Analysis Results

Export PDF Report Rescan Website Analyze Another Website

http://chicabrava.com

Analyzed on October 30, 2025, 6:27 a.m. Click "Rescan Website" to get the latest data

Analysis Successful

MALWARE DETECTED!

Severity Level: HIGH

Found 1 suspicious pattern(s)

View Detailed Analysis Request Assistance

Network Information

IP Address: 151.101.66.159

IP WHOIS Information:

ASN: 54113
ASN Description: FASTLY, US
Country: US
Description: Fastly, Inc.
CIDR: 151.101.0.0/16

Ping Test Check AbuseIPDB Other Websites on Same IP

Domain Information

Registrar: TUCOWS DOMAINS, INC.
Created: June 07, 2006
Expires: June 07, 2026
Last Updated: June 06, 2025
Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Servers:
- NS1.HOVER.COM
- NS2.HOVER.COM

DNS Records

Learn about DNS Records

A Records (IPv4 Addresses)

Domain	IP Address
`chicabrava.com`	151.101.66.159

MX Records (Mail Servers)

Priority	Mail Server
10	`mx.hover.com.cust.hostedemail.com.`

TXT Records

Domain	Text Record
`chicabrava.com`	`"v=spf1 include:_spf.hostedemail.com include:hover.com ~all"`
`chicabrava.com`	`"google-site-verification=hLKQpo25uOIAK7EwFtNyryVKvmlWGU-fALj5oPX2BxI"`

WWW Subdomain Records

Subdomain	Type	Value
`www.chicabrava.com`	A	`151.101.66.159`

Services Detected (1 found)

Google Search Console

Google Search Console services detected

Learn More

View DNS History on DNS Archive

Check GeoIP Blocking

Blocklisting Status

Learn about Blocklisting Status

Overall Status: CLEAN No blocklisting detected

Services Checked: 2

VirusTotal: CLEAN

Domain is clean according to 0 scanners
No threats detected by any security scanner

Google Safe Browsing: CLEAN

Domain is not blocklisted by Google Safe Browsing
No threats detected

Hosting Information

Provider: Unknown (none confidence)

Detection Method: No match found

Content Management System

CMS Detected: WordPress

Active Theme: 100speed

Detected Plugins (5):

gravityforms instagram-feed megamenu theme-my-login wp-tripadvisor-review-slider

Themes

Plugins

WordPress Security Analysis

FAILED

Learn about WordPress Security Analysis

XMLRPC.php Security Test UNKNOWN

XMLRPC.php returned unexpected status code: 422

HTTP Status: 422

Recommendation: Investigate the response and ensure XMLRPC.php is properly secured.

WP-Login.php Security Test FAILED

WP-Login page is accessible without CAPTCHA protection

HTTP Status: 200

Recommendation: Implement CAPTCHA protection on wp-login.php and consider using a firewall to block brute force attacks.

User Enumeration Test FAILED

User enumeration is possible via WordPress REST API

Test Results:

Endpoint: http://chicabrava.com/wp-json/wp/v2/users

Status: FAILED

Message: User enumeration possible - 6 users found

HTTP Status: 200

Endpoint: http://chicabrava.com/?rest_route=/wp/v2/users

Status: FAILED

Message: User enumeration possible - 6 users found

HTTP Status: 200

Users Found:

ID	Name	Slug	Link
2	abhinavt	`abhinavt`	https://chicabrava.com/author/abhinavt/
1	admin	`admin`	https://chicabrava.com/author/admin/
8	agblaylo	`agblaylo`	https://chicabrava.com/author/agblaylo/
7	Ashley	`ashley`	https://chicabrava.com/author/ashley/
11	FirestarterSEO	`firestarterseo`	https://chicabrava.com/author/firestarterseo/
10	Rodrigo Sanchez	`rodrigo`	https://chicabrava.com/author/rodrigo/

Recommendation: Require authentication for WordPress REST API or disable user enumeration. Consider using security plugins or server-level restrictions.

Failed Security Tests:

WP-Login
User Enumeration

Request Assistance

Security Headers Analysis

Need help understanding security headers? View our comprehensive documentation to learn about each header and how to implement them.

Present Security Headers

Referrer-Policy

X-XSS-Protection

X-Content-Type-Options

Missing Security Headers

Strict-Transport-Security

X-Frame-Options

Content-Security-Policy

Permissions-Policy

Cross-Origin-Embedder-Policy

Cross-Origin-Opener-Policy

Cross-Origin-Resource-Policy

Request Assistance

External JavaScripts Detected

Only scripts from different domains are shown

Domain	Script URL	Type
cdn.callrail.com	`https://cdn.callrail.com/companies/243468330/wp-0-5-3/swap.js?ver=6.8.3`	External
www.googletagmanager.com	`https://www.googletagmanager.com/gtm.js`	Inline Reference

Malware Analysis Details

Suspicious Patterns Detected

Hidden iframe injection

Hidden iframe that could be used for clickjacking or malicious redirects

Severity: HIGH

Matches Found: 1 (1 ignored)

Sample Matches:

<iframe style='display:none;width:0px;height:0px;' src='about:blank' name='gform_ajax_frame_5' id='gform_ajax_frame_5' title='This iframe contains the logic required to handle Ajax powered Gravity Forms.'>

Recommendations

Review and clean suspicious HTML patterns
Consider using a Web Application Firewall (WAF)
Immediate action required - website may be compromised
Consider taking the website offline until cleaned

Request Assistance

HTTP Headers

Learn about HTTP Headers

HTTP Response Code

200 OK - Request successful

HTTP Protocol Version

Excellent! Your website is using HTTP/2

Your website is using a modern HTTP protocol version, which provides better performance and security features.

Gzip Compression Enabled 👍

Great! This site is using Gzip compression to improve performance and reduce bandwidth usage.

Header	Value
`date`	`Thu, 30 Oct 2025 06:27:43 GMT`
`link`	`<https://chicabrava.com/wp-json/>; rel="https://api.w.org/", <https://chicabrava.com/wp-json/wp/v2/pages/18603>; rel="alternate"; title="JSON"; type="application/json", <https://chicabrava.com/>; rel=shortlink`
`vary`	`Accept-Encoding`
`server`	`Flywheel/5.1.0`
`x-cache`	`MISS, HIT`
`x-timer`	`S1761805663.119349,VS0,VE2`
`x-fw-hash`	`a9pnsict5f`
`x-fw-type`	`FLYWHEEL_BOT`
`x-fw-serve`	`TRUE`
`x-cacheable`	`YES`
`x-fw-server`	`Flywheel/5.1.0`
`x-fw-static`	`NO`
`x-served-by`	`cache-iad-kiad7000057-IAD, cache-iad-kiad7000091-IAD`
`content-type`	`text/html; charset=UTF-8`
`http_version`	`HTTP/2`
`x-cache-hits`	`0, 0`
`x-fw-dynamic`	`TRUE`
`x-fw-version`	`5.0.0`
`accept-ranges`	`bytes`
`content-length`	`34063`
`fastly-restarts`	`1`
`referrer-policy`	`no-referrer-when-downgrade`
`content-encoding`	`gzip`
`x-xss-protection`	`1`
`x-content-type-options`	`nosniff`

Service Disclaimer

Free Service: This website security analyzer is provided as a free service to help website owners and administrators identify potential security issues and improve their website's security posture.

Donations: We welcome and appreciate donations to help us maintain and improve this service. Your support helps us keep this tool free and continuously enhance its capabilities.

Affiliate Links: We may use affiliate links for various security services, hosting providers, and security tools mentioned throughout this analysis. If you choose to purchase any of these services through our links, we may receive a small commission at no additional cost to you. This helps support the development and maintenance of this free service.

Support Our Service

Help us keep this tool free and improve it further

Buy us a Coffee Make a Donation via PayPal