Skip to main content

Is wxzzgl.com a Scam? Security Check Results - 无锡中正锅炉有限公司 Reviews

wxzzgl.com favicon

Is wxzzgl.com Safe? Security Analysis for 无锡中正锅炉有限公司

https://wxzzgl.com

Check if wxzzgl.com is a scam or legitimate. Free security scan and reviews.

EnergyChinamedium
jQuerySlick CarouselZoosnet Live ChatBaidu AnalyticsMicrosoft Clarity+2 more
Analyzed 8/3/2025Completed 4:40:57 AM
46
Security Score
HIGH RISK

AI Summary

无锡中正锅炉有限公司是一家专注于工业锅炉制造的中型企业,拥有超过36年的行业经验,主要产品包括燃气锅炉、蒸汽锅炉、生物质锅炉等。公司持有多项国家及国际认证,具备较强的制造资质和行业地位。网站内容丰富,面向工业客户,提供详细产品信息和客户案例,支持在线咨询和电话销售热线。技术基础包括多种现代网页技术和多渠道数据分析工具,网站设计专业且移动优化良好。安全方面,网站使用HTTPS,但缺少安全头信息和隐私政策,存在一定合规风险。WHOIS信息缺失降低了域名透明度和信任度,建议加强域名注册信息管理和隐私合规。整体网站表现良好,适合工业客户使用,但需完善安全和隐私合规措施以提升信任和合规水平。

Detected Technologies

jQuerySlick CarouselZoosnet Live ChatBaidu AnalyticsMicrosoft Clarity51.la AnalyticsCNZZ Analytics

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

该公司在工业锅炉制造领域拥有稳固的市场地位,产品线丰富,覆盖燃气、蒸汽、生物质及燃煤锅炉等多个细分市场。其业务模式以制造和销售为主,目标客户为工业企业和锅炉采购商。网站展示了丰富的客户案例和产品信息,体现出较强的市场推广能力。通过集成多种在线客服和数据分析工具,显示出一定的数字化营销能力。缺乏公开的隐私政策和WHOIS信息可能影响部分客户的信任。公司应加强数字合规和安全管理,提升品牌信誉和市场竞争力。

Extracted Contact Information

Marketing Intelligence Data

Phone Numbers (1)

138*******

Security Posture Analysis

Comprehensive Security Assessment

网站启用了HTTPS,保证了数据传输的基本安全,但未检测到安全相关HTTP头部,缺少内容安全策略(CSP)、X-Frame-Options等防护措施。未发现明显的敏感信息泄露或已知漏洞,但缺少隐私政策和Cookie同意机制,存在合规风险。网站使用多个第三方脚本和分析工具,需定期审计以防止潜在安全风险。无安全事件响应或漏洞披露信息,建议建立完善的安全管理和响应流程。整体安全成熟度中等,需加强安全头配置和隐私合规。

Strategic Recommendations

Priority Actions for Security Improvement

1

完善网站隐私政策和Cookie政策,明确用户数据处理流程,提升GDPR等法规合规性。

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

无锡中正锅炉有限公司

Description:

无锡中正锅炉有限公司专注于工业锅炉生产30多年,提供燃气锅炉、蒸汽锅炉、热水锅炉等产品,持有多项制造许可证和国际质量认证,致力于为客户提供优质售前售后服务。

Key Services:
燃气锅炉制造蒸汽锅炉制造生物质锅炉制造燃煤锅炉制造导热油锅炉制造售前售后服务
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQuerySlick CarouselZoosnet Live ChatBaidu AnalyticsMicrosoft Clarity51.la AnalyticsCNZZ Analytics
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

good

Security Assessment

Security Score:
70/100
Best Practices:
  • HTTPS enforced (implied by https URL)
  • No exposed sensitive data in HTML
  • Use of online chat with rel='nofollow' on links

Analytics & Tracking

Services:
Baidu AnalyticsMicrosoft Clarity51.laCNZZ
Tracking Level:moderate
Privacy Compliance:poor

Advertising & Marketing

Tracking Pixels:
Baidu AnalyticsMicrosoft Clarity51.laCNZZ
Marketing Tools:
Zoosnet Live Chat
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is fully accessible with rich content and multiple product offerings.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

30/100
Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

50/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

60/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100
Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

Mixed Content Detected

MEDIUM

22 resources loaded over insecure HTTP

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

60/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age
7 years(mature)
Expiry Risk
low(333 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:193.112.50.236
Name Servers:
f1g1ns1.dnspod.net
f1g1ns2.dnspod.net
SOA:Serial: 1744961790, TTL: 180s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:399ms

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

网站采用jQuery和Slick轮播插件实现动态效果,集成了多家第三方分析服务(百度统计、微软Clarity、51.la、CNZZ)和在线客服系统(Zoosnet)。页面结构清晰,响应式设计良好,适配移动设备。缺少CMS标识,可能为定制开发。性能表现中等,未见明显加载瓶颈。建议优化安全头配置和隐私合规相关技术实现,提升整体技术成熟度和用户信任。
Analyze Another Website