Analysis Results

http://tienda505.com

Analyzed on September 13, 2025, 9:15 p.m. Click "Rescan Website" to get the latest data

Analysis Successful
Network Information
IP Address: 13.226.52.46
IP WHOIS Information:
  • ASN: 16509
  • ASN Description: AMAZON-02, US
  • Country: US
  • Description: Amazon Technologies Inc.
  • CIDR: 13.224.0.0/12, 13.200.0.0/13, 13.208.0.0/12
Ping Test Check AbuseIPDB Other Websites on Same IP
Domain Information
  • Registrar: Network Solutions, LLC
  • Created: July 03, 2020
  • Expires: July 03, 2028
  • Last Updated: June 26, 2025
  • Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  • Name Servers:
    • NS-1438.AWSDNS-51.ORG
    • NS-1634.AWSDNS-12.CO.UK
    • NS-324.AWSDNS-40.COM
    • NS-935.AWSDNS-52.NET
DNS Records
Learn about DNS Records
A Records (IPv4 Addresses)
Domain IP Address
tienda505.com 99.84.132.41
tienda505.com 99.84.132.73
tienda505.com 99.84.132.96
tienda505.com 99.84.132.74
MX Records (Mail Servers)
Priority Mail Server
50 aspmx3.googlemail.com.
20 alt1.asmpmx.l.google.com.
40 aspmx2.googlemail.com.
30 alt2.asmpmx.l.google.com.
10 aspmx.l.google.com.
TXT Records
Domain Text Record
tienda505.com "facebook-domain-verification=vogl2tlzwmrp7vflxibqv90uspqsr7"
tienda505.com "v=spf1 include:_spf.google.com ~all"
tienda505.com "google-site-verification=jD50L5APLDukvkvb_3zatbkUIPbPCKS_oEdnarcvQ8A"
tienda505.com "facebook-domain-verification=rmwd6dl3ct85nwv83dgfplj2bz67rr"
WWW Subdomain Records
Subdomain Type Value
www.tienda505.com A 99.84.132.41
www.tienda505.com A 99.84.132.73
www.tienda505.com A 99.84.132.96
www.tienda505.com A 99.84.132.74
Services Detected (3 found)
Google Workspace
Google Workspace

Email hosted on Google Workspace

Learn More
Facebook
Facebook

Facebook services detected

Learn More
Google Search Console
Google Search Console

Google Search Console services detected

Learn More
View DNS History on DNS Archive
Check GeoIP Blocking
Blocklisting Status
Learn about Blocklisting Status
Overall Status: CLEAN No blocklisting detected
Services Checked: 2
VirusTotal: CLEAN
Domain is clean according to 0 scanners
No threats detected by any security scanner
Google Safe Browsing: CLEAN
Domain is not blocklisted by Google Safe Browsing
No threats detected
Hosting Information
Provider: Unknown (Apache) (low confidence)
Detection Method: Server Header Pattern
Matched Headers:
  • server: apache/2.4.54 () openssl/1.0.2k-fips php/7.3.33
Content Management System
CMS Detected: WordPress
Active Theme: diviecommerce
Detected Plugins (5):
advanced-woo-search annasta-woocommerce-product-filters popup-maker wc-rot-shipping-method-before-billing-details__ woocommerce
Themes

1

Plugins

5

WordPress Security Analysis
FAILED
Learn about WordPress Security Analysis
XMLRPC.php Security Test FAILED

XMLRPC.php is accessible and vulnerable

HTTP Status: 200

Recommendation: Protect xmlrpc.php via firewall rules or disable it completely. Consider using security plugins or server-level blocking.
WP-Login.php Security Test PASSED

WP-Login page is not accessible (HTTP 404)

HTTP Status: 404

Recommendation: WP-Login page is properly protected.
User Enumeration Test UNKNOWN

Unable to determine user enumeration status

Test Results:

Endpoint: http://tienda505.com/wp-json/wp/v2/users

Status: ERROR

Message: Unable to test endpoint

Endpoint: http://tienda505.com/?rest_route=/wp/v2/users

Status: PASSED

Message: Endpoint properly protected (HTTP 404)

HTTP Status: 404

Recommendation: Investigate the WordPress REST API configuration and ensure proper security measures are in place.
Failed Security Tests:
  • XMLRPC
Request Assistance
Security Headers Analysis
Need help understanding security headers? View our comprehensive documentation to learn about each header and how to implement them.
Present Security Headers

No security headers detected

Missing Security Headers
Strict-Transport-Security
X-Content-Type-Options
X-Frame-Options
X-XSS-Protection
Referrer-Policy
Content-Security-Policy
Permissions-Policy
Cross-Origin-Embedder-Policy
Cross-Origin-Opener-Policy
Cross-Origin-Resource-Policy
Request Assistance
External JavaScripts Detected
Only scripts from different domains are shown
Domain Script URL Type
connect.facebook.net https://connect.facebook.net/en_US/fbevents.js Inline Reference
www.googletagmanager.com https://www.googletagmanager.com/gtag/js?id=UA-88777005-2 External
HTTP Headers
Learn about HTTP Headers
HTTP Response Code
200 OK - Request successful
HTTP Protocol Version
Excellent! Your website is using HTTP/2

Your website is using a modern HTTP protocol version, which provides better performance and security features.

Security Protection Detected

The site is using AWS Cloudfront CDN & WAF 👍

Information Disclosure: Server Version

Header: server
Value: Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.3.33

Server Type: Apache

The Server header reveals server version information, which can be used by attackers to identify vulnerabilities.
Gzip Compression Enabled 👍

Great! This site is using Gzip compression to improve performance and reduce bandwidth usage.

Header Value
via 1.1 50d46662b214cb2923f288d3ad4f9dec.cloudfront.net (CloudFront)
date Sat, 13 Sep 2025 21:15:14 GMT
etag W/"1c801-63eb12de30bf9"
vary accept-encoding
server Apache/2.4.54 () OpenSSL/1.0.2k-fips PHP/7.3.33
expires Sat, 13 Sep 2025 23:15:14 GMT
x-cache Miss from cloudfront
set-cookie AWSALB=UGBNz7BqA/CrUcBpl9aXG3l/qq42nL3+c+UdqsqrnQDpbe8zXtCKxet0o2dnrXw1YGmFc4I/qrgkPqCQ5TQt/VA9BdJ7H9IS09ujtncS38cfHvItzy6Y7184aCJf; Expires=Sat, 20 Sep 2025 21:15:14 GMT; Path=/, AWSALBCORS=UGBNz7BqA/CrUcBpl9aXG3l/qq42nL3+c+UdqsqrnQDpbe8zXtCKxet0o2dnrXw1YGmFc4I/qrgkPqCQ5TQt/VA9BdJ7H9IS09ujtncS38cfHvItzy6Y7184aCJf; Expires=Sat, 20 Sep 2025 21:15:14 GMT; Path=/; SameSite=None; Secure
x-amz-cf-id -DwIk9NtbNeq3AqExb9EVK0uOlO9_D4hDMy619IrOlMAAjD-kaaHPg==
content-type text/html; charset=UTF-8
http_version HTTP/2
x-amz-cf-pop MIA3-C3
cache-control max-age=7200
last-modified Sat, 13 Sep 2025 16:22:40 GMT
x-nginx-cache WordPress
content-encoding gzip
x-endurance-cache-level 2
Service Disclaimer

Free Service: This website security analyzer is provided as a free service to help website owners and administrators identify potential security issues and improve their website's security posture.

Donations: We welcome and appreciate donations to help us maintain and improve this service. Your support helps us keep this tool free and continuously enhance its capabilities.

Affiliate Links: We may use affiliate links for various security services, hosting providers, and security tools mentioned throughout this analysis. If you choose to purchase any of these services through our links, we may receive a small commission at no additional cost to you. This helps support the development and maintenance of this free service.

Support Our Service

Help us keep this tool free and improve it further

Buy us a Coffee Make a Donation via PayPal
Please wait, running the scan...
This may take a few moments