What is the security status of xiaonaizi.com?

xiaonaizi.com has a security score of 37/100, rated as Potentially Unsafe. The website may have security concerns that should be addressed.

Is xiaonaizi.com safe to use?

Our security scan shows xiaonaizi.com is Potentially Unsafe. SSL security issues detected. Always practice safe browsing habits.

Does xiaonaizi.com have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 37/100, the website is rated as Potentially Unsafe. However, websites can change over time, so always use updated security software.

What is xiaonaizi.com's trust score?

xiaonaizi.com has a security score of 37/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is xiaonaizi.com Safe? Security Analysis for 1CMS

https://xiaonaizi.com

Check if xiaonaizi.com is a scam or legitimate. Free security scan and reviews.

TechnologyN/asmall

Bootstrap 3.3.7WordPress 4.x/5.x compatible themejQuery (implied by Bootstrap)CSSHTML5

Analyzed 8/2/2025Completed 9:51:09 PM

Security Score

HIGH RISK

AI Summary

The website xiaonaizi.com is a newly created content site primarily showcasing the BigHub WordPress theme and related CMS content. It targets a general audience interested in CMS themes and technology. The site uses a Bootstrap 3.3.7 framework and is compatible with WordPress 4.x and 5.x versions. The technical infrastructure is basic but functional, with moderate performance and good mobile responsiveness. Security posture is minimal, lacking security headers and privacy policies, and no advanced security frameworks are observed. The domain registration is recent and consistent with the website's apparent launch date, registered through DNSPod, Inc. Overall, the site is safe with no adult or questionable content detected, but it lacks comprehensive privacy and security features.

Detected Technologies

Bootstrap 3.3.7WordPress 4.x/5.x compatible themejQuery (implied by Bootstrap)CSSHTML5

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The website operates in the technology sector, focusing on CMS and WordPress theme demonstration. It appears to be a small-scale operation without visible business contact information or certifications. The business model likely revolves around content publishing and theme promotion. Partnerships with tangjie.me (theme author) and 1cms.com (CMS platform) indicate a niche ecosystem. The site lacks clear revenue streams or advanced marketing tools, suggesting an early-stage or hobbyist project. Growth potential depends on expanding content and improving trust signals.

Security Posture Analysis

Comprehensive Security Assessment

The security maturity level is low, with no detected security headers, no privacy or cookie policies, and no incident response or vulnerability disclosure information. The site uses HTTPS but does not enable DNSSEC, which could improve DNS security. No exposed sensitive data or vulnerabilities were detected in the HTML content. The absence of security best practices and compliance documentation indicates a need for improvement to meet GDPR and other regulatory standards. Incident response readiness is not evident.

Strategic Recommendations

Priority Actions for Security Improvement

Enable DNSSEC to enhance DNS security and prevent spoofing.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Description:

The website uses the BigHub WordPress theme and appears to be a content site with articles and a theme showcase. It is likely related to CMS or theme demonstration.

Key Services:

content publishingtheme demonstration

Content Quality:

basic

Branding:

moderate

Technical Stack

Technologies:

Bootstrap 3.3.7WordPress 4.x/5.x compatible themejQuery (implied by Bootstrap)CSSHTML5

Frameworks:

Bootstrap

Platforms:

WordPress

Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:

40/100

Analytics & Tracking

Services:

Custom script from xiaonaizi.com/tongji

Tracking Level:minimal

Privacy Compliance:poor

Advertising & Marketing

Transparency Level:poor

Website Quality Assessment

Design Quality:basic

User Experience:basic

Content Relevance:basic

Navigation Clarity:good

Professionalism:basic

Trustworthiness:moderate

Key Observations

Website is a newly created CMS/theme showcase site with minimal content.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

30/100

Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

60/100

Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

0/100

Score

Unable to retrieve SSL certificate

CRITICAL

Could not establish secure connection to retrieve certificate information

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

75/100

Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

No DMARC Record

MEDIUM

DMARC policy not configured

DNS Records

A Records:43.248.10.170

Name Servers:

ns1.alidns.comDNS only

ns2.alidns.comDNS only

SOA:Serial: 2025032613, TTL: 600s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:290ms

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

20/100

Score

High-Risk Service Exposed: FTP

HIGH

Port 21 (FTP) is publicly accessible - FTP - Often unencrypted file transfer

Service Exposed: SSH

MEDIUM

Port 22 (SSH) is publicly accessible - SSH - Secure but can be brute-forced

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a Bootstrap 3.3.7 front-end framework and a WordPress compatible theme named BigHub. The CMS platform appears to be 1CMS, possibly a custom or derivative system. The site is mobile responsive and uses standard HTML5 and CSS. Performance is moderate with no explicit optimization indicators. No advanced accessibility features are detected beyond basic responsive design. The hosting provider is not explicitly identified beyond the registrar DNSPod, Inc. The site uses a custom JavaScript tracking script hosted on the same domain. There is room for modernization by upgrading to newer Bootstrap versions and implementing modern SEO and accessibility standards.

Analyze Another Website

Is xiaonaizi.com a Scam? Security Check Results - xiaonaizi.com Reviews

Is xiaonaizi.com Safe? Security Analysis for 1CMS

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Missing X-Frame-Options header

Missing X-Content-Type-Options header

Missing Content-Security-Policy header

Missing X-XSS-Protection header

Missing Referrer-Policy header

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

Critical sector without clear security compliance

📧Email Security

Email Security

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

No email authentication configured

🏆SSL/TLS Security

SSL/TLS Security

Unable to retrieve SSL certificate

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

No DMARC Record

DNS Records

DNSSEC Status

DNS Performance

⚡Network Security

Network Security

High-Risk Service Exposed: FTP

Service Exposed: SSH

🔧Technical Analysis

Technical Analysis

Additional Findings

Related Partner Domains

tangjie.me

1cms.com