Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Is It Hacked? is an online detection tool for preliminary website security checks. After a user enters a URL, the service crawls and analyzes the site for signs of compromise, including cloaking for GoogleBot, spam links, malware, viruses, abnormal redirects, hidden text, and more. It emphasizes that it can scan websites built with a wide range of languages and frameworks, from CMS platforms such as WordPress, Magento, and Drupal to modern JavaScript stacks such as Next.js, React, Vue, Angular, and Node.js.
Based on the main description, its protection model is closer to “website security scanning / hacked-site investigation” than a full WAF or endpoint protection solution. Its core value lies in identifying visible post-infection symptoms, especially SEO spam, hidden text, and complex cloaking. Deployment appears lightweight: users mainly enter a website URL online to start a scan. The page also mentions a cloud website protection platform and free cleanup service, but does not clarify whether DNS onboarding, plugin installation, or proxy deployment is required.
For pricing, the text explicitly states that it offers a free website security scanning product, and that free cleanup is available through its cloud website protection platform. However, it does not disclose paid plans, packages, scan frequency limits, or enterprise service pricing. Management and alerting details are missing: there is no mention of continuous monitoring, email/Slack alerts, dashboards, historical reports, or similar features. Integration capabilities are mainly reflected in its ability to scan websites built with many technology stacks; there is no visible description of API, SIEM, Webhook, or DevSecOps integrations. Compliance certifications, SLA, data retention, and privacy terms are also not covered in the main text.
Its strengths are that it is free, easy to use, and focuses on detection points that closely match typical symptoms of a compromised website, while covering many CMSs, frameworks, and programming languages. The team claims to have more than 15 years of cybersecurity experience and also provides a security blog for educational content. The main weakness is limited enterprise-level transparency: scanning methodology, report depth, false-positive handling, cleanup workflow, customer support, compliance certifications, and alerting mechanisms are not sufficiently disclosed.
It is suitable for webmasters, small and midsize business websites, e-commerce sites, and SEO/operations teams that need a quick self-check, especially for sites suspected of malware injection, spam link insertion, or malicious redirects. If compliance audits, continuous monitoring, SLA, or localized response are required, it should still be used alongside a more complete security platform. Access from China, payment methods, and local support are not specified in the main text, so they should be considered unknown; domestic users may also look at alternatives such as Knownsec or 360 for website security scanning or cloud protection.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on isithacked.com official site.
isithacked.com is an United States Security provider. TG4G tracks its product information, an overall rating of 7.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach isithacked.com directly.