Find a Chinese Supplier from a Website or Email

Trace a supplier website or email through redirects, ICP filing, RDAP, mail authentication, and packaging evidence to Chinese legal-company candidates.

A supplier website or email address is enough to start an identity investigation, but not enough to name the company you are buying from. The site may belong to a brand owner, the mailbox may be operated by an export team, and the carton may identify a separate manufacturer. The useful outcome is a documented path from each internet clue to one or more Chinese legal-company candidates.

Investigator comparing a fictional supplier website footer, email authentication fields, ICP and RDAP clues, and a manufacturer label on product packaging
Website, email, filing, registration, and packaging clues belong in separate rows until evidence connects them to a legal entity.

Preserve the clue before the website changes

Begin with an evidence packet, not a search box. Save the full URL including its path, the date and timezone, a full-page screenshot, and the final URL after any redirects. Download the quotation or catalog without editing it and record its filename and file hash if the transaction matters. Photograph the product, manual, rating plate, and every side of the carton before discarding the packaging.

For email, preserve the original message or export an .eml file with full headers. A screenshot of the visible sender line loses the Return-Path, authentication results, message identifiers, and routing history. Do not click an unexpected login or account-verification link merely to “test” it, and do not probe a supplier's mailbox or private systems.

Create one row per observed item: website URL, final domain, email From address, Reply-To, phone, address, quotation name, package manufacturer, and any Chinese characters. Record what the artifact literally says before adding an interpretation. This prevents a familiar English brand from silently becoming the assumed company name.

Reduce URLs and mailboxes to exact domains

Write the registrable domain for every clue, not just “the website.” For sales.cn.example.com, the subdomain is sales.cn and the registrable domain is example.com. Record redirects separately: brand.cn redirecting to group.com is a relationship to investigate, not a reason to erase the first domain.

Compare spelling character by character. Hyphens, doubled letters, substituted digits, different top-level domains, and visually similar Unicode characters can be missed on a phone screen. The FBI Internet Crime Complaint Center's guidance on spoofed business domains shows how a convincing imitation may add a word, alter a letter, or substitute punctuation. It recommends checking that the domain belongs to the business it claims to represent and confirming the sender through the business's main phone line.

Domain matching is still only technical matching. An address at the same domain as the website suggests common domain control; a free mailbox or second domain creates another branch to document. Neither result identifies the legal company without additional evidence.

Read the website as a set of claims

Inspect more than the About page. The most useful identity surfaces are often the footer, Contact page, privacy policy, terms, legal notice, returns policy, downloadable catalog, certificate page, and PDF metadata. Capture the legal name exactly as displayed, especially Chinese characters. Then record addresses, landline area codes, phone numbers, emails, copyright names, brands, and claimed factory locations.

Separate four roles when the text permits it: website operator, brand owner, manufacturer, and sales or export company. “Our factory” and a gallery of machines are marketing claims until a named plant is connected to the seller. Copied product text, stock photography, or an old copyright year can guide follow-up, but none proves that the site is false.

If the site yields only an English name, move the surviving words, city, product and contact clues into the English-name investigation. Do not translate an English brand into Chinese and search it as though it were the registered name.

Use an ICP filing for the right question

For a site providing internet information services in Mainland China, an ICP license or filing number can connect a domain to a filed website organizer. China's current Internet Information Services measures require the license or filing number to be shown prominently on the homepage. The MIIT's non-commercial filing rules are more specific: the filing number should appear at the central bottom of the homepage and link to the filing system for public checking.

Copy the number as text and follow the official query route; do not trust a footer image or a link that leads to an unrelated lookalike service. Record the filed organizer name, domain, filing status, and query date. Compare the organizer's Chinese name with the website, quotation and eventual company record.

An ICP result answers a web-administration question. It does not by itself prove that the organizer owns the factory, controls a sales employee, can export the goods, will sign the contract, or should receive your payment. A site hosted outside Mainland China may legitimately have no ICP filing, so absence is a coverage fact, not an automatic red flag.

Use RDAP without turning privacy into suspicion

For a generic top-level domain, record the registration and expiry dates, registrar, domain status, and nameservers available through RDAP. ICANN describes RDAP as the structured replacement for WHOIS. Its lookup FAQ explains that results come from registries or registrars and that applicable law and policy mean not all registration data is public.

China's domain-name measures require registrars operating under the rules to request and verify true, accurate and complete holder information, while also protecting personal information. A public privacy proxy or redacted contact is therefore not evidence of deception.

Domain age is also not company age. A company formed in 2012 may launch a new export domain in 2025, and an old domain may be acquired by a new operator. Use the date to test the website's specific history claims and request archived or documentary support; do not subtract it from the claimed operating history as if the two clocks were the same.

Read email authentication as control evidence

From the full headers, place the visible From, Reply-To, Return-Path or envelope sender, DKIM signing domain (d=), and SPF result in separate fields. A different Reply-To deserves an explanation because replies may leave the domain shown to the reader. Forwarding and legitimate email platforms can also produce differences, so the raw result needs context.

DMARC evaluates alignment between the visible From domain and a domain validated through SPF or DKIM, as defined in IETF RFC 7489. A pass supports the conclusion that the message met the domain's authentication policy. It does not prove that the domain belongs to the company on the quotation, that the employee has contract authority, or that an authorized mailbox has not been compromised.

Save the authentication result as one line in the evidence file. Do not label free email as fraud, and do not label authenticated corporate email as verified company identity. When a message changes bank instructions, leave this identity workflow and use the bank-details change procedure.

A fictional case: Harbor Motion

A buyer receives a quotation from the fictional sales@harbor-motion.com. The quotation says only “Harbor Motion,” and the product page redirects from harbor-motion.com to hmotion.cn. The investigator preserves both URLs, the raw email, the PDF, and photos of the sample carton.

  1. The final website footer names Guangdong Harbor Motion Technology Co., Ltd. in Chinese and shows an ICP filing. The official query returns the same organizer and final domain. That supports a website-operator candidate.
  2. RDAP shows the original domain was registered in 2024, although the site says “serving buyers since 2012.” The note remains open: it may be a new domain for an older business, not proof that the company history is false.
  3. The email passes SPF, but its Reply-To is on a second corporate domain. The investigator records the difference and asks which company controls that domain rather than treating “pass” as legal identity.
  4. The sample carton names the fictional Ningbo Harbor Drive Equipment Co., Ltd. as manufacturer. The packaging therefore adds a second legal-name candidate and a possible factory role; it does not replace the website operator.
  5. The buyer asks for the Chinese legal name and USCC of the contract seller and for a written map of the website operator, manufacturer and seller. The supplier responds that the Guangdong company sells and exports while the Ningbo company manufactures.

The output is not “website verified.” It is a role map with two named entities, source files, dates, and a relationship claim still to test. Search each Chinese name, compare candidates using the candidate-selection method, and request the seller's license through the document request sequence.

Close the internet investigation with a legal-entity handoff

A complete handoff records each domain, redirect, ICP result, RDAP result, email-domain fields, physical label, Chinese-name candidate, source URL or file, capture date, and confidence. It also states what remains unknown. Keep role fields separate for website operator, brand owner, manufacturer, exporter, contract seller, invoice issuer, and bank beneficiary.

Proceed to company matching when at least one Chinese legal name or organization identifier is supported by an artifact you can preserve. Hold the identity conclusion when the site, email and packaging lead to different entities with no documented relationship. Stop relying on the digital trail when the supplier refuses to name an accountable contract party but continues to request money.

Once the seller is identified, search it in ChinaValidate Company Search. If the eventual beneficiary differs, use the beneficiary verification workflow. The internet investigation has done its job when it produces traceable legal-entity candidates and explicit gaps—not when every clue is forced into one convenient name.