Activity Log

Nmap 7.95 ( https://nmap.org )
Usage: nmap [Scan Type(s)] [Options] {target specification}
TARGET SPECIFICATION:
Can pass hostnames, IP addresses, networks, etc.
Ex: scanme.nmap.org, microsoft.com/24, 192.168.0.1; 10.0.0-255.1-254
-iL <inputfilename>: Input from list of hosts/networks
-iR <num hosts>: Choose random targets
--exclude <host1[,host2][,host3],...>: Exclude hosts/networks
--excludefile <exclude_file>: Exclude list from file
HOST DISCOVERY:
-sL: List Scan - simply list targets to scan
-sn: Ping Scan - disable port scan
-Pn: Treat all hosts as online -- skip host discovery
-PS/PA/PU/PY[portlist]: TCP SYN, TCP ACK, UDP or SCTP discovery to given ports
-PE/PP/PM: ICMP echo, timestamp, and netmask request discovery probes
-PO[protocol list]: IP Protocol Ping
-n/-R: Never do DNS resolution/Always resolve [default: sometimes]
--dns-servers <serv1[,serv2],...>: Specify custom DNS servers
--system-dns: Use OS's DNS resolver
--traceroute: Trace hop path to each host
SCAN TECHNIQUES:
-sS/sT/sA/sW/sM: TCP SYN/Connect()/ACK/Window/Maimon scans
-sU: UDP Scan
-sN/sF/sX: TCP Null, FIN, and Xmas scans
--scanflags <flags>: Customize TCP scan flags
-sI <zombie host[:probeport]>: Idle scan
-sY/sZ: SCTP INIT/COOKIE-ECHO scans
-sO: IP protocol scan
-b <FTP relay host>: FTP bounce scan
PORT SPECIFICATION AND SCAN ORDER:
-p <port ranges>: Only scan specified ports
Ex: -p22; -p1-65535; -p U:53,111,137,T:21-25,80,139,8080,S:9
--exclude-ports <port ranges>: Exclude the specified ports from scanning
-F: Fast mode - Scan fewer ports than the default scan
-r: Scan ports sequentially - don't randomize
--top-ports <number>: Scan <number> most common ports
--port-ratio <ratio>: Scan ports more common than <ratio>
SERVICE/VERSION DETECTION:
-sV: Probe open ports to determine service/version info
--version-intensity <level>: Set from 0 (light) to 9 (try all probes)
--version-light: Limit to most likely probes (intensity 2)
--version-all: Try every single probe (intensity 9)
--version-trace: Show detailed version scan activity (for debugging)
SCRIPT SCAN:
-sC: equivalent to --script=default
--script=<Lua scripts>: <Lua scripts> is a comma separated list of
directories, script-files or script-categories
--script-args=<n1=v1,[n2=v2,...]>: provide arguments to scripts
--script-args-file=filename: provide NSE script args in a file
--script-trace: Show all data sent and received
--script-updatedb: Update the script database.
--script-help=<Lua scripts>: Show help about scripts.
<Lua scripts> is a comma-separated list of script-files or
script-categories.
OS DETECTION:
-O: Enable OS detection
--osscan-limit: Limit OS detection to promising targets
--osscan-guess: Guess OS more aggressively
TIMING AND PERFORMANCE:
Options which take <time> are in seconds, or append 'ms' (milliseconds),
's' (seconds), 'm' (minutes), or 'h' (hours) to the value (e.g. 30m).
-T<0-5>: Set timing template (higher is faster)
--min-hostgroup/max-hostgroup <size>: Parallel host scan group sizes
--min-parallelism/max-parallelism <numprobes>: Probe parallelization
--min-rtt-timeout/max-rtt-timeout/initial-rtt-timeout <time>: Specifies
probe round trip time.
--max-retries <tries>: Caps number of port scan probe retransmissions.
--host-timeout <time>: Give up on target after this long
--scan-delay/--max-scan-delay <time>: Adjust delay between probes
--min-rate <number>: Send packets no slower than <number> per second
--max-rate <number>: Send packets no faster than <number> per second
FIREWALL/IDS EVASION AND SPOOFING:
-f; --mtu <val>: fragment packets (optionally w/given MTU)
-D <decoy1,decoy2[,ME],...>: Cloak a scan with decoys
-S <IP_Address>: Spoof source address
-e <iface>: Use specified interface
-g/--source-port <portnum>: Use given port number
--proxies <url1,[url2],...>: Relay connections through HTTP/SOCKS4 proxies
--data <hex string>: Append a custom payload to sent packets
--data-string <string>: Append a custom ASCII string to sent packets
--data-length <num>: Append random data to sent packets
--ip-options <options>: Send packets with specified ip options
--ttl <val>: Set IP time-to-live field
--spoof-mac <mac address/prefix/vendor name>: Spoof your MAC address
--badsum: Send packets with a bogus TCP/UDP/SCTP checksum
OUTPUT:
-oN/-oX/-oS/-oG <file>: Output scan in normal, XML, s|<rIpt kIddi3,
and Grepable format, respectively, to the given filename.
-oA <basename>: Output in the three major formats at once
-v: Increase verbosity level (use -vv or more for greater effect)
-d: Increase debugging level (use -dd or more for greater effect)
--reason: Display the reason a port is in a particular state
--open: Only show open (or possibly open) ports
--packet-trace: Show all packets sent and received
--iflist: Print host interfaces and routes (for debugging)
--append-output: Append to rather than clobber specified output files
--resume <filename>: Resume an aborted scan
--noninteractive: Disable runtime interactions via keyboard
--stylesheet <path/URL>: XSL stylesheet to transform XML output to HTML
--webxml: Reference stylesheet from Nmap.Org for more portable XML
--no-stylesheet: Prevent associating of XSL stylesheet w/XML output
MISC:
-6: Enable IPv6 scanning
-A: Enable OS detection, version detection, script scanning, and traceroute
--datadir <dirname>: Specify custom Nmap data file location
--send-eth/--send-ip: Send using raw ethernet frames or IP packets
--privileged: Assume that the user is fully privileged
--unprivileged: Assume the user lacks raw socket privileges
-V: Print version number
-h: Print this help summary page.
EXAMPLES:
nmap -v -A scanme.nmap.org
nmap -v -sn 192.168.0.0/16 10.0.0.0/8
nmap -v -iR 10000 -Pn -p 80
SEE THE MAN PAGE (https://nmap.org/book/man.html) FOR MORE OPTIONS AND EXAMPLES

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-15 17:17 UTC
NSE: failed to initialize the script engine:
/usr/share/nmap/nse_main.lua:829: 'https://veloxview.com/' did not match a category, filename, or directory
stack traceback:
[C]: in function 'error'
/usr/share/nmap/nse_main.lua:829: in local 'get_chosen_scripts'
/usr/share/nmap/nse_main.lua:1364: in main chunk
[C]: in ?

QUITTING!

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-15 17:16 UTC
NSE: Loaded 47 scripts for scanning.
Unable to split netmask from target expression: "https://veloxview.com/"
Read data files from: /usr/share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.16 seconds
Raw packets sent: 0 (0B) | Rcvd: 0 (0B)

_______________________________________________________________
__          _______   _____
\ \        / /  __ \ / ____|
\ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
\ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
\  /\  /  | |     ____) | (__| (_| | | | |
\/  \/   |_|    |_____/ \___|\__,_|_| |_|

WordPress Security Scanner by the WPScan Team
Version 3.8.28
Sponsored by Automattic - https://automattic.com/
@_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[+] URL: https://veloxview.com/ [172.67.131.74]
[+] Started: Sat Nov 15 16:58:23 2025

Interesting Finding(s):

[+] Headers
| Interesting Entries:
|  - x-powered-by: PHP/8.2.28
|  - nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
|  - x-litespeed-cache: hit
|  - report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=unFZfVk4jdWIBLzIuUOUYADJYHYlDMdGNNSzZbTT8VwTHJiGdRFSCi7qk4dPZTzFFUewVvdFuw6Pfu9pDSbBUr66dIjjJOXiPO17BZ4%3D"}]}
|  - server: cloudflare
|  - platform: hostinger
|  - panel: hpanel
|  - content-security-policy: upgrade-insecure-requests
|  - alt-svc: h3=":443"; ma=86400
|  - x-turbo-charged-by: LiteSpeed
|  - cf-cache-status: DYNAMIC
|  - cf-ray: 99f04ade2bc22223-EWR
| Found By: Headers (Passive Detection)
| Confidence: 100%

[+] robots.txt found: https://veloxview.com/robots.txt
| Found By: Robots Txt (Aggressive Detection)
| Confidence: 100%

[+] WordPress version 6.7.4 identified (Outdated, released on 2025-09-30).
| Found By: Rss Generator (Passive Detection)
|  - https://veloxview.com/feed/, <generator>https://wordpress.org/?v=6.7.4</generator>
|  - https://veloxview.com/comments/feed/, <generator>https://wordpress.org/?v=6.7.4</generator>

[+] WordPress theme in use: appointment-booking
| Location: https://veloxview.com/wp-content/themes/appointment-booking/
| Latest Version: 1.2.4
| Last Updated: 2025-11-11T00:00:00.000Z
| Readme: https://veloxview.com/wp-content/themes/appointment-booking/readme.txt
| Style URL: https://veloxview.com/wp-content/themes/appointment-booking/style.css?ver=6.7.4
|
| Found By: Css Style In Homepage (Passive Detection)
|
| The version could not be determined.

[+] Enumerating All Plugins (via Passive Methods)
[+] Checking Plugin Versions (via Passive and Aggressive Methods)

[i] Plugin(s) Identified:

[+] wordpress-seo
| Location: https://veloxview.com/wp-content/plugins/wordpress-seo/
| Last Updated: 2025-11-04T09:30:00.000Z
| [!] The version is out of date, the latest version is 26.3
|
| Found By: Comment (Passive Detection)
|
| Version: 23.9 (100% confidence)
| Found By: Comment (Passive Detection)
|  - https://veloxview.com/, Match: 'optimized with the Yoast SEO plugin v23.9 -'
| Confirmed By:
|  Readme - Stable Tag (Aggressive Detection)
|   - https://veloxview.com/wp-content/plugins/wordpress-seo/readme.txt
|  Readme - ChangeLog Section (Aggressive Detection)
|   - https://veloxview.com/wp-content/plugins/wordpress-seo/readme.txt

[+] wp-show-posts
| Location: https://veloxview.com/wp-content/plugins/wp-show-posts/
| Latest Version: 1.1.6 (up to date)
| Last Updated: 2024-04-16T19:12:00.000Z
|
| Found By: Urls In Homepage (Passive Detection)
|
| Version: 1.1.6 (100% confidence)
| Found By: Query Parameter (Passive Detection)
|  - https://veloxview.com/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.6
| Confirmed By:
|  Readme - Stable Tag (Aggressive Detection)
|   - https://veloxview.com/wp-content/plugins/wp-show-posts/readme.txt
|  Readme - ChangeLog Section (Aggressive Detection)
|   - https://veloxview.com/wp-content/plugins/wp-show-posts/readme.txt

[+] Enumerating Config Backups (via Passive and Aggressive Methods)

Checking Config Backups - Time: 00:00:00 <    > (0 / 137)  0.00%  ETA: ??:??:??
Checking Config Backups - Time: 00:00:00 <    > (1 / 137)  0.72%  ETA: 00:00:19
Checking Config Backups - Time: 00:00:00 <    > (2 / 137)  1.45%  ETA: 00:00:10
Checking Config Backups - Time: 00:00:00 <    > (5 / 137)  3.64%  ETA: 00:00:22
Checking Config Backups - Time: 00:00:00 <    > (6 / 137)  4.37%  ETA: 00:00:20
Checking Config Backups - Time: 00:00:00 <    > (7 / 137)  5.10%  ETA: 00:00:18
Checking Config Backups - Time: 00:00:00 <    > (9 / 137)  6.56%  ETA: 00:00:14
Checking Config Backups - Time: 00:00:01 <   > (10 / 137)  7.29%  ETA: 00:00:14
Checking Config Backups - Time: 00:00:01 <   > (11 / 137)  8.02%  ETA: 00:00:14
Checking Config Backups - Time: 00:00:01 <   > (12 / 137)  8.75%  ETA: 00:00:13
Checking Config Backups - Time: 00:00:01 <   > (13 / 137)  9.48%  ETA: 00:00:12
Checking Config Backups - Time: 00:00:01 <   > (15 / 137) 10.94%  ETA: 00:00:11
Checking Config Backups - Time: 00:00:01 <   > (16 / 137) 11.67%  ETA: 00:00:12
Checking Config Backups - Time: 00:00:01 <   > (18 / 137) 13.13%  ETA: 00:00:10
Checking Config Backups - Time: 00:00:01 <   > (20 / 137) 14.59%  ETA: 00:00:10
Checking Config Backups - Time: 00:00:01 <   > (21 / 137) 15.32%  ETA: 00:00:10
Checking Config Backups - Time: 00:00:01 <   > (23 / 137) 16.78%  ETA: 00:00:09
Checking Config Backups - Time: 00:00:01 <   > (25 / 137) 18.24%  ETA: 00:00:09
Checking Config Backups - Time: 00:00:02 <   > (26 / 137) 18.97%  ETA: 00:00:09
Checking Config Backups - Time: 00:00:02 <   > (28 / 137) 20.43%  ETA: 00:00:08
Checking Config Backups - Time: 00:00:02 <   > (30 / 137) 21.89%  ETA: 00:00:08
Checking Config Backups - Time: 00:00:02 <   > (31 / 137) 22.62%  ETA: 00:00:08
Checking Config Backups - Time: 00:00:02 <   > (33 / 137) 24.08%  ETA: 00:00:08
Checking Config Backups - Time: 00:00:02 <   > (35 / 137) 25.54%  ETA: 00:00:07
Checking Config Backups - Time: 00:00:02 <   > (37 / 137) 27.00%  ETA: 00:00:07
Checking Config Backups - Time: 00:00:02 <   > (39 / 137) 28.46%  ETA: 00:00:06
Checking Config Backups - Time: 00:00:02 <   > (41 / 137) 29.92%  ETA: 00:00:06
Checking Config Backups - Time: 00:00:02 <   > (43 / 137) 31.38%  ETA: 00:00:06
Checking Config Backups - Time: 00:00:02 <   > (45 / 137) 32.84%  ETA: 00:00:05
Checking Config Backups - Time: 00:00:02 <=  > (47 / 137) 34.30%  ETA: 00:00:05
Checking Config Backups - Time: 00:00:02 <=  > (50 / 137) 36.49%  ETA: 00:00:05
Checking Config Backups - Time: 00:00:02 <=  > (52 / 137) 37.95%  ETA: 00:00:04
Checking Config Backups - Time: 00:00:02 <=  > (55 / 137) 40.14%  ETA: 00:00:04
Checking Config Backups - Time: 00:00:02 <=  > (57 / 137) 41.60%  ETA: 00:00:04
Checking Config Backups - Time: 00:00:02 <=  > (60 / 137) 43.79%  ETA: 00:00:03
Checking Config Backups - Time: 00:00:02 <=  > (62 / 137) 45.25%  ETA: 00:00:03
Checking Config Backups - Time: 00:00:02 <=  > (65 / 137) 47.44%  ETA: 00:00:03
Checking Config Backups - Time: 00:00:02 <=  > (67 / 137) 48.90%  ETA: 00:00:03
Checking Config Backups - Time: 00:00:02 <=  > (70 / 137) 51.09%  ETA: 00:00:03
Checking Config Backups - Time: 00:00:02 <=  > (72 / 137) 52.55%  ETA: 00:00:03
Checking Config Backups - Time: 00:00:02 <=  > (75 / 137) 54.74%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <=  > (77 / 137) 56.20%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <=  > (80 / 137) 58.39%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <=  > (82 / 137) 59.85%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <=  > (85 / 137) 62.04%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <=  > (87 / 137) 63.50%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <=  > (90 / 137) 65.69%  ETA: 00:00:02
Checking Config Backups - Time: 00:00:02 <== > (92 / 137) 67.15%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:02 <== > (95 / 137) 69.34%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:02 <== > (97 / 137) 70.80%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (100 / 137) 72.99%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (102 / 137) 74.45%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (105 / 137) 76.64%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (107 / 137) 78.10%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (110 / 137) 80.29%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (112 / 137) 81.75%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (115 / 137) 83.94%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (117 / 137) 85.40%  ETA: 00:00:01
Checking Config Backups - Time: 00:00:03 <= > (120 / 137) 87.59%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (122 / 137) 89.05%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (125 / 137) 91.24%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (127 / 137) 92.70%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (130 / 137) 94.89%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (132 / 137) 96.35%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (134 / 137) 97.81%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:03 <= > (135 / 137) 98.54%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:04 <= > (136 / 137) 99.27%  ETA: 00:00:00
Checking Config Backups - Time: 00:00:04 <=> (137 / 137) 100.00% Time: 00:00:04

[i] No Config Backups Found.

[!] No WPScan API Token given, as a result vulnerability data has not been output.
[!] You can get a free API token with 25 daily requests by registering at https://wpscan.com/register

[+] Finished: Sat Nov 15 16:58:48 2025
[+] Requests Done: 176
[+] Cached Requests: 6
[+] Data Sent: 36.188 KB
[+] Data Received: 3.61 MB
[+] Memory used: 281.797 MB
[+] Elapsed time: 00:00:24

_______________________________________________________________
__          _______   _____
\ \        / /  __ \ / ____|
\ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
\ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
\  /\  /  | |     ____) | (__| (_| | | | |
\/  \/   |_|    |_____/ \___|\__,_|_| |_|

WordPress Security Scanner by the WPScan Team
Version 3.8.28
Sponsored by Automattic - https://automattic.com/
@_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[i] Updating the Database ...
[i] Update completed.

_______________________________________________________________
__          _______   _____
\ \        / /  __ \ / ____|
\ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
\ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
\  /\  /  | |     ____) | (__| (_| | | | |
\/  \/   |_|    |_____/ \___|\__,_|_| |_|

WordPress Security Scanner by the WPScan Team
Version 3.8.28
Sponsored by Automattic - https://automattic.com/
@_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

[i] It seems like you have not updated the database for some time.
[!] Task timed out and was killed inside container.
[?] Do you want to update now? [Y]es [N]o, default: [N][?2004h▽
Scan Aborted: SIGTERM
Trace: /usr/lib/ruby/3.3.0/reline/io/ansi.rb:256:in `getc'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:256:in `block (2 levels) in cursor_pos'
<internal:kernel>:187:in `loop'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:255:in `block in cursor_pos'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:252:in `raw'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:252:in `cursor_pos'
/usr/lib/ruby/3.3.0/reline.rb:424:in `may_req_ambiguous_char_width'
/usr/lib/ruby/3.3.0/reline.rb:310:in `inner_readline'
/usr/lib/ruby/3.3.0/reline.rb:280:in `block (2 levels) in readline'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:164:in `block in with_raw_input'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:164:in `raw'
/usr/lib/ruby/3.3.0/reline/io/ansi.rb:164:in `with_raw_input'
/usr/lib/ruby/3.3.0/reline.rb:279:in `block in readline'
/usr/lib/ruby/3.3.0/reline.rb:278:in `synchronize'
/usr/lib/ruby/3.3.0/reline.rb:278:in `readline'
/usr/lib/ruby/3.3.0/forwardable.rb:240:in `readline'
/usr/share/rubygems-integration/all/gems/wpscan-3.8.28/app/controllers/core.rb:42:in `update_db_required?'
/usr/share/rubygems-integration/all/gems/wpscan-3.8.28/app/controllers/core.rb:57:in `before_scan'
/usr/share/rubygems-integration/all/gems/cms_scanner-0.15.0/lib/cms_scanner/controllers.rb:46:in `each'
/usr/share/rubygems-integration/all/gems/cms_scanner-0.15.0/lib/cms_scanner/controllers.rb:46:in `block in run'
/usr/lib/ruby/3.3.0/timeout.rb:170:in `timeout'
/usr/share/rubygems-integration/all/gems/cms_scanner-0.15.0/lib/cms_scanner/controllers.rb:45:in `run'
/usr/share/rubygems-integration/all/gems/cms_scanner-0.15.0/lib/cms_scanner/scan.rb:24:in `run'
/usr/share/rubygems-integration/all/gems/wpscan-3.8.28/bin/wpscan:17:in `block in <top (required)>'
/usr/share/rubygems-integration/all/gems/cms_scanner-0.15.0/lib/cms_scanner/scan.rb:15:in `initialize'
/usr/share/rubygems-integration/all/gems/wpscan-3.8.28/bin/wpscan:6:in `new'
/usr/share/rubygems-integration/all/gems/wpscan-3.8.28/bin/wpscan:6:in `<top (required)>'
/usr/bin/wpscan:25:in `load'
/usr/bin/wpscan:25:in `<main>'

_______________________________________________________________
__          _______   _____
\ \        / /  __ \ / ____|
\ \  /\  / /| |__) | (___   ___  __ _ _ __ ®
\ \/  \/ / |  ___/ \___ \ / __|/ _` | '_ \
\  /\  /  | |     ____) | (__| (_| | | | |
\/  \/   |_|    |_____/ \___|\__,_|_| |_|

WordPress Security Scanner by the WPScan Team
Version 3.8.28
Sponsored by Automattic - https://automattic.com/
@_WPScan_, @ethicalhack3r, @erwan_lr, @firefart
_______________________________________________________________

Usage: wpscan [options]
--url URL                                 The URL of the blog to scan
Allowed Protocols: http, https
Default Protocol if none provided: http
This option is mandatory unless update or help or hh or version is/are supplied
-h, --help                                    Display the simple help and exit
--hh                                      Display the full help and exit
--version                                 Display the version and exit
-v, --verbose                                 Verbose mode
--[no-]banner                             Whether or not to display the banner
Default: true
-o, --output FILE                             Output to FILE
-f, --format FORMAT                           Output results in the format supplied
Available choices: cli-no-colour, cli-no-color, json, cli
--detection-mode MODE                     Default: mixed
Available choices: mixed, passive, aggressive
--user-agent, --ua VALUE
--random-user-agent, --rua                Use a random user-agent for each scan
--http-auth login:password
-t, --max-threads VALUE                       The max threads to use
Default: 5
--throttle MilliSeconds                   Milliseconds to wait before doing another web request. If used, the max threads will be set to 1.
--request-timeout SECONDS                 The request timeout in seconds
Default: 60
--connect-timeout SECONDS                 The connection timeout in seconds
Default: 30
--disable-tls-checks                      Disables SSL/TLS certificate verification, and downgrade to TLS1.0+ (requires cURL 7.66 for the latter)
--proxy protocol://IP:port                Supported protocols depend on the cURL installed
--proxy-auth login:password
--cookie-string COOKIE                    Cookie string to use in requests, format: cookie1=value1[; cookie2=value2]
--cookie-jar FILE-PATH                    File to read and write cookies
Default: /tmp/wpscan/cookie_jar.txt
--force                                   Do not check if the target is running WordPress or returns a 403
--[no-]update                             Whether or not to update the Database
--api-token TOKEN                         The WPScan API Token to display vulnerability data, available at https://wpscan.com/profile
--wp-content-dir DIR                      The wp-content directory if custom or not detected, such as "wp-content"
--wp-plugins-dir DIR                      The plugins directory if custom or not detected, such as "wp-content/plugins"
-e, --enumerate [OPTS]                        Enumeration Process
Available Choices:
vp   Vulnerable plugins
ap   All plugins
p    Popular plugins
vt   Vulnerable themes
at   All themes
t    Popular themes
tt   Timthumbs
cb   Config backups
dbe  Db exports
u    User IDs range. e.g: u1-5
Range separator to use: '-'
Value if no argument supplied: 1-10
m    Media IDs range. e.g m1-15
Note: Permalink setting must be set to "Plain" for those to be detected
Range separator to use: '-'
Value if no argument supplied: 1-100
Separator to use between the values: ','
Default: All Plugins, Config Backups
Value if no argument supplied: vp,vt,tt,cb,dbe,u,m
Incompatible choices (only one of each group/s can be used):
- vp, ap, p
- vt, at, t
--exclude-content-based REGEXP_OR_STRING  Exclude all responses matching the Regexp (case insensitive) during parts of the enumeration.
Both the headers and body are checked. Regexp delimiters are not required.
--plugins-detection MODE                  Use the supplied mode to enumerate Plugins.
Default: passive
Available choices: mixed, passive, aggressive
--plugins-version-detection MODE          Use the supplied mode to check plugins' versions.
Default: mixed
Available choices: mixed, passive, aggressive
--exclude-usernames REGEXP_OR_STRING      Exclude usernames matching the Regexp/string (case insensitive). Regexp delimiters are not required.
-P, --passwords FILE-PATH                     List of passwords to use during the password attack.
If no --username/s option supplied, user enumeration will be run.
-U, --usernames LIST                          List of usernames to use during the password attack.
Examples: 'a1', 'a1,a2,a3', '/tmp/a.txt'
--multicall-max-passwords MAX_PWD         Maximum number of passwords to send by request with XMLRPC multicall
Default: 500
--password-attack ATTACK                  Force the supplied attack to be used rather than automatically determining one.
Multicall will only work against WP < 4.4
Available choices: wp-login, xmlrpc, xmlrpc-multicall
--login-uri URI                           The URI of the login page if different from /wp-login.php
--stealthy                                Alias for --random-user-agent --detection-mode passive --plugins-version-detection passive

[!] To see full list of options use --hh.

One of the following options is required: --url, --update, --help, --hh, --version

Please use --help/-h for the list of available options.

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-14 13:48 UTC
Nmap scan report for 45.90.106.7
Host is up (0.10s latency).
Not shown: 995 closed tcp ports (reset)
PORT     STATE    SERVICE
25/tcp   filtered smtp
2020/tcp open     xinupageserver
2021/tcp open     servexec
2022/tcp open     down
7778/tcp open     interwise

Nmap done: 1 IP address (1 host up) scanned in 2.66 seconds

http://ranepa.ru [308 Permanent Redirect] HTTPServer[Angie], IP[185.71.67.123], RedirectLocation[https://www.ranepa.ru/], Title[308 Permanent Redirect]
https://ranepa.ru [308 Permanent Redirect] HTTPServer[Angie], IP[185.71.67.123], RedirectLocation[https://www.ranepa.ru/], Title[308 Permanent Redirect]
https://www.ranepa.ru/ [200 OK] Cookies[__js_p_], HTTPServer[Angie], IP[185.71.67.123], Script

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 10:27 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.07 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 10:26 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.34 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 10:26 UTC
Nmap scan report for 167.148.195.207
Host is up (0.10s latency).

PORT   STATE SERVICE VERSION
21/tcp open  ftp     ProFTPD

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.22 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 10:26 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.37 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 10:23 UTC
Nmap scan report for libertydroidwestthebest.live (167.148.195.207)
Host is up (0.10s latency).
Not shown: 987 closed tcp ports (reset)
PORT     STATE    SERVICE  VERSION
21/tcp   open     ftp      ProFTPD
22/tcp   open     ssh      OpenSSH 8.9p1 Ubuntu 3ubuntu0.13 (Ubuntu Linux; protocol 2.0)
25/tcp   filtered smtp
80/tcp   open     http     nginx 1.28.0
110/tcp  open     pop3     Dovecot pop3d
143/tcp  open     imap     Dovecot imapd (Ubuntu)
443/tcp  open     ssl/http nginx 1.28.0
465/tcp  open     ssl/smtp Exim smtpd 4.95
587/tcp  open     smtp     Exim smtpd 4.95
993/tcp  open     imaps?
995/tcp  open     pop3s?
7777/tcp open     http     nginx
8888/tcp open     http     nginx
Service Info: Host: 7140772745-04-11-2025.thornix.co.in; OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 27.03 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 09:39 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.06 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-12 09:18 UTC
Nmap scan report for 167.148.195.207
Host is up (0.10s latency).
Not shown: 987 closed tcp ports (reset)
PORT     STATE    SERVICE  VERSION
21/tcp   open     ftp      ProFTPD
22/tcp   open     ssh      OpenSSH 8.9p1 Ubuntu 3ubuntu0.13 (Ubuntu Linux; protocol 2.0)
25/tcp   filtered smtp
80/tcp   open     http     nginx 1.28.0
110/tcp  open     pop3     Dovecot pop3d
143/tcp  open     imap     Dovecot imapd (Ubuntu)
443/tcp  open     ssl/http nginx 1.28.0
465/tcp  open     ssl/smtp Exim smtpd 4.95
587/tcp  open     smtp     Exim smtpd 4.95
993/tcp  open     imaps?
995/tcp  open     pop3s?
7777/tcp open     http     nginx
8888/tcp open     http     nginx
Service Info: Host: 7140772745-04-11-2025.thornix.co.in; OS: Linux; CPE: cpe:/o:linux:linux_kernel

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 27.39 seconds

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-11 07:42 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.05 seconds

[*] std: Performing General Enumeration against: dp.ru...
[-] DNSSEC is not configured for dp.ru
[*] 	 SOA ns1.selectel.ru 188.68.203.10
[*] 	 SOA ns1.selectel.ru 2a00:ab00:800::53
[*] 	 NS ns8-l2.nic.ru 91.217.21.20
[*] 	 Bind Version for 91.217.21.20 3.3.4"
[*] 	 NS ns4-l2.nic.ru 91.217.20.20
[*] 	 Bind Version for 91.217.20.20 3.3.4"
[*] 	 NS ns3-l2.nic.ru 193.232.146.1
[*] 	 Bind Version for 193.232.146.1 3.3.4"
[*] 	 NS ns4.selectel.ru 77.223.114.10
[*] 	 Bind Version for 77.223.114.10 DNS-hosting"
[*] 	 NS ns4.selectel.ru 2a00:ab00:803::53
[*] 	 NS ns3.selectel.ru 188.68.203.5
[*] 	 Bind Version for 188.68.203.5 DNS-hosting"
[*] 	 NS ns3.selectel.ru 2a00:ab00:802::53
[*] 	 NS ns2.selectel.ru 77.223.114.5
[*] 	 Bind Version for 77.223.114.5 DNS-hosting"
[*] 	 NS ns2.selectel.ru 2a00:ab00:801::53
[*] 	 NS ns1.selectel.ru 188.68.203.10
[*] 	 Bind Version for 188.68.203.10 DNS-hosting"
[*] 	 NS ns1.selectel.ru 2a00:ab00:800::53
[*] 	 MX rel2x.dp.ru 5.188.107.227
[*] 	 MX rel1x.dp.ru 95.161.201.244
[*] 	 A dp.ru 185.178.208.14
[*] 	 TXT dp.ru facebook-domain-verification=52y5g8wiasiups6xoe5vopol6hgkf7
[*] 	 TXT dp.ru google-site-verification=FDv0p5d8at8E4WrOjRU-xi0kLYfdGWnWBfbKkusBuYY
[*] 	 TXT dp.ru google-site-verification=jF8A4cOpZ_AAjWcbvJTtA0irR8J_8OBVZF70SrcBj8Y
[*] 	 TXT dp.ru yandex-verification: 86de0d9e2441fbb1
[*] 	 TXT dp.ru yandex-verification: 4390da263122e0b4
[*] 	 TXT dp.ru v=spf1 include:spf.unisender.com a:mail.dp.ru a:rel1x.dp.ru a:rel1r.dp.ru a:mx2.dp.ru a:rel2x.dp.ru ip4:31.186.101.67 ip4:95.161.201.241 ~all
[*] 	 TXT _domainkey.dp.ru o=~
[*] 	 TXT _domainkey.dp.ru "t=s; o=~;"
[*] Enumerating SRV Records
[-] No SRV Records Found for dp.ru

Starting Nmap 7.95 ( https://nmap.org ) at 2025-11-11 07:23 UTC
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.05 seconds