Skip to main content

Is zhanfubrowser.com a Scam? Security Check Results - 深圳市美源企悦科技有限公司 Reviews

zhanfubrowser.com favicon

Is zhanfubrowser.com Safe? Security Analysis for 深圳市美源企悦科技有限公司

https://zhanfubrowser.com

Check if zhanfubrowser.com is a scam or legitimate. Free security scan and reviews.

E-commerceChinamedium
Vue.jsElement UIGoogle Tag ManagerBaidu AnalyticsJavaScript
Analyzed 8/2/2025Completed 9:15:17 AM
58
Security Score
MEDIUM RISK

AI Summary

站斧浏览器由深圳市美源企悦科技有限公司运营,专注于为跨境电商卖家提供安全、高效的店铺管理浏览器及相关云服务。其产品涵盖云设备、云号码和云桌面,支持多平台账号安全管理和团队协作,市场定位明确,拥有数万客户和多家知名杀毒软件认证。技术架构基于Vue.js,集成了Google Tag Manager和百度统计,整体性能适中,移动端优化基础。安全方面,网站启用HTTPS,但缺少部分安全头和DNSSEC,未见公开的安全政策和事件响应机制。整体业务信息透明,联系方式明确,信任指标较多,适合跨境电商用户使用。

Detected Technologies

Vue.jsElement UIGoogle Tag ManagerBaidu AnalyticsJavaScript

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

站斧浏览器在跨境电商安全管理领域具有较强竞争力,提供多账号防关联和安全访问解决方案,满足多平台、多店铺运营需求。其商业模式为SaaS及云服务,收入来源可能包括订阅费和增值服务。目标客户为跨境电商卖家及团队,合作伙伴生态丰富。公司成立于2021年,规模中等,品牌形象一致,客户评价积极,显示出良好的市场接受度和成长潜力。

Extracted Contact Information

Marketing Intelligence Data

Phone Numbers (2)

075*******
185*******

Security Posture Analysis

Comprehensive Security Assessment

网站安全基础良好,使用HTTPS保障数据传输安全,表单输入有基本验证,未发现敏感信息泄露。缺少安全响应政策和漏洞披露渠道,DNSSEC未启用,安全头部配置不足,存在提升空间。无恶意软件或钓鱼迹象,整体安全风险中等。建议加强安全策略公开,完善安全头配置,启用DNSSEC,并建立事件响应流程以提升安全成熟度。

Strategic Recommendations

Priority Actions for Security Improvement

1

启用DNSSEC以增强域名系统安全。

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

深圳市美源企悦科技有限公司

Description:

站斧浏览器专注解决Amazon、Wish、eBay、Shopee、Lazada等跨境电商账号安全管理问题。为电商卖家提供专业的店铺安全提速运营方案,支持定制化提供服务,利用专业技术团队让跨境更安全高效。

Key Services:
多平台店铺管理账号安全防护高效团队协作管理海量生态应用云设备服务云号码服务云桌面服务
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
Vue.jsElement UIGoogle Tag ManagerBaidu AnalyticsJavaScript
Frameworks:
Vue.js
Platforms:
WindowsMacAndroid
Performance:

moderate

Mobile:

basic

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:
70/100
Best Practices:
  • HTTPS enforced
  • No exposed sensitive data in HTML
  • Form input validation for phone and SMS code
  • Use of private browser to avoid tracking

Analytics & Tracking

Services:
Google Analytics (via GTM)Baidu Analytics
Tracking Level:moderate
Privacy Compliance:basic

Advertising & Marketing

Tracking Pixels:
Baidu Analytics
Marketing Tools:
Baidu Analytics
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:high

Key Observations

1

Website is a professional SaaS platform targeting cross-border e-commerce sellers.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

50/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

Sensitive data may be cached

LOW

Cache-Control header should include "no-store" for sensitive pages

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

35/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Third-party services without privacy policy

HIGH

Detected services: Google Analytics

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
phone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100
Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 include:spf.mail.qq.com ~all
DNS Lookups:1/10
Policy:~all

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

57/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 47 days

HSTS Not Enabled

MEDIUM

HTTP Strict Transport Security (HSTS) is not configured

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

60/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age
4 years(established)
Expiry Risk
low(223 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:124.71.99.64
Name Servers:
ns1.huaweicloud-dns.cn
ns1.huaweicloud-dns.com
ns1.huaweicloud-dns.netDNS only
ns1.huaweicloud-dns.orgDNS only
MX Records:
5: mxbiz1.qq.com
10: mxbiz2.qq.com

DNSSEC Status

DNSSEC Not Enabled

SPF Analysis

SPF Record:
v=spf1 include:spf.mail.qq.com ~all

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

网站采用现代前端技术Vue.js和Element UI构建单页应用,集成Google和百度的分析工具。页面结构清晰,内容丰富,加载速度适中。缺少部分SEO和无障碍优化。托管环境未明确,但DNS使用华为云DNS,推测为中国大陆云服务。技术栈现代但存在安全配置不足,建议持续技术更新和安全加固。
Analyze Another Website