text polishing, error correction, rewriting, and translation in both Chinese and English. The platform leverages modern web technologies including React and Axios, hosted likely on ByteDance's infrastructure, ensuring a moderate to good performance and mobile optimization. The site is professionally designed with consistent branding and relevant content focused on AI writing assistance. From a security perspective, the website enforces HTTPS and uses modern JavaScript libraries, but lacks DNSSEC and important security headers. There is no visible security or incident response policy, and no contact information is provided, which limits transparency. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism. Analytics and tracking are implemented via ByteDance's internal tools, with moderate user tracking levels. Overall, the domain registration is consistent with the business claims, registered through a reputable Chinese registrar with no privacy protection, and the domain age aligns with the service launch. No suspicious patterns or blocking mechanisms were detected. The website is safe for general audiences with no adult or questionable content. The AI score reflects good content and technical implementation but is reduced by privacy and security gaps. Strategic recommendations include enabling DNSSEC, implementing security headers, adding explicit cookie consent and privacy compliance mechanisms, publishing security and incident response policies, and providing clear contact information to enhance trust and compliance.

Detected Technologies

ReactAxiosLodashModern JavaScript (ES6+)Polyfills for browser compatibility

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The platform operates under ByteDance, a major technology company, positioning itself strongly in the AI writing assistance market. Its business model is SaaS-based, targeting individual and professional users needing AI-enhanced writing tools. The service leverages ByteDance's AI capabilities and infrastructure, providing competitive advantages in technology and market reach. Revenue streams likely include subscription or usage-based fees. The absence of visible partnerships or subsidiaries suggests a focused product offering. Growth potential is supported by the increasing demand for AI writing tools in Chinese and English markets.

Security Posture Analysis

Comprehensive Security Assessment

The website demonstrates a moderate security maturity level with HTTPS enforced and use of modern libraries. However, the lack of DNSSEC, security headers, and public security policies indicates gaps in defense-in-depth and transparency. No incident response contacts or vulnerability disclosure mechanisms are present, which could delay response to security events. Privacy compliance is partial, lacking cookie consent mechanisms and GDPR indicators. No exposed sensitive data or vulnerable libraries were detected in the HTML content. Overall, the security posture is adequate but requires improvements to meet higher compliance and trust standards.

Strategic Recommendations

Priority Actions for Security Improvement

Enable DNSSEC on the domain to enhance DNS security and prevent spoofing.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

字节跳动

Description:

火山写作是由字节跳动推出的，集成创作、润色、纠错、改写、翻译等能力的中英文 AI 写作助手。

Key Services:

AI writing creationText polishingError correctionRewritingTranslation

Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:

ReactAxiosLodashModern JavaScript (ES6+)Polyfills for browser compatibility

Frameworks:

React

Platforms:

Web

Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:

70/100

Best Practices:

HTTPS enforced
Use of modern JS libraries
No exposed sensitive data in HTML

Analytics & Tracking

Services:

ibytedapm

Tracking Level:moderate

Privacy Compliance:basic

Advertising & Marketing

Tracking Pixels:

ibytedapm

Transparency Level:basic

Website Quality Assessment

Design Quality:good

User Experience:good

Content Relevance:good

Navigation Clarity:basic

Professionalism:good

Trustworthiness:moderate

Key Observations

Website is fully accessible with no blocking or WAF challenges.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100

Score

Critical sector without clear security compliance

HIGH

Detected sectors: transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

30/100

Score

No SPF record found

HIGH

SPF helps prevent email spoofing

No MX records found

MEDIUM

Domain cannot receive email without MX records

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

62/100

Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

HSTS Not Enabled

MEDIUM

HTTP Strict Transport Security (HSTS) is not configured

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

55/100

Score

No MX Records

LOW

Domain cannot receive email without MX records

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age

3 years(established)

Expiry Risk

low(268 days)

Protection Level

noneDNSSEC OFF

Suspicious Indicators Detected

•No domain protection locks enabled

DNS Records

A Records:101.47.85.10, 139.177.246.206, 98.96.213.145, 98.96.242.53

Name Servers:

ns-mobile.bytedns.com

ns-telecom.bytedns.com

ns-unicom.bytedns.com

ns1.bytedns.com

ns2.bytedns.com

DNSSEC Status

DNSSEC Enabled

DNS Performance

Resolution Time:774ms

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100

Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a modern React-based frontend with libraries like Axios and Lodash, ensuring modular and maintainable code. It loads fonts from Google Fonts and uses ByteDance's CDN infrastructure for static assets, indicating a robust hosting environment. Performance is moderate with deferred script loading and CSS chunking. Mobile optimization is good, but accessibility features are basic and could be improved. SEO is supported by proper meta tags and Open Graph data. No CMS was detected, suggesting a custom-built platform. Technical risks include missing DNSSEC and lack of security headers, which should be addressed to reduce attack surface.

Analyze Another Website

Is writingo.net a Scam? Security Check Results - 字节跳动 Reviews

Is writingo.net Safe? Security Analysis for 字节跳动

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Missing Strict-Transport-Security header

Missing X-Frame-Options header

Missing X-Content-Type-Options header

Missing Content-Security-Policy header

Missing X-XSS-Protection header

Missing Referrer-Policy header

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

Third-party services without privacy policy

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

Critical sector without clear security compliance

📧Email Security

Email Security

No SPF record found

No MX records found

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

No email authentication configured

🏆SSL/TLS Security

SSL/TLS Security

Weak Protocols Supported

OCSP Stapling Not Enabled

Certificate Transparency Not Implemented

HSTS Not Enabled

Protocol Support

OCSP Status

📊DNS Health

DNS Health

No MX Records

DNSSEC Not Enabled

CAA Records Not Configured

Domain Transfer Lock Not Enabled

Domain Delete Lock Not Enabled

No DMARC Record

Domain Registration Details

DNS Records

DNSSEC Status

DNS Performance

⚡Network Security

Network Security

Good Network Security Posture

🔧Technical Analysis

Technical Analysis

Additional Findings