Analysis Results

Export PDF Report Rescan Website Analyze Another Website

https://starter.adwise.cfolks.pl/

Analyzed on September 24, 2025, 9:29 a.m. Click "Rescan Website" to get the latest data

Analysis Successful

Network Information

IP Address: 185.204.219.201

IP WHOIS Information:

ASN: 41079
ASN Description: CF-GDA, PL
Country: PL
Description: CF-Shared-Hosting GD
CIDR: 185.204.218.0/23

Ping Test Check AbuseIPDB Other Websites on Same IP

Domain Information

Registrar: cyber_Folks S.A.
Created: February 26, 2020
Expires: February 26, 2031
Last Updated: June 12, 2025
Name Servers:
- ns1.cyberfolks.pl
- ns2.cyberfolks.pl
- ns3.cyberfolks.pl

DNS Records

Learn about DNS Records

A Records (IPv4 Addresses)

Domain	IP Address
`starter.adwise.cfolks.pl`	185.204.219.201

WWW Subdomain Records

Subdomain	Type	Value
`www.starter.adwise.cfolks.pl`	A	`185.204.219.201`

View DNS History on DNS Archive

Check GeoIP Blocking

Blocklisting Status

Learn about Blocklisting Status

Overall Status: CLEAN No blocklisting detected

Services Checked: 2

VirusTotal: CLEAN

Domain is clean according to 0 scanners
No threats detected by any security scanner

Google Safe Browsing: CLEAN

Domain is not blocklisted by Google Safe Browsing
No threats detected

Hosting Information

Provider: Unknown (none confidence)

Detection Method: No match found

SSL/TLS Security

Learn about SSL/TLS Security

TLS Version: TLSv1.3

SSL Certificate:

Certificate Type: DV (Domain Validated - Basic Security)
Subject: adwise.cfolks.pl
Certificate Authority (CA): R13
Let's Encrypt
US
Valid From: Sep 11 06:00:58 2025 GMT
Valid Until: Dec 10 06:00:57 2025 GMT
Serial Number: 0572C35190A5067F5FDA9959BE4E51B1CA63

SSL Certificate Expiring Soon!
Your SSL certificate expires in 73 days.
Please renew your certificate before Dec 10 06:00:57 2025 GMT to avoid service interruption.

Content Management System

CMS Detected: WordPress

Active Theme: hello-elementor

Detected Plugins (1):

jet-engine

Themes

Plugins

WordPress Security Analysis

FAILED

Learn about WordPress Security Analysis

XMLRPC.php Security Test PASSED

XMLRPC.php is properly protected (HTTP 403)

HTTP Status: 403

Recommendation: XMLRPC.php is properly secured.

WP-Login.php Security Test FAILED

WP-Login page is accessible without CAPTCHA protection

HTTP Status: 200

Recommendation: Implement CAPTCHA protection on wp-login.php and consider using a firewall to block brute force attacks.

User Enumeration Test UNKNOWN

Unable to determine user enumeration status

Test Results:

Endpoint: https://starter.adwise.cfolks.pl/wp-json/wp/v2/users

Status: UNKNOWN

Message: Unexpected status code: 406

HTTP Status: 406

Endpoint: https://starter.adwise.cfolks.pl/?rest_route=/wp/v2/users

Status: PASSED

Message: Endpoint properly protected (HTTP 404)

HTTP Status: 404

Recommendation: Investigate the WordPress REST API configuration and ensure proper security measures are in place.

Failed Security Tests:

WP-Login

Request Assistance

Security Headers Analysis

Need help understanding security headers? View our comprehensive documentation to learn about each header and how to implement them.

Present Security Headers

Referrer-Policy

X-Frame-Options

X-XSS-Protection

Permissions-Policy

X-Content-Type-Options

Content-Security-Policy

Strict-Transport-Security

Cross-Origin-Opener-Policy

Cross-Origin-Embedder-Policy

Cross-Origin-Resource-Policy

Missing Security Headers

All recommended security headers are present!

HTTP Headers

Learn about HTTP Headers

HTTP Response Code

200 OK - Request successful

HTTP Protocol Version

Excellent! Your website is using HTTP/2

Your website is using a modern HTTP protocol version, which provides better performance and security features.

Gzip Compression Enabled 👍

Great! This site is using Gzip compression to improve performance and reduce bandwidth usage.

Header	Value
`date`	`Wed, 24 Sep 2025 09:29:48 GMT`
`link`	`<https://starter.adwise.cfolks.pl/index.php/wp-json/>; rel="https://api.w.org/"`
`vary`	`Accept-Encoding,User-Agent`
`server`	`SecureHost`
`alt-svc`	`h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"`
`retry-after`	`3`
`content-type`	`text/html; charset=UTF-8`
`http_version`	`HTTP/2`
`referrer-policy`	`strict-origin-when-cross-origin`
`x-frame-options`	`SAMEORIGIN`
`content-encoding`	`gzip`
`x-xss-protection`	`1; mode=block`
`permissions-policy`	`geolocation=(), camera=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), fullscreen=(), payment=()`
`x-content-type-options`	`nosniff`
`content-security-policy`	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com https://static.hotjar.com https://script.hotjar.com https://www.clarity.ms https://bat.bing.com https://js.hs-scripts.com https://js.hsforms.net https://js.hscollectedforms.net https://connect.facebook.net; worker-src 'self' blob:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net; font-src 'self' data: https://fonts.gstatic.com https://use.typekit.net https://p.typekit.net; img-src * data: blob: https://secure.gravatar.com; connect-src 'self' https://region1.google-analytics.com https://www.google-analytics.com https://stats.g.doubleclick.net https://vc.hotjar.io https://ws.hotjar.com https://api.hotjar.io https://script.hotjar.com https://www.clarity.ms https://bat.bing.com https://api.hsforms.net https://api.hubapi.com https://forms.hubspot.com https://track.hubspot.com https://www.facebook.com https://connect.facebook.net; frame-src 'self' https://www.youtube.com https://player.vimeo.com https://www.google.com https://www.googletagmanager.com https://forms.hubspot.com https://www.facebook.com; object-src 'none'; base-uri 'self'; form-action 'self' https://forms.hubspot.com https://www.facebook.com; frame-ancestors 'self'; upgrade-insecure-requests;
`strict-transport-security`	`max-age=31536000; includeSubDomains; preload`
`cross-origin-opener-policy`	`same-origin`
`cross-origin-embedder-policy`	`unsafe-none`
`cross-origin-resource-policy`	`cross-origin`

Service Disclaimer

Free Service: This website security analyzer is provided as a free service to help website owners and administrators identify potential security issues and improve their website's security posture.

Donations: We welcome and appreciate donations to help us maintain and improve this service. Your support helps us keep this tool free and continuously enhance its capabilities.

Affiliate Links: We may use affiliate links for various security services, hosting providers, and security tools mentioned throughout this analysis. If you choose to purchase any of these services through our links, we may receive a small commission at no additional cost to you. This helps support the development and maintenance of this free service.

Support Our Service

Help us keep this tool free and improve it further

Buy us a Coffee Make a Donation via PayPal