What is the security status of xiaohongshu.com?

xiaohongshu.com has a security score of 59/100, rated as Moderate Risk. The website may have security concerns that should be addressed.

Is xiaohongshu.com safe to use?

Our security scan shows xiaohongshu.com is Moderate Risk. SSL security issues detected. Always practice safe browsing habits.

Does xiaohongshu.com have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 59/100, the website is rated as Moderate Risk. However, websites can change over time, so always use updated security software.

What is xiaohongshu.com's trust score?

xiaohongshu.com has a security score of 59/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is xiaohongshu.com Safe? Security Analysis for 小红书

https://xiaohongshu.com

Check if xiaohongshu.com is a scam or legitimate. Free security scan and reviews.

MediaChinalarge

JavaScriptHTML5CSS3

Analyzed 9/4/2025Completed 10:14:27 PM

Security Score

MEDIUM RISK

AI Summary

小红书 is a large and popular lifestyle and social media community platform primarily targeting users in China. It offers a space for users to share experiences and interests, positioning itself as a key player in the Chinese social media and lifestyle market. The website is professionally designed with excellent content quality and strong branding consistency. Technically, it employs modern web technologies including JavaScript and Vue.js, served via robust CDN infrastructure likely hosted on major Chinese cloud providers. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers could be improved. Privacy compliance is limited in the visible content, with no clear privacy or cookie policies detected. Overall, the site is trustworthy and well-maintained, but could enhance transparency around privacy and data protection.

Detected Technologies

JavaScriptHTML5CSS3

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

小红书 operates in the media sector as a social lifestyle platform with a large user base. Its business model revolves around user-generated content and community engagement. The platform targets a broad general audience interested in lifestyle topics. The company demonstrates strong market positioning in China with a large scale operation. The website's technical infrastructure supports high performance and mobile optimization, indicating a mature digital presence. No direct partner or subsidiary domains were identified in the provided data. The lack of public WHOIS data is consistent with privacy protection practices common in the region.

Security Posture Analysis

Comprehensive Security Assessment

The website exhibits a good security posture with HTTPS enabled and no exposed sensitive data in the HTML. While explicit security headers were not identified in the provided data, the use of modern frameworks and CDN suggests a secure delivery environment. No vulnerabilities or malware indicators were found. The absence of a public security policy or incident response contact limits transparency. The domain WHOIS is privacy protected, which is typical for large commercial sites but reduces visibility into registrant details. Overall, the security maturity is good but could benefit from enhanced policy disclosures and security header implementation.

Strategic Recommendations

Priority Actions for Security Improvement

Implement and publicly link comprehensive privacy and cookie policies to improve compliance and user trust.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

小红书

Description:

3 亿人的生活经验，都在小红书

Key Services:

User-generated content sharingLifestyle communitySocial networking

Content Quality:

excellent

Branding:

consistent

Technical Stack

Technologies:

JavaScriptHTML5CSS3

Frameworks:

Formula (internal framework)

Platforms:

Web

Performance:

fast

Mobile:

excellent

Accessibility:

good

SEO:

good

Security Assessment

Security Score:

85/100

Best Practices:

HTTPS enforced
No exposed sensitive data in HTML
Use of CSP and other headers not explicitly confirmed

Analytics & Tracking

Tracking Level:moderate

Privacy Compliance:basic

Advertising & Marketing

Transparency Level:basic

Website Quality Assessment

Design Quality:excellent

User Experience:excellent

Content Relevance:excellent

Navigation Clarity:excellent

Professionalism:excellent

Trustworthiness:high

Key Observations

Website is fully accessible with rich content

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

15/100

Score

Critical sector without clear security compliance

HIGH

Detected sectors: transport, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

LOW

TLS-RPT provides reporting for email TLS issues

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

SPF Details

Record:

v=spf1 include:spf.protection.partner.outlook.cn include:spf.protection.outlook.com ip4:139.217.239.155 ip4:40.72.104.225 ip4:40.73.101.7 ip4:42.159.185.160 ip4:40.73.72.23 ip4:139.224.113.34 ip4:106.15.199.98 ip4:47.100.175.65 ip4:106.14.162.178 -all

DNS Lookups:2/10

Policy:-all

DMARC Details

Policy:none

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

100/100

Score

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:*.xiaohongshu.com

Issuer:DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1

Valid Until:2/23/2026 (172 days)

SANs:*.xiaohongshu.com, xiaohongshu.com

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

Domain Age

13 years(mature)

Expiry Risk

none(3001 days)

Protection Level

noneDNSSEC OFF

Suspicious Indicators Detected

•No domain protection locks enabled

DNS Records

A Records:43.159.24.58

Name Servers:

ns3.dnsv5.com

ns4.dnsv5.com

MX Records:

5: xiaohongshu-com.mail.protection.partner.outlook.cn

SOA:Serial: 1756969070, TTL: 180s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:61ms

SPF Analysis

SPF Record:

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100

Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a modern JavaScript framework (likely Vue.js) and an internal framework named Formula. It leverages multiple CDN domains for static assets and video content, indicating a distributed and scalable hosting environment. The site is mobile-optimized with responsive design and good accessibility features. Performance appears fast with deferred script loading and efficient resource management. No CMS was detected, suggesting a custom-built platform. Technical risks are minimal, but the absence of some security headers and privacy disclosures represent areas for improvement.

Analyze Another Website

Is xiaohongshu.com a Scam? Security Check Results - 小红书 Reviews

Is xiaohongshu.com Safe? Security Analysis for 小红书

AI Summary

Detected Technologies

🧠AI Business Intelligence

Business Intelligence

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Missing Strict-Transport-Security header

Missing X-Frame-Options header

Missing X-Content-Type-Options header

Missing Content-Security-Policy header

Missing X-XSS-Protection header

Missing Referrer-Policy header

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

Critical sector without clear security compliance

📧Email Security

Email Security

DMARC not enforcing

No DMARC reporting

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

SPF Details

DMARC Details

🏆SSL/TLS Security

SSL/TLS Security

Partial SSL/TLS Assessment

Certificate Details

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

Domain Transfer Lock Not Enabled

Domain Delete Lock Not Enabled

DMARC Policy Set to None

Domain Registration Details

DNS Records

DNSSEC Status

DNS Performance

SPF Analysis

⚡Network Security

Network Security

Good Network Security Posture

🔧Technical Analysis

Technical Analysis

Additional Findings