Analysis Results

Export PDF Report Rescan Website Analyze Another Website

https://glenbrook.com/

Analyzed on January 8, 2026, 5:00 p.m. Click "Rescan Website" to get the latest data

Analysis Successful

MALWARE DETECTED!

Severity Level: LOW

Found 1 suspicious pattern(s)

View Detailed Analysis Request Assistance

Network Information

IP Address: 141.193.213.11

IP WHOIS Information:

ASN: 209242
ASN Description: CLOUDFLARESPECTRUM Cloudflare, Inc., US
Country: US
Description: WPEngine, Inc.
CIDR: 141.193.213.0/24

Ping Test Check AbuseIPDB Other Websites on Same IP

Domain Information

Registrar: GoDaddy.com, LLC
Created: March 13, 1991
Expires: March 14, 2026
Last Updated: February 16, 2025
Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited clientRenewProhibited https://icann.org/epp#clientRenewProhibited clientTransferProhibited https://icann.org/epp#clientTransferProhibited clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Name Servers:
- NS47.DOMAINCONTROL.COM
- NS48.DOMAINCONTROL.COM

DNS Records

Learn about DNS Records

A Records (IPv4 Addresses)

Domain	IP Address
`glenbrook.com`	141.193.213.11
`glenbrook.com`	141.193.213.10

MX Records (Mail Servers)

Priority	Mail Server
10	`aspmx.l.google.com.`
20	`alt1.aspmx.l.google.com.`
30	`alt2.aspmx.l.google.com.`
50	`aspmx3.googlemail.com.`
40	`aspmx2.googlemail.com.`

TXT Records

Domain	Text Record
`glenbrook.com`	`"openai-domain-verification=dv-SOeRKuxvA9M5jDwtA71PaZWW"`
`glenbrook.com`	`"google-site-verification=ueWJDByKlSjEDX47SM1FHlLiHrJoCEkh_h1zdHtdOEA"`
`glenbrook.com`	`"google-site-verification=ldHI96kqtreg_BQz2crj3SfUyazQyUiw7NMnvvVqBR4"`
`glenbrook.com`	`"v=spf1 include:aspmx.googlemail.com include:servers.mcsv.net ~all"`
`glenbrook.com`	`"MS=EBA95755D05E2F0EE802421C8792D5CD74CEAA6D"`

WWW Subdomain Records

Subdomain	Type	Value
`www.glenbrook.com`	A	`141.193.213.11`
`www.glenbrook.com`	A	`141.193.213.10`

Services Detected (4 found)

Google Workspace

Email hosted on Google Workspace

Learn More

Mailchimp

Mailchimp services detected

Learn More

OpenAI

OpenAI services detected

Learn More

Google Search Console

Google Search Console services detected

Learn More

View DNS History on DNS Archive

Check GeoIP Blocking

Blocklisting Status

Learn about Blocklisting Status

Overall Status: CLEAN No blocklisting detected

Services Checked: 2

VirusTotal: CLEAN

Domain is clean according to 0 scanners
No threats detected by any security scanner

Google Safe Browsing: CLEAN

Domain is not blocklisted by Google Safe Browsing
No threats detected

Hosting Information

Provider: Cloudflare (high confidence)

Detection Method: HTTP Headers

Matched Headers:

server: cloudflare
cf-ray: 9bad40957c184e39-atl

Company Information:

Global CDN and security provider offering DDoS protection, SSL certificates, and performance optimization services.

Website

Portal

Contact:

Social Media:

SSL/TLS Security

Learn about SSL/TLS Security

TLS Version: TLSv1.3

SSL Certificate:

Certificate Type: DV (Domain Validated - Basic Security)
Subject: glenbrook.com
Certificate Authority (CA): E8
Let's Encrypt
US
Valid From: Jan 3 02:55:49 2026 GMT
Valid Until: Apr 3 02:55:48 2026 GMT
Serial Number: 06730E819A4301087ADE4334C51695CA775B

SSL Certificate Expiring Soon!
Your SSL certificate expires in 84 days.
Please renew your certificate before Apr 3 02:55:48 2026 GMT to avoid service interruption.

Content Management System

CMS Detected: WordPress

Active Theme: Divi

Detected Plugins (16):

Divi-Blog-Extras advanced-coupons-for-woocommerce advanced-coupons-for-woocommerce-free dg-divi-carousel divi-social-sharing-buttons mailchimp-for-woocommerce passwordless-login popups-for-divi woocommerce woocommerce-anti-fraud woocommerce-box-office woocommerce-google-analytics-integration woocommerce-memberships woocommerce-payments woocommerce-product-bundles woocommerce-waitlist

Themes

Plugins

WordPress Security Analysis

FAILED

Learn about WordPress Security Analysis

XMLRPC.php Security Test FAILED

XMLRPC.php is accessible and vulnerable

HTTP Status: 200

Recommendation: Protect xmlrpc.php via firewall rules or disable it completely. Consider using security plugins or server-level blocking.

WP-Login.php Security Test PASSED

WP-Login page has CAPTCHA protection: simple_captcha, custom_captcha

HTTP Status: 200

CAPTCHA Types Found: Simple_Captcha Custom_Captcha

Recommendation: WP-Login page is properly protected with CAPTCHA.

User Enumeration Test FAILED

User enumeration is possible via WordPress REST API

Test Results:

Endpoint: https://glenbrook.com/wp-json/wp/v2/users

Status: FAILED

Message: User enumeration possible - 10 users found

HTTP Status: 200

Endpoint: https://glenbrook.com/?rest_route=/wp/v2/users

Status: FAILED

Message: User enumeration possible - 10 users found

HTTP Status: 200

Users Found:

ID	Name	Slug	Link
15	annb	`annb`	https://glenbrook.com/author/annb/
7	Beth Horowitz Steel	`beth`	https://glenbrook.com/author/beth/
1070	Blake Nygren	`blake`	https://glenbrook.com/author/blake/
16	Bryan Derman	`bryan`	https://glenbrook.com/author/bryan/
5	Carol Coye Benson	`carol`	https://glenbrook.com/author/carol/
10	Chris Uriarte	`chris`	https://glenbrook.com/author/chris/
11	Cici Northup	`cici`	https://glenbrook.com/author/cici/
109	Debbie Bartoo	`gpdsbartoo`	https://glenbrook.com/author/gpdsbartoo/
20	dennis	`dennis`	https://glenbrook.com/author/dennis/
32	Drew Edmond	`drew`	https://glenbrook.com/author/drew/

Recommendation: Require authentication for WordPress REST API or disable user enumeration. Consider using security plugins or server-level restrictions.

Failed Security Tests:

XMLRPC
User Enumeration

Request Assistance

Security Headers Analysis

Need help understanding security headers? View our comprehensive documentation to learn about each header and how to implement them.

Present Security Headers

Referrer-Policy

X-Frame-Options

Permissions-Policy

X-Content-Type-Options

Cross-Origin-Opener-Policy

Cross-Origin-Embedder-Policy

Cross-Origin-Resource-Policy

Missing Security Headers

Strict-Transport-Security

X-XSS-Protection

Content-Security-Policy

Request Assistance

External JavaScripts Detected

Only scripts from different domains are shown

Domain	Script URL	Type
www.googletagmanager.com	`https://www.googletagmanager.com/gtag/js?id=G-R20HXQL7GC`	External
www.googletagmanager.com	`https://www.googletagmanager.com/gtm.js`	Inline Reference

Malware Analysis Details

Suspicious Patterns Detected

Suspicious innerHTML manipulation

Dynamic HTML content that could be used maliciously

Severity: LOW

Matches Found: 2 (1 ignored)

Sample Matches:

.innerHTML = "Read More"

.innerHTML = "Read Less"

Recommendations

Review and clean suspicious HTML patterns
Consider using a Web Application Firewall (WAF)

Request Assistance

HTTP Headers

Learn about HTTP Headers

HTTP Response Code

403 Client Error - Request failed

HTTP Protocol Version

Excellent! Your website is using HTTP/2

Your website is using a modern HTTP protocol version, which provides better performance and security features.

Access Forbidden

Unfortunately we couldn't check the site. Please check your WAF or firewall for further information.

Security Protection Detected

The site is using Cloudflare CDN & WAF 👍

Gzip Compression Enabled 👍

Great! This site is using Gzip compression to improve performance and reduce bandwidth usage.

Header	Value
`date`	`Thu, 08 Jan 2026 17:00:38 GMT`
`vary`	`Accept-Encoding`
`cf-ray`	`9bad40957c184e39-ATL`
`server`	`cloudflare`
`alt-svc`	`h3=":443"; ma=86400`
`expires`	`Thu, 01 Jan 1970 00:00:01 GMT`
`accept-ch`	`Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA`
`set-cookie`	`__cf_bm=EbJhkVAMGQbK69dxVaCnAE51LxJGYkPMbs1DwsVtkLE-1767891638-1.0.1.1-D2BETub9Q6govD1Nerx9RTTm3upsXj4KN4GtXGzlouYL7ficN_y6EbjItMf1I7MBNYwS0YJtDoKTnuoEU5kzDOMJcdG0MXPbhpir2N2rzKM; path=/; expires=Thu, 08-Jan-26 17:30:38 GMT; domain=.glenbrook.com; HttpOnly; Secure; SameSite=None`
`critical-ch`	`Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA`
`cf-mitigated`	`challenge`
`content-type`	`text/html; charset=UTF-8`
`http_version`	`HTTP/2`
`cache-control`	`private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0`
`server-timing`	`chlray;desc="9bad40957c184e39"`
`referrer-policy`	`same-origin`
`x-frame-options`	`SAMEORIGIN`
`content-encoding`	`gzip`
`permissions-policy`	`accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()`
`origin-agent-cluster`	`?1`
`x-content-type-options`	`nosniff`
`cross-origin-opener-policy`	`same-origin`
`cross-origin-embedder-policy`	`require-corp`
`cross-origin-resource-policy`	`same-origin`

Service Disclaimer

Free Service: This website security analyzer is provided as a free service to help website owners and administrators identify potential security issues and improve their website's security posture.

Donations: We welcome and appreciate donations to help us maintain and improve this service. Your support helps us keep this tool free and continuously enhance its capabilities.

Affiliate Links: We may use affiliate links for various security services, hosting providers, and security tools mentioned throughout this analysis. If you choose to purchase any of these services through our links, we may receive a small commission at no additional cost to you. This helps support the development and maintenance of this free service.

Support Our Service

Help us keep this tool free and improve it further

Buy us a Coffee Make a Donation via PayPal