URL: https://dev.szf.sr/ [70.32.23.56] Started: Sat Dec 7 19:47:20 2024 Interesting Finding(s): Headers | Interesting Entries: | - x-powered-by: PHP/7.4.33 | - server: LiteSpeed | - alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" | Found By: Headers (Passive Detection) | Confidence: 100% robots.txt found: https://dev.szf.sr/robots.txt | Found By: Robots Txt (Aggressive Detection) | Confidence: 100% XML-RPC seems to be enabled: https://dev.szf.sr/xmlrpc.php | Found By: Direct Access (Aggressive Detection) | Confidence: 100% | References: | - http://codex.wordpress.org/XML-RPC_Pingback_API | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_ghost_scanner/ | - https://www.rapid7.com/db/modules/auxiliary/dos/http/wordpress_xmlrpc_dos/ | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_xmlrpc_login/ | - https://www.rapid7.com/db/modules/auxiliary/scanner/http/wordpress_pingback_access/ WordPress readme found: https://dev.szf.sr/readme.html | Found By: Direct Access (Aggressive Detection) | Confidence: 100% This site seems to be a multisite | Found By: Direct Access (Aggressive Detection) | Confidence: 100% | Reference: http://codex.wordpress.org/Glossary#Multisite The external WP-Cron seems to be enabled: https://dev.szf.sr/wp-cron.php | Found By: Direct Access (Aggressive Detection) | Confidence: 60% | References: | - https://www.iplocation.net/defend-wordpress-from-ddos | - https://github.com/wpscanteam/wpscan/issues/1299 Fingerprinting the version -: |=== No WPScan API Token given, as a result vulnerability data has not been output. You can get a free API token with 25 daily requests by registering at https://wpscan.com/register Finished: Sat Dec 7 19:49:02 2024 Requests Done: 138 Cached Requests: 7 Data Sent: 36.041 KB Data Received: 829.048 KB Memory used: 122.199 MB Elapsed time: 00:01:42 Scan Aborted: Max Scan Duration Reached