URL: https://sincrolab.es/ [178.211.133.23]
Started: Wed Oct  1 12:51:47 2025

Interesting Finding(s):

Headers
 | Interesting Entries:
 |  - X-Powered-By: PHP/8.0.30
 |  - alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
 | Found By: Headers (Passive Detection)
 | Confidence: 100%

robots.txt found: https://sincrolab.es/robots.txt
 | Interesting Entries:
 |  - /wp-admin/
 |  - /wp-admin/admin-ajax.php
 | Found By: Robots Txt (Aggressive Detection)
 | Confidence: 100%

WordPress readme found: https://sincrolab.es/readme.html
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 100%

The external WP-Cron seems to be enabled: https://sincrolab.es/wp-cron.php
 | Found By: Direct Access (Aggressive Detection)
 | Confidence: 60%
 | References:
 |  - https://www.iplocation.net/defend-wordpress-from-ddos
 |  - https://github.com/wpscanteam/wpscan/issues/1299

 No WPScan API Token given, as a result vulnerability data has not been output.
 You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

Finished: Wed Oct  1 12:52:41 2025
Requests Done: 25
Cached Requests: 5
Data Sent: 7.336 KB
Data Received: 394.612 KB
Memory used: 95.988 MB
Elapsed time: 00:00:54

Scan Aborted: Max Scan Duration Reached

Target

sincrolab.es

Scan method

Enumerate Wordpress Users

Run command

wpscan --url https://sincrolab.es/ --enumerate u --random-user-agent --force --max-scan-duration 60

Scan time

54s

Quick report

Order full scan ($19/one time)

Scan date

01 Oct 2025 15:52

Copy scan report

Download report

Remove scan result

$