URL: https://lasers4.eu/ [5.75.209.83] Started: Sat Nov 30 09:32:44 2024 Interesting Finding(s): Headers | Interesting Entries: | - Server: nginx | - X-Powered-By: PHP/8.1.31, PleskLin | - X-TEC-API-VERSION: v1 | - X-TEC-API-ROOT: https://lasers4.eu/wp-json/tribe/events/v1/ | - X-TEC-API-ORIGIN: https://lasers4.eu | Found By: Headers (Passive Detection) | Confidence: 100% robots.txt found: https://lasers4.eu/robots.txt | Interesting Entries: | - /wp-admin/ | - /wp-admin/admin-ajax.php | Found By: Robots Txt (Aggressive Detection) | Confidence: 100% XML-RPC seems to be enabled: https://lasers4.eu/xmlrpc.php | Found By: Link Tag (Passive Detection) | Confidence: 100% | Confirmed By: Direct Access (Aggressive Detection), 100% confidence | References: | - http://codex.wordpress.org/XML-RPC_Pingback_API | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/ | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/ | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/ | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/ This site seems to be a multisite | Found By: Direct Access (Aggressive Detection) | Confidence: 100% | Reference: http://codex.wordpress.org/Glossary#Multisite The external WP-Cron seems to be enabled: https://lasers4.eu/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 Fingerprinting the version -: |================================================| The WordPress version could not be detected. WordPress theme in use: Divi-child | Location: https://lasers4.eu/wp-content/themes/Divi-child/ | Readme: https://lasers4.eu/wp-content/themes/Divi-child/readme.txt | Style URL: https://lasers4.eu/wp-content/themes/Divi-child/style.css?ver=4.27.0.1724152157 | | Found By: Css Style In Homepage (Passive Detection) | Confirmed By: Css Style In 404 Page (Passive Detection) | | The version could not be determined. Enumerating Users (via Passive and Aggressive Methods) Brute Forcing Author IDs -: |=================================================| No Users Found. No WPScan API Token given, as a result vulnerability data has not been output. You can get a free API token with 25 daily requests by registering at https://wpscan.com/register Finished: Sat Nov 30 09:36:06 2024 Requests Done: 1479 Cached Requests: 12 Data Sent: 329.038 KB Data Received: 1.932 MB Memory used: 194.969 MB Elapsed time: 00:03:22