1. WPScan Online
Membership level: Free member
Enumerate Wordpress Users (wpscan --url https://selectel.ru/blog/ --enumerate u --random-user-agent --force --max-scan-duration 60)
URL: https://selectel.ru/blog/ [2a00:ab00:2000:2::1]
Started: Sun Dec 28 04:07:30 2025

Interesting Finding(s):

Headers
 | Interesting Entry: content-security-policy: connect-src 'self' *.maps.yandex.net api-maps.yandex.ru api.selectel.ru hog.selectel.ru https://chatwoot.selectel.ru wss://chatwoot.selectel.ru https://statuspal.io/api/v2/status_pages/selectel/summary https://*.mindbox.ru https://selectel.ru https://top-fwz1.mail.ru https://web.popmechanic.ru https://metrics.selectel.ru mc.yandex.ru selectel.ru suggest-maps.yandex.ru wss://api.selectel.ru wss://ws.selectel.ru www.youtube.com https://yulixr.ru/ https://h.albato.ru/wh/38/1lfgf80/ https://script.google.com/a/macros/selectel.com/s/AKfycbzM4er3RoKbPw3cQALGtakLQ7xfTtUk8PETDoXQyYh6kiCLnhu1oO4iCy2CuhT38cGrCA/exec https://script.google.com/macros/s/AKfycbzYbxnbJ7gTx_hqnirq2dpO4VfZcT0mp9F_7HEry7PoG5Okkp1AWC6fH464GLndM-NB/exec https://c759be32-5595-4058-904d-8884fe067c6e.selstorage.ru/price-license.json https://telegram.org/pxl; default-src 'none'; font-src 'self' data: https://cdn.selectel.ru https://cdn-blog.selectel.ru https://6ef4e6a1-9d49-47ac-bfed-170f67a815cf.selcdn.net https://fonts.gstatic.com; frame-ancestors 'self' my.selectel.ru promo.selectel.ru go.teachbase.ru learn.selectel.org webvisor.com metrika.yandex.ru; frame-src 'self' api-maps.yandex.ru calc.selectel.ru https://my.selectel.ru/ https://chatwoot.selectel.ru https://player.vimeo.com/ https://rutube.ru/ https://vk.com/ https://quiz.marquiz.ru/ https://youtube.com/ https://www.youtube.com/ https://kinescope.io/; img-src https: data: blob:; manifest-src 'self'; media-src 'self' https://chatwoot.selectel.ru https://cdn.selectel.ru https://cdn-blog.selectel.ru https://6ef4e6a1-9d49-47ac-bfed-170f67a815cf.selcdn.net https://files.selectel.ru; object-src 'self' blob:; report-uri https://relay.selectel.ru/api/87/security/?sentry_key=33110db9255441e5b312279003c189b1 https://relay.selectel.ru/api/20/csp-report/?sentry_key=7af12a7683624269a0cab11188e3d86e; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.maps.yandex.net api-maps.yandex.ru cdn.ampproject.org hog.selectel.ru https://chatwoot.selectel.ru https://cdn.selectel.ru https://cdn-blog.selectel.ru https://6ef4e6a1-9d49-47ac-bfed-170f67a815cf.selcdn.net https://cse.google.com/adsense/search/async-ads.js https://cse.google.com/cse.js https://cse.google.com/cse/element/v1 https://www.google.com/ https://embed.typeform.com/embed.js https://forms.amocrm.ru/ https://s.ytimg.com https://static.popmechanic.ru https://top-fwz1.mail.ru https://vk.com https://metrics.selectel.ru mc.yandex.ru https://*.mindbox.ru https://script.marquiz.ru https://widgets.mango-office.ru https://dct.mango-office.ru selectel.ru suggest-maps.yandex.ru www.youtube.com yastatic.net https://telegram.org/js/pixel.js; style-src 'self' 'unsafe-inline' https://cdn.selectel.ru/ https://cdn-blog.selectel.ru https://6ef4e6a1-9d49-47ac-bfed-170f67a815cf.selcdn.net https://chatwoot.selectel.ru https://fonts.googleapis.com https://static.popmechanic.ru https://www.google.com/cse/static/element/ https://www.google.com/cse/static/style/look/v4/espresso.css https://*.mindbox.ru https://quiz.marquiz.ru/css/; upgrade-insecure-requests;
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

WordPress readme found: https://selectel.ru/blog/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

This site seems to be a multisite
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%
 | Reference: http://codex.wordpress.org/Glossary#Multisite


Fingerprinting the version -: |======== No WPScan API Token given, as a result vulnerability data has not been output.
 You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

Finished: Sun Dec 28 04:08:13 2025
Requests Done: 229
Cached Requests: 6
Data Sent: 77.371 KB
Data Received: 22.132 MB
Memory used: 172.434 MB
Elapsed time: 00:00:42

Scan Aborted: Max Scan Duration Reached
Color Scheme
Target
selectel.ru
Scan method
Enumerate Wordpress Users
Run command
wpscan --url https://selectel.ru/blog/ --enumerate u --random-user-agent --force --max-scan-duration 60
Scan time
42s
Quick report
Order full scan ($19/one time)
Scan date
28 Dec 2025 07:08
Copy scan report
Download report
Remove scan result
$
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration: