Skip to main content

Is usahuarenjie.com a Scam? Security Check Results - 华人街生活网 Reviews

usahuarenjie.com favicon

Is usahuarenjie.com Safe? Security Analysis for 华人街生活网

https://usahuarenjie.com

Check if usahuarenjie.com is a scam or legitimate. Free security scan and reviews.

Real EstateUnited Statesmedium
jQuery 1.11Google FontsGoogle AdsenseQRCode.js
Analyzed 9/4/2025Completed 10:23:47 PM
56
Security Score
MEDIUM RISK

AI Summary

华人街生活网 is a Chinese-language classified information platform targeting the Chinese community in the United States. It offers a wide range of services including job listings, housing rentals and sales, second-hand goods trading, store buying and selling, pet services, carpooling, and community news. The website positions itself as a leading platform for Chinese immigrants and residents in the US to find and post local classified ads. Technically, the site uses a custom CMS with common web technologies such as jQuery, Google Fonts, and Google Adsense for monetization. It is mobile-optimized and includes a QR code for easy mobile access. Security-wise, the site uses HTTPS and has a cookie consent mechanism, but lacks explicit security headers and publicly available security policies. The WHOIS data for the domain is missing or unavailable, which raises some concerns about domain registration legitimacy. Overall, the site is functional, content-rich, and serves a niche community effectively, but could improve its security posture and transparency.

Detected Technologies

jQuery 1.11Google FontsGoogle AdsenseQRCode.js

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

The website operates in the real estate and retail sectors, focusing on classified ads for the Chinese-speaking population in the US. Its business model is based on free posting of classified ads with monetization through Google Adsense advertising. The platform has a moderate size and consistent branding, with active content updates and community engagement. It maintains partnerships with other Chinese community websites. The lack of detailed company registration information and missing WHOIS data are notable gaps. The site targets a niche market segment, providing localized services and information, which supports its market position as a leading Chinese classifieds platform in the US.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

u*****@gmail.com

Phone Numbers (1)

212*******

Security Posture Analysis

Comprehensive Security Assessment

华人街生活网 demonstrates a basic to moderate security posture. HTTPS is enforced, and a cookie consent mechanism is implemented, indicating awareness of privacy compliance. However, the absence of security headers such as Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options reduces the overall security robustness. No explicit security or incident response policies are publicly available, and no security.txt file or vulnerability disclosure program is found. The use of older JavaScript libraries like jQuery 1.11 may pose potential vulnerabilities if not regularly updated. The missing WHOIS data for the domain also introduces uncertainty regarding domain legitimacy. Overall, the site is functional but would benefit from enhanced security controls and transparency.

Strategic Recommendations

Priority Actions for Security Improvement

1

Implement and enforce security headers including Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options to mitigate common web vulnerabilities.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

华人街生活网

Description:

美国华人街生活网,美国华人领先的分类信息网。您可以免费查找或发布美国各种招聘信息、二手物品、二手车买卖、店铺买卖、房屋租售、宠物、交友活动及生活服务等分类信息。

Key Services:
Job recruitment and job seekingHousing rental and salesSecond-hand goods tradingStore buying and sellingPet servicesCarpooling and ride sharingCommunity news and announcements
Content Quality:

good

Branding:

consistent

Technical Stack

Technologies:
jQuery 1.11Google FontsGoogle AdsenseQRCode.js
Platforms:
Web (PC and mobile)
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:
70/100
Best Practices:
  • HTTPS enforced
  • Cookie consent mechanism implemented

Analytics & Tracking

Services:
Google Analytics
Tracking Level:moderate
Privacy Compliance:good

Advertising & Marketing

Ad Networks:
Google Adsense
Tracking Pixels:
Google Analytics (gtag.js)
Transparency Level:good

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website is a Chinese-language classified ads platform targeting the US Chinese community.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

55/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Weak Referrer-Policy configuration

LOW

Current value: "same-origin"

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

35/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Third-party services without privacy policy

HIGH

Detected services: Google Analytics, Facebook, LinkedIn, Cloudflare, Google APIs

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

17/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

40/100
Score

No SPF record found

HIGH

SPF helps prevent email spoofing

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

No email authentication configured

CRITICAL

Domain is vulnerable to email spoofing

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

65/100
Score

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 54 days

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Mixed Content Detected

MEDIUM

1 resources loaded over insecure HTTP

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:usahuarenjie.com
Issuer:WE1
Valid Until:10/28/2025 (54 days)
SANs:usahuarenjie.com, *.usahuarenjie.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

60/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

No DMARC Record

MEDIUM

DMARC policy not configured

Domain Registration Details

Domain Age
3 years(established)
Expiry Risk
low(193 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:104.21.80.1, 104.21.32.1, 104.21.64.1, 104.21.112.1, 104.21.48.1, 104.21.96.1, 104.21.16.1
AAAA Records:2606:4700:3030::6815:2001, 2606:4700:3030::6815:3001, 2606:4700:3030::6815:4001, 2606:4700:3030::6815:5001, 2606:4700:3030::6815:6001, 2606:4700:3030::6815:7001, 2606:4700:3030::6815:1001
Name Servers:
brianna.ns.cloudflare.com
terry.ns.cloudflare.com
SOA:Serial: 2379403314, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:42ms

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a custom content management system with jQuery 1.11, Google Fonts, Google Adsense, and QRCode.js. It supports both PC and mobile devices with good mobile optimization. Performance is moderate with no major issues detected. SEO is basic with meta keywords and description present but no advanced structured data like JSON-LD or Open Graph tags detected. Accessibility features are minimal but basic navigation and structure are clear. Hosting provider details are not identified. The site uses Google Tag Manager and Google Analytics for tracking and marketing purposes. Overall, the technical infrastructure is functional but could be modernized and enhanced for better performance, security, and SEO.
Analyze Another Website