Is qianzhan.com Safe? Security Analysis for 深圳前瞻资讯股份有限公司
Check if qianzhan.com is a scam or legitimate. Free security scan and reviews.
AI Summary
深圳前瞻资讯股份有限公司 operates the website www.qianzhan.com, a comprehensive industry research and consulting platform focused on Chinese and global market trends. The company provides detailed industry reports, economic data services, consulting, and specialized market research to individuals, enterprises, governments, and research institutions. The website positions itself as a leader in China's industry consulting sector with a large content repository and expert analyst team. Technically, the site uses established JavaScript libraries such as jQuery and Highcharts, supports HTTPS, and offers moderate performance and good mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is partial, with a privacy policy present but no explicit cookie consent mechanism. WHOIS data is unavailable, indicating privacy protection or unregistered status, which slightly reduces trust transparency. Overall, the site is professional, content-rich, and trustworthy for its target audience.
Detected Technologies
🧠AI Business Intelligence
Technology stack, business insights, and market analysis powered by AI.
Business Intelligence
Market & Strategic Analysis
The company targets a broad audience including individuals, enterprises, government bodies, and research institutions interested in industry trends and economic data. Its business model includes selling research reports, providing consulting services, and offering big data solutions. The company maintains multiple related domains and partner sites, enhancing its ecosystem. Market positioning is strong in the Chinese industry research sector, supported by a large analyst team and extensive content. The company has a long operational history since 1998, though domain registration details are not publicly available. The presence of multiple specialized services like IPO consulting, industry planning, and carbon neutrality research indicates diversified revenue streams and strategic growth focus.
Extracted Contact Information
Marketing Intelligence Data
Email Addresses (2)
Phone Numbers (1)
Security Posture Analysis
Comprehensive Security Assessment
The website demonstrates a good security maturity level with enforced HTTPS and no exposed sensitive data in the HTML. However, the absence of some security headers such as X-Frame-Options and Content Security Policy suggests room for improvement. No vulnerable or outdated libraries were detected, and forms appear to be standard without visible security flaws. Privacy compliance is limited by the lack of cookie consent mechanisms. Incident response and security policy information are not publicly disclosed. Overall, the security posture is adequate for a content and consulting platform but could benefit from enhanced header policies and clearer privacy controls.
Strategic Recommendations
Priority Actions for Security Improvement
Implement comprehensive security headers including X-Frame-Options, X-Content-Type-Options, and Content Security Policy to mitigate clickjacking and content injection risks.
✨Observations
AI-powered comprehensive website and business analysis.
AI-Enhanced Website Analysis
Business Insights
深圳前瞻资讯股份有限公司
前瞻网(www.qianzhan.com)是一个产业研究型资讯服务平台,专注于研究中国与全球各个细分产业发展动向与变迁趋势,对当下产业新风口、新趋势、新模式及案例进行前瞻性分析解读。为关注中国及全球细分产业发展的个人、企业、政府以及科研院所用户,提供前瞻性的产业资讯、产业规划咨询以及产业大数据服务与解决方案。
excellent
consistent
Technical Stack
moderate
good
basic
good
Security Assessment
- HTTPS enforced
- No exposed sensitive data in HTML
- No visible vulnerable libraries
Analytics & Tracking
Advertising & Marketing
Website Quality Assessment
Key Observations
Website is a comprehensive industry research and consulting platform focused on Chinese and global markets.
🛡️Security Headers
HTTP security headers analysis and recommendations.
Security Headers
HTTP security headers analysis
Missing Strict-Transport-Security header
HIGHForces HTTPS connections
Missing X-Frame-Options header
HIGHPrevents clickjacking attacks
Missing X-Content-Type-Options header
MEDIUMPrevents MIME type sniffing
Missing Content-Security-Policy header
HIGHControls resources the browser is allowed to load
Missing X-XSS-Protection header
MEDIUMLegacy XSS protection (deprecated but still recommended)
Missing Referrer-Policy header
LOWControls referrer information sent with requests
Missing Permissions-Policy header
MEDIUMControls browser features and APIs
Sensitive data may be cached
LOWCache-Control header should include "no-store" for sensitive pages
👤GDPR Compliance
Privacy and data protection assessment under GDPR regulations.
GDPR Compliance
Privacy and data protection assessment
No Privacy Policy found
HIGHGDPR requires a clear and accessible privacy policy
No Cookie Policy found
HIGHGDPR requires clear information about cookie usage
No Cookie Consent Banner found
HIGHGDPR requires explicit consent for non-essential cookies
GDPR Compliance Analysis
🛡️NIS2 Compliance
Network & Information Security Directive compliance assessment.
NIS2 Compliance
Network & Information Security Directive
No information security framework found
HIGHNIS2 requires documented cybersecurity and information security measures
No vulnerability disclosure policy
MEDIUMNIS2 encourages coordinated vulnerability disclosure
No security policy documentation found
HIGHNIS2 requires documented cybersecurity governance and risk management
No incident response procedures found
HIGHNIS2 requires documented incident response and business continuity plans
No business continuity planning found
MEDIUMNIS2 emphasizes operational resilience and business continuity
No security contact information
HIGHNIS2 requires clear incident reporting channels
No vulnerability reporting mechanism
MEDIUMClear vulnerability reporting supports coordinated disclosure
No NIS2 reference found
LOWConsider explicitly mentioning NIS2 compliance efforts
Critical sector without clear security compliance
HIGHDetected sectors: transport, banking, digital
📧Email Security
SPF, DKIM, and DMARC validation and email security assessment.
Email Security
SPF, DKIM, and DMARC validation
No DKIM record found
MEDIUMDKIM adds cryptographic signatures to emails
No BIMI Record
LOWBIMI displays brand logos in email clients
No MTA-STS Policy
MEDIUMMTA-STS enforces TLS for email delivery
No TLS-RPT Record
LOWTLS-RPT provides reporting for email TLS issues
SPF Details
🏆SSL/TLS Security
Certificate validity and encryption analysis.
SSL/TLS Security
Certificate validity and encryption analysis
SSL Certificate Expires Within 90 Days
MEDIUMSSL certificate expires in 83 days
HSTS Not Enabled
MEDIUMHTTP Strict Transport Security (HSTS) is not configured
Mixed Content Detected
MEDIUM29 resources loaded over insecure HTTP
Partial SSL/TLS Assessment
LOWCompleted 3 of 4 security checks due to time constraints
Certificate Details
OCSP Status
📊DNS Health
DNS configuration and security assessment.
DNS Health
DNS configuration and security assessment
DNSSEC Not Enabled
MEDIUMDNSSEC is not configured for this domain
CAA Records Not Configured
LOWCertificate Authority Authorization (CAA) records not found
No DMARC Record
MEDIUMDMARC policy not configured
DNS Records
DNSSEC Status
SPF Analysis
⚡Network Security
Port scanning and network exposure analysis.
Network Security
Port scanning and network exposure analysis
Good Network Security Posture
LOWNo unnecessary services detected on common risky ports
🔧Technical Analysis
Detailed technical findings and analysis from AI assessment.
Technical Analysis
Comprehensive security assessment findings