Analysis Results

https://www.boatsgroup.com/solutions/websites/

Analyzed on November 1, 2025, 2:55 p.m. Click "Rescan Website" to get the latest data

Analysis Successful
Network Information
IP Address: 104.18.3.49
IP WHOIS Information:
  • ASN: 13335
  • ASN Description: CLOUDFLARENET, US
  • Country: US
  • Description: Cloudflare, Inc.
  • CIDR: 104.16.0.0/12
Ping Test Check AbuseIPDB Other Websites on Same IP
Domain Information
  • Registrar: CSC Corporate Domains, Inc.
  • Created: June 29, 2016
  • Expires: June 29, 2026
  • Last Updated: June 25, 2025
  • Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  • Name Servers:
    • NS-1360.AWSDNS-42.ORG
    • NS-1928.AWSDNS-49.CO.UK
    • NS-298.AWSDNS-37.COM
    • NS-823.AWSDNS-38.NET
DNS Records
Learn about DNS Records
A Records (IPv4 Addresses)
Domain IP Address
www.boatsgroup.com 104.18.2.49
www.boatsgroup.com 104.18.3.49
CNAME Records (Aliases)
Domain Alias
www.boatsgroup.com www.boatsgroup.com.cdn.cloudflare.net.
View DNS History on DNS Archive
Check GeoIP Blocking
Blocklisting Status
Learn about Blocklisting Status
Overall Status: CLEAN No blocklisting detected
Services Checked: 2
VirusTotal: CLEAN
Domain is clean according to 0 scanners
No threats detected by any security scanner
Google Safe Browsing: CLEAN
Domain is not blocklisted by Google Safe Browsing
No threats detected
Hosting Information
Provider: Kinsta (high confidence)
Detection Method: HTTP Headers
Matched Headers:
  • x-kinsta-cache: hit
  • ki-cache-type: edge
  • ki-cf-cache-status: hit
  • ki-edge: v=23.0.1;mv=5.0.17
  • ki-edge-o2o: yes
Company Information:

Premium managed WordPress hosting with Google Cloud Platform infrastructure, offering high performance, security, and developer-friendly features.

Website
Portal
Contact:
Social Media:
SSL/TLS Security
Learn about SSL/TLS Security
TLS Version: TLSv1.3
SSL Certificate:
  • Certificate Type: DV (Domain Validated - Basic Security)
  • Subject: www.boatsgroup.com
  • Certificate Authority (CA): WE1
    Google Trust Services
    US
  • Valid From: Oct 30 12:22:34 2025 GMT
  • Valid Until: Jan 28 13:22:30 2026 GMT
  • Serial Number: E480518A62FD188D1122FF22CB3F96FF
SSL Certificate Expiring Soon!
Your SSL certificate expires in 87 days.
Please renew your certificate before Jan 28 13:22:30 2026 GMT to avoid service interruption.
Content Management System
CMS Detected: WordPress
Active Theme: Divi
Detected Plugins (8):
ninja-forms ninja-forms-conditionals ninja-forms-salesforce-crm ninja-forms-uploads popup-maker recent-posts-widget-with-thumbnails wp-and-divi-icons wp-pagenavi
Themes

1

Plugins

8

WordPress Security Analysis
FAILED
Learn about WordPress Security Analysis
XMLRPC.php Security Test PASSED

XMLRPC.php is properly protected (HTTP 403)

HTTP Status: 403

Recommendation: XMLRPC.php is properly secured.
WP-Login.php Security Test PASSED

WP-Login page is not accessible (HTTP 404)

HTTP Status: 404

Recommendation: WP-Login page is properly protected.
User Enumeration Test FAILED

User enumeration is possible via WordPress REST API

Test Results:

Endpoint: https://www.boatsgroup.com/solutions/websites/wp-json/wp/v2/users

Status: PASSED

Message: Endpoint properly protected (HTTP 404)

HTTP Status: 404

Endpoint: https://www.boatsgroup.com/solutions/websites/?rest_route=/wp/v2/users

Status: FAILED

Message: User enumeration possible - 1 users found

HTTP Status: 200

Users Found:
ID Name Slug Link
1 Boats Group boatsgroup https://www.boatsgroup.com/author/boatsgroup/
Recommendation: Require authentication for WordPress REST API or disable user enumeration. Consider using security plugins or server-level restrictions.
Failed Security Tests:
  • User Enumeration
Request Assistance
Security Headers Analysis
Need help understanding security headers? View our comprehensive documentation to learn about each header and how to implement them.
Present Security Headers
X-Content-Type-Options
Missing Security Headers
Strict-Transport-Security
X-Frame-Options
X-XSS-Protection
Referrer-Policy
Content-Security-Policy
Permissions-Policy
Cross-Origin-Embedder-Policy
Cross-Origin-Opener-Policy
Cross-Origin-Resource-Policy
Request Assistance
External JavaScripts Detected
Only scripts from different domains are shown
Domain Script URL Type
consent.trustarc.com https://consent.trustarc.com/notice?domain=boats.com&c=teconsent&js=nj&noticeType=bb&text=true&gtm=1 External
www.google.com https://www.google.com/recaptcha/api.js?hl=en&render=6LdGzQIrAAAAALP7f7iG8k2Zl42V_L65Fbso43x0&ver=3.0 External
www.googletagmanager.com https://www.googletagmanager.com/gtm.js Inline Reference
HTTP Headers
Learn about HTTP Headers
HTTP Response Code
200 OK - Request successful
HTTP Protocol Version
Excellent! Your website is using HTTP/2

Your website is using a modern HTTP protocol version, which provides better performance and security features.

Security Protection Detected

The site is using Cloudflare CDN & WAF 👍

Gzip Compression Enabled 👍

Great! This site is using Gzip compression to improve performance and reduce bandwidth usage.

Header Value
nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
date Sat, 01 Nov 2025 14:55:13 GMT
link <https://www.boatsgroup.com/wp-json/>; rel="https://api.w.org/", <https://www.boatsgroup.com/wp-json/wp/v2/pages/58236>; rel="alternate"; title="JSON"; type="application/json", <https://www.boatsgroup.com/?p=58236>; rel=shortlink
vary Accept-Encoding
cf-ray 997c3b5bdc1424cb-ATL
server cloudflare
ki-edge v=23.0.1;mv=5.0.17
ki-origin g1p
report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyDJVRyFRffDKEVZKf3IUxCpKhUWQ5S%2BaB8R%2BW9oYpe4i1oHWt7lbgNxOXiUeG3Ne0V4PCv80bLk7x2e0ZiUtQ4myMh1uIGBWW21PMr%2Fnf6DsAPV071PRqn62q9JbrAfLUBSJg%3D%3D"}],"group":"cf-nel","max_age":604800}
set-cookie __cf_bm=__5FxQ8gyIMcdiBtrf1JdGwL.dDDMgaqtCZwLr8piWI-1762008913.2595341-1.0.1.1-4B9tsmqIkOIWx6RFEQyi..85iYpsrh3n4mEyl2GHxNAekmyEFjg2.mNAkBnf7bZPyxhwveRMC0Bgafg_s1viPMfbagSTwAUljuh8JWUONMtLblJHntu7NcHyl5MeQl8p; HttpOnly; Secure; Path=/; Domain=boatsgroup.com; Expires=Sat, 01 Nov 2025 15:25:13 GMT
ki-edge-o2o yes
content-type text/html; charset=UTF-8
http_version HTTP/2
ki-cache-tag 610dcbaa-e41e-4a59-a48e-9833b907abd5,9027f10384f01bafb311749ab831c610659378c4b01e816e035795f33d119661
cache-control public, max-age=0, s-maxage=3600
ki-cache-type Edge
last-modified Sat, 01 Nov 2025 13:40:28 GMT
x-kinsta-cache HIT
cf-cache-status DYNAMIC
content-encoding gzip
ki-cf-cache-status HIT
x-edge-location-klb 1
x-content-type-options nosniff
Service Disclaimer

Free Service: This website security analyzer is provided as a free service to help website owners and administrators identify potential security issues and improve their website's security posture.

Donations: We welcome and appreciate donations to help us maintain and improve this service. Your support helps us keep this tool free and continuously enhance its capabilities.

Affiliate Links: We may use affiliate links for various security services, hosting providers, and security tools mentioned throughout this analysis. If you choose to purchase any of these services through our links, we may receive a small commission at no additional cost to you. This helps support the development and maintenance of this free service.

Support Our Service

Help us keep this tool free and improve it further

Buy us a Coffee Make a Donation via PayPal
Please wait, running the scan...
This may take a few moments