JTSEC full recon Anonymous #opnazi #2

#######################################################################################################################################
Hostname 	npiamerica.org 	  	ISP 	Squarespace, Inc. (AS53831)
Continent 	North America 	  	Flag
US
Country 	United States 	  	Country Code 	US (USA)
Region 	Unknown 	  	Local time 	28 Sep 2017 03:22 CDT
Metropolis 	Unknown 	  	Postal Code 	Unknown
City 	Unknown 	  	Latitude 	37.751
IP Address 	65.39.205.61 	  	Longitude 	-97.822
#######################################################################################################################################
[i] Scanning Site: http://npiamerica.org         JTSEC full recon Anonymous #opnazi #2


B A S I C   I N F O
====================


[+] Site Title:
[+] IP address: 65.39.205.61
[+] Web Server: Could Not Detect
[+] CMS: Could Not Detect
[+] Cloudflare: Not Detected
[+] Robots File: Could NOT Find robots.txt!


W H O I S   L O O K U P
========================

	Domain Name: NPIAMERICA.ORG
Registry Domain ID: D162850178-LROR
Registrar WHOIS Server:
Registrar URL: http://www.tucows.com
Updated Date: 2017-03-13T04:58:21Z
Creation Date: 2011-07-22T18:34:06Z
Registry Expiry Date: 2019-07-22T18:34:06Z
Registrar Registration Expiration Date:
Registrar: Tucows Inc.
Registrar IANA ID: 69
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Reseller:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Registry Registrant ID: C140762647-LROR
Registrant Name: Contact Privacy Inc. Customer 0135276165
Registrant Organization: Contact Privacy Inc. Customer 0135276165
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M6K3M1
Registrant Country: CA
Registrant Phone: +1.4165385457
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: npiamerica.org@contactprivacy.com
Registry Admin ID: C140762647-LROR
Admin Name: Contact Privacy Inc. Customer 0135276165
Admin Organization: Contact Privacy Inc. Customer 0135276165
Admin Street: 96 Mowat Ave
Admin City: Toronto
Admin State/Province: ON
Admin Postal Code: M6K3M1
Admin Country: CA
Admin Phone: +1.4165385457
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: npiamerica.org@contactprivacy.com
Registry Tech ID: C140762647-LROR
Tech Name: Contact Privacy Inc. Customer 0135276165
Tech Organization: Contact Privacy Inc. Customer 0135276165
Tech Street: 96 Mowat Ave
Tech City: Toronto
Tech State/Province: ON
Tech Postal Code: M6K3M1
Tech Country: CA
Tech Phone: +1.4165385457
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: npiamerica.org@contactprivacy.com
Name Server: NS1.HOVER.COM
Name Server: NS2.HOVER.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2017-09-28T06:33:58Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.


G E O  I P  L O O K  U P
=========================

[i] IP Address: 65.39.205.61
[i] Country: US
[i] State: N/A
[i] City: N/A
[i] Latitude: 37.750999
[i] Longitude: -97.821999


H T T P   H E A D E R S
=======================


[i]  HTTP/1.0 400 Bad Request
[i]  content-length: 378
[i]  x-synthetic: true
[i]  expires: Thu, 01 Jan 1970 00:00:00 UTC
[i]  pragma: no-cache
[i]  cache-control: no-cache, must-revalidate
[i]  content-type: text/html; charset=UTF-8
[i]  connection: close
[i]  date: Thu, 28 Sep 2017 06:34:59 UTC
[i]  x-contextid: l3AEKv9Z/LL9Tpunq
[i]  x-via: 1.0 echo017


D N S   L O O K U P
===================

npiamerica.org.		896	IN	A	65.39.205.61
npiamerica.org.		900	IN	NS	ns2.hover.com.
npiamerica.org.		900	IN	NS	ns1.hover.com.
npiamerica.org.		900	IN	SOA	ns1.hover.com. dnsmaster.hover.com. 1375732716 10800 3600 604800 900
npiamerica.org.		900	IN	MX	10 mx.hover.com.cust.hostedemail.com.


S U B N E T   C A L C U L A T I O N
====================================

Address       = 65.39.205.61
Network       = 65.39.205.61 / 32
Netmask       = 255.255.255.255
Broadcast     = not needed on Point-to-Point links
Wildcard Mask = 0.0.0.0
Hosts Bits    = 0
Max. Hosts    = 1   (2^0 - 0)
Host Range    = { 65.39.205.61 - 65.39.205.61 }


N M A P   P O R T   S C A N
============================


Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-28 06:35 UTC
Nmap scan report for npiamerica.org (65.39.205.61)
Host is up (0.038s latency).
PORT     STATE    SERVICE       VERSION
21/tcp   filtered ftp
22/tcp   filtered ssh
23/tcp   filtered telnet
25/tcp   filtered smtp
80/tcp   open     rtsp
110/tcp  filtered pop3
143/tcp  filtered imap
443/tcp  open     ssl/https?
445/tcp  filtered microsoft-ds
3389/tcp filtered ms-wbt-server
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 24.98 seconds


S U B - D O M A I N   F I N D E R
==================================


[i] Total Subdomains Found : 2

[+] Subdomain: npiamerica.org
[-] IP: 65.39.205.61

[+] Subdomain: www.npiamerica.org
[-] IP: 65.39.205.61


NetRange:       65.39.205.0 - 65.39.205.255
CIDR:           65.39.205.0/24
NetName:        SQUAR-30
NetHandle:      NET-65-39-205-0-1
Parent:         NET65 (NET-65-0-0-0-0)
NetType:        Direct Assignment
OriginAS:
Organization:   Squarespace, Inc. (SQUAR-30)
RegDate:        2017-04-10
Updated:        2017-04-10
Ref:            https://whois.arin.net/rest/net/NET-65-39-205-0-1


OrgName:        Squarespace, Inc.
OrgId:          SQUAR-30
Address:        225 Varick St
City:           New York
StateProv:      NY
PostalCode:     10014
Country:        US
RegDate:        2012-04-26
Updated:        2017-01-04
Comment:        https://squarespace.com
Ref:            https://whois.arin.net/rest/org/SQUAR-30


OrgNOCHandle: SYSTE409-ARIN
OrgNOCName:   Systems
OrgNOCPhone:  +1-347-758-4644
OrgNOCEmail:  systems-net@squarespace.com
OrgNOCRef:    https://whois.arin.net/rest/poc/SYSTE409-ARIN

OrgTechHandle: SYSTE409-ARIN
OrgTechName:   Systems
OrgTechPhone:  +1-347-758-4644
OrgTechEmail:  systems-net@squarespace.com
OrgTechRef:    https://whois.arin.net/rest/poc/SYSTE409-ARIN

OrgAbuseHandle: ABUSE5803-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-347-758-4644
OrgAbuseEmail:  abuse-network@squarespace.com
OrgAbuseRef:    https://whois.arin.net/rest/poc/ABUSE5803-ARIN


[*] Performing TLD Brute force Enumeration against npiamerica.org
[*] The operation could take up to: 00:01:07
[*] 	 A npiamerica.biz.af 5.45.75.45
[*] 	 CNAME npiamerica.biz.at free.biz.at
[*] 	 A free.biz.at 216.92.134.29
[*] 	 A npiamerica.co.asia 91.195.240.135
[*] 	 A npiamerica.org.aw 142.4.20.12
[*] 	 A npiamerica.co.ba 176.9.45.78
[*] 	 A npiamerica.com.ba 195.222.33.180
[*] 	 A npiamerica.com.be 95.173.170.166
[*] 	 A npiamerica.biz.by 71.18.52.2
[*] 	 A npiamerica.biz.bz 199.59.242.150
[*] 	 A npiamerica.net.cc 54.252.89.206
[*] 	 A npiamerica.com.cc 54.252.107.64
[*] 	 A npiamerica.co.cc 175.126.123.219
[*] 	 A npiamerica.org.ch 72.52.4.122
[*] 	 A npiamerica.biz.cl 185.53.178.8
[*] 	 A npiamerica.com 50.63.202.22
[*] 	 A npiamerica.com.com 52.33.196.199
[*] 	 CNAME npiamerica.biz.cm i.cns.cm
[*] 	 A i.cns.cm 118.184.56.30
[*] 	 A npiamerica.net.com 199.59.242.150
[*] 	 A npiamerica.co.com 173.192.115.17
[*] 	 A npiamerica.org.com 23.23.86.44
[*] 	 A npiamerica.co.cm 85.25.140.105
[*] 	 A npiamerica.net.cm 85.25.140.105
[*] 	 A npiamerica.biz.cr 72.52.4.122
[*] 	 A npiamerica.biz.cx 72.52.4.122
[*] 	 A npiamerica.com.cz 62.109.128.30
[*] 	 A npiamerica.biz.cz 185.53.179.7
[*] 	 A npiamerica.net.cz 80.250.24.177
[*] 	 CNAME npiamerica.co.de co.de
[*] 	 A co.de 144.76.162.245
[*] 	 CNAME npiamerica.org.de www.org.de
[*] 	 A www.org.de 78.47.128.8
[*] 	 A npiamerica.com.de 50.56.68.37
[*] 	 A npiamerica.net.eu 78.46.90.98
[*] 	 A npiamerica.org.eu 78.46.90.98
[*] 	 A npiamerica.biz.fi 185.55.85.123
[*] 	 A npiamerica.fm 173.230.131.38
[*] 	 CNAME npiamerica.com.fi dnspod-vip3.mydnspod.net
[*] 	 A dnspod-vip3.mydnspod.net 119.28.48.218
[*] 	 A dnspod-vip3.mydnspod.net 119.28.48.237
[*] 	 A npiamerica.biz.fm 173.230.131.38
[*] 	 A npiamerica.org.fr 149.202.133.35
[*] 	 A npiamerica.biz.gl 72.52.4.122
[*] 	 CNAME npiamerica.co.gp co.gp
[*] 	 A co.gp 144.76.162.245
[*] 	 A npiamerica.co.hn 208.100.40.203
[*] 	 CNAME npiamerica.biz.hn parkmydomain.vhostgo.com
[*] 	 CNAME parkmydomain.vhostgo.com westuser.dopa.com
[*] 	 A westuser.dopa.com 107.186.245.119
[*] 	 CNAME npiamerica.net.hr net.hr
[*] 	 A net.hr 192.0.78.24
[*] 	 A net.hr 192.0.78.25
[*] 	 A npiamerica.co.ht 72.52.4.122
[*] 	 A npiamerica.co.jobs 50.17.193.222
[*] 	 A npiamerica.com.jobs 50.19.241.165
[*] 	 A npiamerica.net.jobs 50.19.241.165
[*] 	 A npiamerica.biz.jobs 50.19.241.165
[*] 	 A npiamerica.org.jobs 50.19.241.165
[*] 	 A npiamerica.biz.ky 199.184.144.27
[*] 	 A npiamerica.la 173.230.141.80
[*] 	 CNAME npiamerica.biz.li 712936.parkingcrew.net
[*] 	 A 712936.parkingcrew.net 185.53.179.29
[*] 	 A npiamerica.biz.lu 195.26.5.2
[*] 	 A npiamerica.biz.ly 64.136.20.39
[*] 	 A npiamerica.biz.md 72.52.4.122
[*] 	 A npiamerica.co.mk 87.76.31.211
[*] 	 A npiamerica.co.mobi 54.225.105.179
[*] 	 A npiamerica.biz.my 202.190.174.44
[*] 	 A npiamerica.net 104.154.30.61
[*] 	 A npiamerica.co.net 188.166.216.219
[*] 	 A npiamerica.net.net 52.50.81.210
[*] 	 A npiamerica.org.net 23.23.86.44
[*] 	 A npiamerica.com.nl 83.98.157.102
[*] 	 A npiamerica.co.nl 37.97.184.204
[*] 	 A npiamerica.net.nl 83.98.157.102
[*] 	 A npiamerica.co.nr 208.100.40.202
[*] 	 CNAME npiamerica.co.nu co.nu
[*] 	 A co.nu 144.76.162.245
[*] 	 A npiamerica.org.nu 80.92.84.139
[*] 	 CNAME npiamerica.com.nu com.nu
[*] 	 A com.nu 144.76.162.245
[*] 	 A npiamerica.net.nu 199.102.76.78
[*] 	 A npiamerica.org 65.39.205.61
[*] 	 A npiamerica.com.org 23.23.86.44
[*] 	 CNAME npiamerica.net.org pewtrusts.org
[*] 	 A pewtrusts.org 204.74.99.100
[*] 	 A npiamerica.ph 45.79.222.138
[*] 	 A npiamerica.co.ph 45.79.222.138
[*] 	 A npiamerica.com.ph 45.79.222.138
[*] 	 A npiamerica.net.ph 45.79.222.138
[*] 	 A npiamerica.org.ph 45.79.222.138
[*] 	 A npiamerica.co.pl 212.91.6.55
[*] 	 A npiamerica.org.pm 208.73.211.165
[*] 	 A npiamerica.org.pm 208.73.211.177
[*] 	 A npiamerica.org.pm 208.73.210.217
[*] 	 A npiamerica.org.pm 208.73.210.202
[*] 	 A npiamerica.co.ps 66.96.132.56
[*] 	 CNAME npiamerica.biz.ps biz.ps
[*] 	 A biz.ps 144.76.162.245
[*] 	 A npiamerica.co.pt 194.107.127.52
[*] 	 A npiamerica.pw 141.8.226.58
[*] 	 A npiamerica.co.pw 141.8.226.59
[*] 	 A npiamerica.net.pw 141.8.226.59
[*] 	 A npiamerica.biz.pw 141.8.226.59
[*] 	 A npiamerica.org.pw 141.8.226.59
[*] 	 A npiamerica.net.ro 69.64.52.127
[*] 	 A npiamerica.org.re 217.70.184.38
[*] 	 CNAME npiamerica.co.ro now.co.ro
[*] 	 A now.co.ro 185.27.255.9
[*] 	 A npiamerica.com.ru 178.210.89.119
[*] 	 A npiamerica.biz.se 185.53.179.6
[*] 	 CNAME npiamerica.net.se 773147.parkingcrew.net
[*] 	 A 773147.parkingcrew.net 185.53.179.29
[*] 	 A npiamerica.co.sl 91.195.240.135
[*] 	 A npiamerica.com.sr 143.95.106.249
[*] 	 A npiamerica.co.su 72.52.4.122
[*] 	 A npiamerica.biz.st 91.121.28.115
[*] 	 A npiamerica.biz.tc 64.136.20.39
[*] 	 A npiamerica.biz.tf 85.236.153.18
[*] 	 A npiamerica.net.tf 188.40.70.29
[*] 	 A npiamerica.net.tf 188.40.70.27
[*] 	 A npiamerica.net.tf 188.40.117.12
[*] 	 A npiamerica.co.tl 208.100.40.202
[*] 	 A npiamerica.co.to 175.118.124.44
[*] 	 A npiamerica.co.tv 31.186.25.163
[*] 	 A npiamerica.biz.tv 72.52.4.122
[*] 	 A npiamerica.org.tv 72.52.4.122
[*] 	 CNAME npiamerica.biz.uz biz.uz
[*] 	 A biz.uz 144.76.162.245
[*] 	 A npiamerica.vg 88.198.29.97
[*] 	 A npiamerica.co.vg 88.198.29.97
[*] 	 A npiamerica.com.vg 88.198.29.97
[*] 	 A npiamerica.net.vg 68.178.254.180
[*] 	 A npiamerica.biz.vg 89.31.143.20
[*] 	 A npiamerica.ws 64.70.19.203
[*] 	 A npiamerica.biz.ws 184.168.221.104
[*] 	 A npiamerica.com.ws 202.4.48.211
[*] 	 A npiamerica.net.ws 202.4.48.211
[*] 	 A npiamerica.org.ws 202.4.48.211
 + -- ----------------------------=[Running Nslookup]=------------------------ -- +
Server:		192.168.1.254
Address:	192.168.1.254#53

Non-authoritative answer:
Name:	npiamerica.org
Address: 65.39.205.61

npiamerica.org has address 65.39.205.61
npiamerica.org mail is handled by 10 mx.hover.com.cust.hostedemail.com.
 + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
[-] fingerprint:snmp: need UDP port 161 open

Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu

[+] Target is npiamerica.org
[+] Loading modules.
[+] Following modules are loaded:
[x] [1] ping:icmp_ping  -  ICMP echo discovery module
[x] [2] ping:tcp_ping  -  TCP-based ping discovery module
[x] [3] ping:udp_ping  -  UDP-based ping discovery module
[x] [4] infogather:ttl_calc  -  TCP and UDP based TTL distance calculation
[x] [5] infogather:portscan  -  TCP and UDP PortScanner
[x] [6] fingerprint:icmp_echo  -  ICMP Echo request fingerprinting module
[x] [7] fingerprint:icmp_tstamp  -  ICMP Timestamp request fingerprinting module
[x] [8] fingerprint:icmp_amask  -  ICMP Address mask request fingerprinting module
[x] [9] fingerprint:icmp_port_unreach  -  ICMP port unreachable fingerprinting module
[x] [10] fingerprint:tcp_hshake  -  TCP Handshake fingerprinting module
[x] [11] fingerprint:tcp_rst  -  TCP RST fingerprinting module
[x] [12] fingerprint:smb  -  SMB fingerprinting module
[x] [13] fingerprint:snmp  -  SNMPv2c fingerprinting module
[+] 13 modules registered
[+] Initializing scan engine
[+] Running scan engine
[-] ping:tcp_ping module: no closed/open TCP ports known on 65.39.205.61. Module test failed
[-] ping:udp_ping module: no closed/open UDP ports known on 65.39.205.61. Module test failed
[-] No distance calculation. 65.39.205.61 appears to be dead or no ports known
[+] Host: 65.39.205.61 is up (Guess probability: 50%)
[+] Target: 65.39.205.61 is alive. Round-Trip Time: 0.49960 sec
[+] Selected safe Round-Trip Time value is: 0.99919 sec
[-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
[-] fingerprint:smb need either TCP port 139 or 445 to run
[+] Primary guess:
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Other guesses:
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Host 65.39.205.61 Running OS:  (Guess probability: 100%)
[+] Cleaning up scan engine
[+] Modules deinitialized
[+] Execution completed.
 + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
Domain Name: NPIAMERICA.ORG
Registry Domain ID: D162850178-LROR
Registrar WHOIS Server:
Registrar URL: http://www.tucows.com
Updated Date: 2017-03-13T04:58:21Z
Creation Date: 2011-07-22T18:34:06Z
Registry Expiry Date: 2019-07-22T18:34:06Z
Registrar Registration Expiration Date:
Registrar: Tucows Inc.
Registrar IANA ID: 69
Registrar Abuse Contact Email:
Registrar Abuse Contact Phone:
Reseller:
Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
Registry Registrant ID: C140762647-LROR
Registrant Name: Contact Privacy Inc. Customer 0135276165
Registrant Organization: Contact Privacy Inc. Customer 0135276165
Registrant Street: 96 Mowat Ave
Registrant City: Toronto
Registrant State/Province: ON
Registrant Postal Code: M6K3M1
Registrant Country: CA
Registrant Phone: +1.4165385457
Registrant Phone Ext:
Registrant Fax:
Registrant Fax Ext:
Registrant Email: npiamerica.org@contactprivacy.com
Registry Admin ID: C140762647-LROR
Admin Name: Contact Privacy Inc. Customer 0135276165
Admin Organization: Contact Privacy Inc. Customer 0135276165
Admin Street: 96 Mowat Ave
Admin City: Toronto
Admin State/Province: ON
Admin Postal Code: M6K3M1
Admin Country: CA
Admin Phone: +1.4165385457
Admin Phone Ext:
Admin Fax:
Admin Fax Ext:
Admin Email: npiamerica.org@contactprivacy.com
Registry Tech ID: C140762647-LROR
Tech Name: Contact Privacy Inc. Customer 0135276165
Tech Organization: Contact Privacy Inc. Customer 0135276165
Tech Street: 96 Mowat Ave
Tech City: Toronto
Tech State/Province: ON
Tech Postal Code: M6K3M1
Tech Country: CA
Tech Phone: +1.4165385457
Tech Phone Ext:
Tech Fax:
Tech Fax Ext:
Tech Email: npiamerica.org@contactprivacy.com
Name Server: NS1.HOVER.COM
Name Server: NS2.HOVER.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2017-09-28T06:32:46Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
 + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +

*******************************************************************
*                                                                 *
* | |_| |__   ___    /\  /\__ _ _ ____   _____  ___| |_ ___ _ __  *
* | __| '_ \ / _ \  / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
* | |_| | | |  __/ / __  / (_| | |   \ V /  __/\__ \ ||  __/ |    *
*  \__|_| |_|\___| \/ /_/ \__,_|_|    \_/ \___||___/\__\___|_|    *
*                                                                 *
* TheHarvester Ver. 2.7                                           *
* Coded by Christian Martorella                                   *
* Edge-Security Research                                          *
* cmartorella@edge-security.com                                   *
*******************************************************************


[-] Searching in Bing:
	Searching 50 results...
	Searching 100 results...


[+] Emails found:
------------------
No emails found

[+] Hosts found in search engines:
------------------------------------
[-] Resolving hostnames IPs...
 + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +

; <<>> DiG 9.10.3-P4-Debian <<>> -x npiamerica.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59658
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;org.npiamerica.in-addr.arpa.	IN	PTR

;; AUTHORITY SECTION:
in-addr.arpa.		3600	IN	SOA	b.in-addr-servers.arpa. nstld.iana.org. 2017043195 1800 900 604800 3600

;; Query time: 202 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Thu Sep 28 02:34:04 EDT 2017
;; MSG SIZE  rcvd: 124

Smartmatch is experimental at /usr/bin/dnsenum line 698.
Smartmatch is experimental at /usr/bin/dnsenum line 698.
AXFR record query failed: REFUSED
AXFR record query failed: REFUSED
dnsenum VERSION:1.2.4

-----   npiamerica.org   -----


Host's addresses:
__________________

npiamerica.org.                          877      IN    A        65.39.205.61


Name Servers:
______________

ns2.hover.com.                           900      IN    A        64.98.148.13
ns1.hover.com.                           575      IN    A        216.40.47.26


Mail (MX) Servers:
___________________

mx.hover.com.cust.hostedemail.com.       3600     IN    A        216.40.42.4


Trying Zone Transfers and getting Bind Versions:
_________________________________________________


Trying Zone Transfer for npiamerica.org on ns2.hover.com ...

Trying Zone Transfer for npiamerica.org on ns1.hover.com ...

brute force file not specified, bay.
 + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +

                 ____        _     _ _     _   _____
                / ___| _   _| |__ | (_)___| |_|___ / _ __
                \___ \| | | | '_ \| | / __| __| |_ \| '__|
                 ___) | |_| | |_) | | \__ \ |_ ___) | |
                |____/ \__,_|_.__/|_|_|___/\__|____/|_|

                # Coded By Ahmed Aboul-Ela - @aboul3la

[-] Enumerating subdomains now for npiamerica.org
[-] verbosity is enabled, will show the subdomains results in realtime
[-] Searching now in Baidu..
[-] Searching now in Yahoo..
[-] Searching now in Google..
[-] Searching now in Bing..
[-] Searching now in Ask..
[-] Searching now in Netcraft..
[-] Searching now in DNSdumpster..
[-] Searching now in Virustotal..
[-] Searching now in ThreatCrowd..
[-] Searching now in SSL Certificates..
[-] Searching now in PassiveDNS..
ThreatCrowd: www.npiamerica.org
SSL Certificates: www.npiamerica.org
Yahoo: www.npiamerica.org
Virustotal: www.npiamerica.org
Netcraft: www.npiamerica.org


 + -- ----------------------------=[Pinging host]=---------------------------- -- +
PING npiamerica.org (65.39.205.61) 56(84) bytes of data.
64 bytes from 65.39.205.61 (65.39.205.61): icmp_seq=1 ttl=244 time=221 ms

--- npiamerica.org ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 221.375/221.375/221.375/0.000 ms

 + -- ----------------------------=[Running TCP port scan]=------------------- -- +

Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-28 02:34 EDT
Nmap scan report for npiamerica.org (65.39.205.61)
Host is up (0.24s latency).
Not shown: 471 filtered ports
Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 16.45 seconds

 + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
 + -- --=[Port 21 closed... skipping.
 + -- --=[Port 22 closed... skipping.
 + -- --=[Port 23 closed... skipping.
 + -- --=[Port 25 closed... skipping.
 + -- --=[Port 53 closed... skipping.
 + -- --=[Port 79 closed... skipping.
 + -- --=[Port 80 opened... running tests...
 + -- ----------------------------=[Checking for WAF]=------------------------ -- +

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking http://npiamerica.org
Generic Detection results:
No WAF detected by the generic detection
Number of requests: 13

 + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
http://npiamerica.org [200 OK] Cookies[JSESSIONID,ss_sd], Country[UNITED STATES][US], Frame, HTTPServer[SSWS], HttpOnly[JSESSIONID], IP[65.39.205.61], Script[text/javascript], Title[Squarespace - Claim This Domain][Title element contains newline(s)!], UncommonHeaders[x-contextid,x-servedby,x-via]

	__  ______ _____
	\ \/ / ___|_   _|
	 \  /\___ \ | |
	 /  \ ___) || |
	/_/\_|____/ |_|

+ -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
+ -- --=[Target: npiamerica.org:80
+ -- --=[Site not vulnerable to Cross-Site Tracing!
+ -- --=[Site not vulnerable to Host Header Injection!
+ -- --=[Site vulnerable to Cross-Frame Scripting!
+ -- --=[Site vulnerable to Clickjacking!

HTTP/1.1 501 Not Implemented
content-length: 386
x-synthetic: true
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
connection: close
date: Thu, 28 Sep 2017 06:35:09 UTC
x-contextid: SMyawdJh/qAJO5HGN
x-via: 1.1 echo028

<html>
<head>
<title>501 Not Implemented</title>
<style> body { background-color: #F2F2F2; color: #3E3E3E; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; } pre { word-wrap: break-word; } </style>
</head>
<body>
<h1>501 Not Implemented</h1>
<p><pre>SMyawdJh/qAJO5HGN @ Thu, 28 Sep 2017 06:35:09 GMT</pre>
<p><pre>SEC-45</pre>
<p><pre></pre>
</body>
</html>
HTTP/1.1 400 Bad Request
content-length: 378
x-synthetic: true
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
connection: close
date: Thu, 28 Sep 2017 06:35:10 UTC
x-contextid: D8r3fCSW/IBIz0suh
x-via: 1.1 echo019

<html>
<head>
<title>400 Bad Request</title>
<style> body { background-color: #F2F2F2; color: #3E3E3E; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; } pre { word-wrap: break-word; } </style>
</head>
<body>
<h1>400 Bad Request</h1>
<p><pre>D8r3fCSW/IBIz0suh @ Thu, 28 Sep 2017 06:35:10 GMT</pre>
<p><pre>SEC-43</pre>
<p><pre></pre>
</body>
</html>


 + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
+ -- --=[Checking if X-Content options are enabled on npiamerica.org...

+ -- --=[Checking if X-Frame options are enabled on npiamerica.org...

+ -- --=[Checking if X-XSS-Protection header is enabled on npiamerica.org...

+ -- --=[Checking HTTP methods on npiamerica.org...
Access-Control-Allow-Credentials: true
Access-Control-Allow-Method: POST, OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type

+ -- --=[Checking if TRACE method is enabled on npiamerica.org...

+ -- --=[Checking for META tags on npiamerica.org...
    <meta name="keywords" content="home page, web host, webhost, home, homepage, webpage, square space, squarespace, website, site maker, site builder, website maker, website builder, publishing, personal publishing, personal website, weblog, blog, web log" />
    <meta name="description" content="Squarespace. A new way of thinking about website publishing." />
    <meta name="copyright" content="(c) 2003-2004 Squarespace, Inc." />
    <meta name="MSSmartTagsPreventParsing" content="true" />
    <meta name="robots" content="noindex,nofollow,noarchive" />

+ -- --=[Checking for open proxy on npiamerica.org...
            <div id="footer">
              Copyright &copy; 2003-2017, Squarespace Inc. unless otherwise noted.  All rights reserved.<br />
              <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
            </div>
          </div>
        </div>
      </div>
    </div>
  </body>
</html>

+ -- --=[Enumerating software on npiamerica.org...
Server: SSWS

+ -- --=[Checking if Strict-Transport-Security is enabled on npiamerica.org...

+ -- --=[Checking for Flash cross-domain policy on npiamerica.org...
            <div id="footer">
              Copyright &copy; 2003-2017, Squarespace Inc. unless otherwise noted.  All rights reserved.<br />
              <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
            </div>
          </div>
        </div>
      </div>
    </div>
  </body>
</html>

+ -- --=[Checking for Silverlight cross-domain policy on npiamerica.org...
            <div id="footer">
              Copyright &copy; 2003-2017, Squarespace Inc. unless otherwise noted.  All rights reserved.<br />
              <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
            </div>
          </div>
        </div>
      </div>
    </div>
  </body>
</html>

+ -- --=[Checking for HTML5 cross-origin resource sharing on npiamerica.org...

+ -- --=[Retrieving robots.txt on npiamerica.org...
            <div id="footer">
              Copyright &copy; 2003-2017, Squarespace Inc. unless otherwise noted.  All rights reserved.<br />
              <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
            </div>
          </div>
        </div>
      </div>
    </div>
  </body>
</html>

+ -- --=[Retrieving sitemap.xml on npiamerica.org...
            <div id="footer">
              Copyright &copy; 2003-2017, Squarespace Inc. unless otherwise noted.  All rights reserved.<br />
              <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
            </div>
          </div>
        </div>
      </div>
    </div>
  </body>
</html>

+ -- --=[Checking cookie attributes on npiamerica.org...
Set-Cookie: JSESSIONID=D7E041DE6A982244EBC87D9FB5B809D7.v5-web020; Path=/; HttpOnly
set-cookie: ss_sd=eyJpZCI6IjZlMWVmOTA5ZTU1YmJjNWI2YTNjZWEyOTQ3OGIwMzBjNjNlNTBjNjUiLCJ0cyI6MTUwNjU4MDUyMDM3N32gX3ahUPhD2cDvGNclg3yYJkMKLA; Path=/

+ -- --=[Checking for ASP.NET Detailed Errors on npiamerica.org...
    <link rel="stylesheet" type="text/css" href="/universal/styles/service-error-pages.css?CE=75" title="default" />
    <div id="error-page">
              <a href="http://www.squarespace.com"><img src="/universal/images/error-pages/logo-emboss.png" style="border: none;" alt="SQUARESPACE" /></a>
    <link rel="stylesheet" type="text/css" href="/universal/styles/service-error-pages.css?CE=75" title="default" />
    <div id="error-page">
              <a href="http://www.squarespace.com"><img src="/universal/images/error-pages/logo-emboss.png" style="border: none;" alt="SQUARESPACE" /></a>


 + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP:          65.39.205.61
+ Target Hostname:    npiamerica.org
+ Target Port:        80
+ Start Time:         2017-09-28 02:35:22 (GMT-4)
---------------------------------------------------------------------------
+ Server: SSWS
+ Cookie ss_sd created without the httponly flag
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
+ Uncommon header 'x-via' found, with contents: 1.1 echo007
+ Uncommon header 'x-servedby' found, with contents: v5-web008
+ Uncommon header 'x-contextid' found, with contents: wYDcDXHj/GERivrKa
+ The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
+ Uncommon header 'x-synthetic' found, with contents: true
+ No CGI Directories found (use '-C all' to force check all possible dirs)
+ Server leaks inodes via ETags, header found with file /universal/favicon.ico, fields: 0xW/1150 0x1505845310000
+ Uncommon header 'access-control-allow-method' found, with contents: POST, OPTIONS
+ OSVDB-3092: /css: This might be interesting...
+ OSVDB-3092: /service/: This might be interesting...
+ /configuration/: Admin login page/section found.
+ 7464 requests: 13 error(s) and 13 item(s) reported on remote host
+ End Time:           2017-09-28 03:40:06 (GMT-4) (3884 seconds)
---------------------------------------------------------------------------
+ 1 host(s) tested
 + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
[+] Screenshot saved to /usr/share/sniper/loot/screenshots/npiamerica.org-port80.jpg
 + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
 + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +

    _____  .701F. .iBR.   .7CL. .70BR.   .7BR. .7BR'''Cq.   .70BR.      .1BR'''Yp, .8BR'''Cq.
   (_____)   01     01N.    C     01       C     01   .01.    01          01    Yb   01   .01.
   (() ())   01     C YCb   C     01       C     01   ,C9     01          01    dP   01   ,C9
    \   /    01     C  .CN. C     01       C     0101dC9      01          01'''bg.   0101dC9
     \ /     01     C   .01.C     01       C     01  YC.      01      ,   01    .Y   01  YC.
     /=\     01     C     Y01     YC.     ,C     01   .Cb.    01     ,C   01    ,9   01   .Cb.
    [___]  .J01L. .JCL.    YC      .b0101d'.   .J01L. .J01. .J01010101C .J0101Cd9  .J01L. .J01./ 2.1

__[ ! ] Neither war between hackers, nor peace for the system.
__[ ! ] http://blog.inurl.com.br
__[ ! ] http://fb.com/InurlBrasil
__[ ! ] http://twitter.com/@googleinurl
__[ ! ] http://github.com/googleinurl
__[ ! ] Current PHP version::[ 7.0.22-3 ]
__[ ! ] Current script owner::[ root ]
__[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
__[ ! ] Current pwd::[ /usr/share/sniper ]
__[ ! ] Help: php inurlbr.php --help
------------------------------------------------------------------------------------------------------------------------

[ ! ] Starting SCANNER INURLBR 2.1 at [28-09-2017 03:41:29]
[ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
It is the end user's responsibility to obey all applicable local, state and federal laws.
Developers assume no liability and are not responsible for any misuse or damage caused by this program

[ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-npiamerica.org.txt  ]
[ INFO ][ DORK ]::[ site:npiamerica.org ]
[ INFO ][ SEARCHING ]:: {
[ INFO ][ ENGINE ]::[ GOOGLE - www.google.jo ]

[ INFO ][ SEARCHING ]::
-[:::]
[ INFO ][ ENGINE ]::[ GOOGLE API ]

[ INFO ][ SEARCHING ]::
-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
[ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.ie ID: 013269018370076798483:wdba3dlnxqm ]

[ INFO ][ SEARCHING ]::
-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]

[ INFO ][ TOTAL FOUND VALUES ]:: [ 6 ]


 _[ - ]::--------------------------------------------------------------------------------------------------------------
|_[ + ] [ 0 / 6 ]-[03:41:39] [ - ]
|_[ + ] Target:: [ https://www.npiamerica.org/s/TheFoundersonRaceTaylor-fxjn.pdf ]
|_[ + ] Exploit::
|_[ + ] Information Server:: ,   , IP::0
|_[ + ] More details::
|_[ + ] Found:: UNIDENTIFIED
|_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org

 _[ - ]::--------------------------------------------------------------------------------------------------------------
|_[ + ] [ 1 / 6 ]-[03:41:39] [ - ]
|_[ + ] Target:: [ http://www.npiamerica.org/the-national-policy-institute/blog/mcworld-and-the-mujahedin ]
|_[ + ] Exploit::
|_[ + ] Information Server:: ,   , IP::0
|_[ + ] More details::
|_[ + ] Found:: UNIDENTIFIED
|_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org

 _[ - ]::--------------------------------------------------------------------------------------------------------------
|_[ + ] [ 2 / 6 ]-[03:41:39] [ - ]
|_[ + ] Target:: [ https://www.npiamerica.org/podcast/category/2013-conference-preview ]
|_[ + ] Exploit::
|_[ + ] Information Server:: ,   , IP::0
|_[ + ] More details::
|_[ + ] Found:: UNIDENTIFIED
|_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org

 _[ - ]::--------------------------------------------------------------------------------------------------------------
|_[ + ] [ 3 / 6 ]-[03:41:39] [ - ]
|_[ + ] Target:: [ https://www.npiamerica.org/the-national-policy-institute/blog/the-martin-zimmerman-case-the-facts ]
|_[ + ] Exploit::
|_[ + ] Information Server:: ,   , IP::0
|_[ + ] More details::
|_[ + ] Found:: UNIDENTIFIED
|_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org

 _[ - ]::--------------------------------------------------------------------------------------------------------------
|_[ + ] [ 4 / 6 ]-[03:41:39] [ - ]
|_[ + ] Target:: [ http://www.npiamerica.org/the-national-policy-institute/blog/apocalypse-now ]
|_[ + ] Exploit::
|_[ + ] Information Server:: ,   , IP::0
|_[ + ] More details::
|_[ + ] Found:: UNIDENTIFIED
|_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org

 _[ - ]::--------------------------------------------------------------------------------------------------------------
|_[ + ] [ 5 / 6 ]-[03:41:39] [ - ]
|_[ + ] Target:: [ http://www.npiamerica.org/the-national-policy-institute/blog/the-civil-rights-myth ]
|_[ + ] Exploit::
|_[ + ] Information Server:: ,   , IP::0
|_[ + ] More details::
|_[ + ] Found:: UNIDENTIFIED
|_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org

[ INFO ] [ Shutting down ]
[ INFO ] [ End of process INURLBR at [28-09-2017 03:41:39]
[ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
[ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-npiamerica.org.txt  ]
|_________________________________________________________________________________________

\_________________________________________________________________________________________/

 + -- --=[Port 110 closed... skipping.
 + -- --=[Port 111 closed... skipping.
 + -- --=[Port 135 closed... skipping.
 + -- --=[Port 139 closed... skipping.
 + -- --=[Port 161 closed... skipping.
 + -- --=[Port 162 closed... skipping.
 + -- --=[Port 389 closed... skipping.
 + -- --=[Port 443 opened... running tests...
 + -- ----------------------------=[Checking for WAF]=------------------------ -- +
Traceback (most recent call last):
  File "/usr/bin/wafw00f", line 8, in <module>

                                 ^     ^
        _   __  _   ____ _   __  _    _   ____
       ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
      | V V // o // _/ | V V // 0 // 0 // _/
      |_n_,'/_n_//_/   |_n_,' \_,' \_,'/_/
                                <
                                 ...'

    WAFW00F - Web Application Firewall Detection Tool

    By Sandro Gauci && Wendel G. Henrique

Checking https://npiamerica.org
    main()
  File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 808, in main
    if attacker.normalrequest() is None:
  File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 96, in normalrequest
    return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
  File "/usr/lib/python2.7/dist-packages/wafw00f/lib/evillib.py", line 323, in request
    h.request(method, path, headers=headers)
  File "/usr/lib/python2.7/httplib.py", line 1042, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.7/httplib.py", line 1082, in _send_request
    self.endheaders(body)
  File "/usr/lib/python2.7/httplib.py", line 1038, in endheaders
    self._send_output(message_body)
  File "/usr/lib/python2.7/httplib.py", line 882, in _send_output
    self.send(msg)
  File "/usr/lib/python2.7/httplib.py", line 844, in send
    self.connect()
  File "/usr/lib/python2.7/httplib.py", line 1263, in connect
    server_hostname=server_hostname)
  File "/usr/lib/python2.7/ssl.py", line 363, in wrap_socket
    _context=self)
  File "/usr/lib/python2.7/ssl.py", line 611, in __init__
    self.do_handshake()
  File "/usr/lib/python2.7/ssl.py", line 848, in do_handshake
    match_hostname(self.getpeercert(), self.server_hostname)
  File "/usr/lib/python2.7/ssl.py", line 282, in match_hostname
    % (hostname, ', '.join(map(repr, dnsnames))))
ssl.CertificateError: hostname 'npiamerica.org' doesn't match either of '*.squarespace.com', 'squarespace.com'

 + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
   ____ _                 _ _____     _ _
  / ___| | ___  _   _  __| |  ___|_ _(_) |
 | |   | |/ _ \| | | |/ _` | |_ / _` | | |
 | |___| | (_) | |_| | (_| |  _| (_| | | |
  \____|_|\___/ \__,_|\__,_|_|  \__,_|_|_|
    v1.0.1                      by m0rtem


[03:41:50] Initializing CloudFail - the date is: 28/09/2017
[03:41:50] Fetching initial information from: npiamerica.org...
[03:41:50] Server IP: 65.39.205.61
[03:41:50] Testing if npiamerica.org is on the Cloudflare network...
[03:41:50] npiamerica.org is not part of the Cloudflare network, quitting...
 + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
https://npiamerica.org [200 OK] Cookies[JSESSIONID,ss_sd], Country[UNITED STATES][US], Frame, HTTPServer[SSWS], HttpOnly[JSESSIONID], IP[65.39.205.61], Script[text/javascript], Title[Squarespace - Claim This Domain][Title element contains newline(s)!], UncommonHeaders[x-contextid,x-servedby,x-via]

 + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +


 AVAILABLE PLUGINS
 -----------------

  PluginSessionResumption
  PluginOpenSSLCipherSuites
  PluginCertInfo
  PluginHSTS
  PluginHeartbleed
  PluginCompression
  PluginChromeSha1Deprecation
  PluginSessionRenegotiation


 CHECKING HOST(S) AVAILABILITY
 -----------------------------

   npiamerica.org:443                  => 65.39.205.61:443


 SCAN RESULTS FOR NPIAMERICA.ORG:443 - 65.39.205.61:443
 ------------------------------------------------------

  * Deflate Compression:
      OK - Compression disabled

  * Session Renegotiation:
      Client-initiated Renegotiations:   OK - Rejected
      Secure Renegotiation:              OK - Supported

  * Certificate - Content:
      SHA1 Fingerprint:                  c430dffb8ef5eef744fe69ca01870a3b2bfed83f
      Common Name:                       *.squarespace.com
      Issuer:                            DigiCert SHA2 High Assurance Server CA
      Serial Number:                     054A4A7D8CECA20E03B849428D213BB5
      Not Before:                        May 31 00:00:00 2017 GMT
      Not After:                         Jul  3 12:00:00 2019 GMT
      Signature Algorithm:               sha256WithRSAEncryption
      Public Key Algorithm:              rsaEncryption
      Key Size:                          2048 bit
      Exponent:                          65537 (0x10001)
      X509v3 Subject Alternative Name:   {'DNS': ['*.squarespace.com', 'squarespace.com']}

  * Certificate - Trust:
      Hostname Validation:               FAILED - Certificate does NOT match npiamerica.org
      Google CA Store (09/2015):         OK - Certificate is trusted
      Java 6 CA Store (Update 65):       OK - Certificate is trusted
      Microsoft CA Store (09/2015):      OK - Certificate is trusted
      Mozilla NSS CA Store (09/2015):    OK - Certificate is trusted
      Apple CA Store (OS X 10.10.5):     OK - Certificate is trusted
      Certificate Chain Received:        ['*.squarespace.com', 'DigiCert SHA2 High Assurance Server CA']

  * Certificate - OCSP Stapling:
      OCSP Response Status:              successful
      Validation w/ Mozilla's CA Store:  OK - Response is trusted
      Responder Id:                      5168FF90AF0207753CCCD9656462A212B859723B
      Cert Status:                       good
      Cert Serial Number:                054A4A7D8CECA20E03B849428D213BB5
      This Update:                       Sep 28 02:02:34 2017 GMT
      Next Update:                       Oct  5 01:17:34 2017 GMT

  * SSLV2 Cipher Suites:
      Server rejected all cipher suites.

  * SSLV3 Cipher Suites:
      Server rejected all cipher suites.

  * Session Resumption:
      With Session IDs:                  NOT SUPPORTED (0 successful, 5 failed, 0 errors, 5 total attempts).
      With TLS Session Tickets:          NOT SUPPORTED - TLS ticket not assigned.


 SCAN COMPLETED IN 9.77 S
 ------------------------
Version: 1.11.10-static
OpenSSL 1.0.2-chacha (1.0.2g-dev)

Testing SSL server npiamerica.org on port 443 using SNI name npiamerica.org

  TLS Fallback SCSV:
Server supports TLS Fallback SCSV

  TLS renegotiation:
Secure session renegotiation supported

  TLS Compression:
Compression disabled

  Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

  Supported Server Cipher(s):
Preferred TLSv1.2  128 bits  ECDHE-RSA-AES128-GCM-SHA256   Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-GCM-SHA384   Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-GCM-SHA256     DHE 2048 bits
Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-GCM-SHA384     DHE 2048 bits
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA256       Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA384       Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-SHA256         DHE 2048 bits
Accepted  TLSv1.2  128 bits  DHE-RSA-AES128-SHA            DHE 2048 bits
Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-SHA256         DHE 2048 bits
Accepted  TLSv1.2  256 bits  DHE-RSA-AES256-SHA            DHE 2048 bits
Accepted  TLSv1.2  128 bits  AES128-GCM-SHA256
Accepted  TLSv1.2  256 bits  AES256-GCM-SHA384
Accepted  TLSv1.2  128 bits  AES128-SHA256
Accepted  TLSv1.2  256 bits  AES256-SHA256
Accepted  TLSv1.2  128 bits  AES128-SHA
Accepted  TLSv1.2  256 bits  AES256-SHA
Preferred TLSv1.1  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.1  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.1  128 bits  DHE-RSA-AES128-SHA            DHE 2048 bits
Accepted  TLSv1.1  256 bits  DHE-RSA-AES256-SHA            DHE 2048 bits
Accepted  TLSv1.1  128 bits  AES128-SHA
Accepted  TLSv1.1  256 bits  AES256-SHA
Preferred TLSv1.0  128 bits  ECDHE-RSA-AES128-SHA          Curve P-256 DHE 256
Accepted  TLSv1.0  256 bits  ECDHE-RSA-AES256-SHA          Curve P-256 DHE 256
Accepted  TLSv1.0  128 bits  DHE-RSA-AES128-SHA            DHE 2048 bits
Accepted  TLSv1.0  256 bits  DHE-RSA-AES256-SHA            DHE 2048 bits
Accepted  TLSv1.0  128 bits  AES128-SHA
Accepted  TLSv1.0  256 bits  AES256-SHA

  SSL Certificate:
Signature Algorithm: sha256WithRSAEncryption
RSA Key Strength:    2048

Subject:  *.squarespace.com
Altnames: DNS:*.squarespace.com, DNS:squarespace.com
Issuer:   DigiCert SHA2 High Assurance Server CA

Not valid before: May 31 00:00:00 2017 GMT
Not valid after:  Jul  3 12:00:00 2019 GMT

######################################################################################################################################
    testssl       2.9dev from https://testssl.sh/dev/

      This program is free software. Distribution and
             modification under GPLv2 permitted.
      USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

       Please file bugs @ https://testssl.sh/bugs/

######################################################################################################################################

 Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
 on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
 (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")


 Start 2017-09-28 03:42:52        -->> 65.39.205.61:443 (npiamerica.org) <<--

 rDNS (65.39.205.61):    --
 Service detected:       HTTP


 Testing protocols via sockets except SPDY+HTTP2

 SSLv2      not offered (OK)
 SSLv3      not offered (OK)
 TLS 1      offered
 TLS 1.1    offered
 TLS 1.2    offered (OK)
 SPDY/NPN   not offered
 HTTP2/ALPN h2, http/1.1 (offered)

 Testing ~standard cipher categories

 NULL ciphers (no encryption)                  not offered (OK)
 Anonymous NULL Ciphers (no authentication)    not offered (OK)
 Export ciphers (w/o ADH+NULL)                 not offered (OK)
 LOW: 64 Bit + DES encryption (w/o export)     not offered (OK)
 Weak 128 Bit ciphers (SEED, IDEA, RC[2,4])    not offered (OK)
 Triple DES Ciphers (Medium)                   not offered (OK)
 High encryption (AES+Camellia, no AEAD)       offered (OK)
 Strong encryption (AEAD ciphers)              offered (OK)


 Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4

 PFS is offered (OK)          ECDHE-RSA-AES256-GCM-SHA384
                              ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
                              DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
                              DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
                              ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
                              DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
                              DHE-RSA-AES128-SHA
 Elliptic curves offered:     prime256v1


 Testing server preferences

 Has server cipher order?     yes (OK)
 Negotiated protocol          TLSv1.2
 Negotiated cipher            ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Cipher order
    TLSv1:     ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA
               DHE-RSA-AES256-SHA AES128-SHA AES256-SHA
    TLSv1.1:   ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA
               DHE-RSA-AES256-SHA AES128-SHA AES256-SHA
    TLSv1.2:   ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
               DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384
               ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384
               ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256
               DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
               AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256
               AES128-SHA AES256-SHA


 Testing server defaults (Server Hello)

 TLS extensions (standard)    "server name/#0" "renegotiation info/#65281"
                              "EC point formats/#11" "status request/#5"
                              "application layer protocol negotiation/#16"
 Session Ticket RFC 5077 hint (no lifetime advertised)
 SSL Session ID support       yes
 Session Resumption           Tickets no, ID: no
 TLS clock skew               Random values, no fingerprinting possible
 Signature Algorithm          SHA256 with RSA
 Server key size              RSA 2048 bits
 Fingerprint / Serial         SHA1 C430DFFB8EF5EEF744FE69CA01870A3B2BFED83F / 054A4A7D8CECA20E03B849428D213BB5
                              SHA256 5C6BA46ACEC6D420F7F79E379BDCDCF811A8D26535167B83DA4C8F20B9FC6C51
 Common Name (CN)             *.squarespace.com
 subjectAltName (SAN)         *.squarespace.com squarespace.com
 Issuer                       DigiCert SHA2 High Assurance Server CA (DigiCert Inc from US)
 Trust (hostname)             certificate does not match supplied URI (same w/o SNI)
 Chain of trust               Ok
 EV cert (experimental)       no
 Certificate Expiration       643 >= 60 days (2017-05-30 20:00 --> 2019-07-03 08:00 -0400)
 # of certificates provided   2
 Certificate Revocation List  http://crl3.digicert.com/sha2-ha-server-g5.crl
                              http://crl4.digicert.com/sha2-ha-server-g5.crl
 OCSP URI                     http://ocsp.digicert.com
 OCSP stapling                offered
 OCSP must staple             no
 DNS CAA RR (experimental)    --
 Certificate Transparency     no


 Testing HTTP header response @ "/"

 HTTP Status Code             200 OK
 HTTP clock skew              -1 sec from localtime
 Strict Transport Security    --
 Public Key Pinning           --
 Server banner                SSWS
 Application banner           --
 Cookie(s)                    2 issued: NONE secure, 1/2 HttpOnly
 Security headers             --
 Reverse Proxy banner         --


 Testing vulnerabilities

 Heartbleed (CVE-2014-0160)                not vulnerable (OK), no heartbeat extension
 CCS (CVE-2014-0224)                       not vulnerable (OK)
 Ticketbleed (CVE-2016-9244), experiment.  not vulnerable (OK), no session ticket extension
 Secure Renegotiation (CVE-2009-3555)      not vulnerable (OK)
 Secure Client-Initiated Renegotiation     not vulnerable (OK)
 CRIME, TLS (CVE-2012-4929)                not vulnerable (OK)
 BREACH (CVE-2013-3587)                    no HTTP compression (OK)  - only supplied "/" tested
 POODLE, SSL (CVE-2014-3566)               not vulnerable (OK)
 TLS_FALLBACK_SCSV (RFC 7507)              Downgrade attack prevention supported (OK)
 SWEET32 (CVE-2016-2183, CVE-2016-6329)    not vulnerable (OK)
 FREAK (CVE-2015-0204)                     not vulnerable (OK)
 DROWN (CVE-2016-0800, CVE-2016-0703)      not vulnerable on this host and port (OK)
                                           make sure you don't use this certificate elsewhere with SSLv2 enabled services
                                           https://censys.io/ipv4?q=5C6BA46ACEC6D420F7F79E379BDCDCF811A8D26535167B83DA4C8F20B9FC6C51 could help you to find out
 LOGJAM (CVE-2015-4000), experimental      not vulnerable (OK): no DH EXPORT ciphers, no common primes detected
 BEAST (CVE-2011-3389)                     TLS1: ECDHE-RSA-AES128-SHA
                                                 ECDHE-RSA-AES256-SHA
                                                 DHE-RSA-AES128-SHA
                                                 DHE-RSA-AES256-SHA AES128-SHA
                                                 AES256-SHA
                                           VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
 LUCKY13 (CVE-2013-0169), experimental     potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
 RC4 (CVE-2013-2566, CVE-2015-2808)        no RC4 ciphers detected (OK)


 Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength

Hexcode  Cipher Suite Name (OpenSSL)       KeyExch.   Encryption  Bits     Cipher Suite Name (RFC)
-----------------------------------------------------------------------------------------------------------------------------
 xc030   ECDHE-RSA-AES256-GCM-SHA384       ECDH 256   AESGCM      256      TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 xc028   ECDHE-RSA-AES256-SHA384           ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
 xc014   ECDHE-RSA-AES256-SHA              ECDH 256   AES         256      TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 x9f     DHE-RSA-AES256-GCM-SHA384         DH 2048    AESGCM      256      TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
 x6b     DHE-RSA-AES256-SHA256             DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
 x39     DHE-RSA-AES256-SHA                DH 2048    AES         256      TLS_DHE_RSA_WITH_AES_256_CBC_SHA
 x9d     AES256-GCM-SHA384                 RSA        AESGCM      256      TLS_RSA_WITH_AES_256_GCM_SHA384
 x3d     AES256-SHA256                     RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA256
 x35     AES256-SHA                        RSA        AES         256      TLS_RSA_WITH_AES_256_CBC_SHA
 xc02f   ECDHE-RSA-AES128-GCM-SHA256       ECDH 256   AESGCM      128      TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 xc027   ECDHE-RSA-AES128-SHA256           ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 xc013   ECDHE-RSA-AES128-SHA              ECDH 256   AES         128      TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 x9e     DHE-RSA-AES128-GCM-SHA256         DH 2048    AESGCM      128      TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
 x67     DHE-RSA-AES128-SHA256             DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
 x33     DHE-RSA-AES128-SHA                DH 2048    AES         128      TLS_DHE_RSA_WITH_AES_128_CBC_SHA
 x9c     AES128-GCM-SHA256                 RSA        AESGCM      128      TLS_RSA_WITH_AES_128_GCM_SHA256
 x3c     AES128-SHA256                     RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA256
 x2f     AES128-SHA                        RSA        AES         128      TLS_RSA_WITH_AES_128_CBC_SHA


 Running client simulations via sockets

 Android 2.3.7                TLSv1.0 DHE-RSA-AES128-SHA, 2048 bit DH
 Android 4.1.1                TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Android 4.3                  TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Android 4.4.2                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 5.0.0                TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 6.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Android 7.0                  TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 51 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Chrome 57 Win 7              TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 49 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Firefox 53 Win 7             TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 IE 6 XP                      No connection
 IE 7 Vista                   TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 8 XP                      No connection
 IE 8 Win 7                   TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 IE 11 Win 7                  TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bit DH
 IE 11 Win 8.1                TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bit DH
 IE 11 Win Phone 8.1 Update   TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bit DH
 IE 11 Win 10                 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win 10               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Edge 13 Win Phone 10         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Opera 17 Win 7               TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 Safari 5.1.9 OS X 10.6.8     TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Safari 7 iOS 7.1             TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
 Safari 9 OS X 10.11          TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Safari 10 OS X 10.12         TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Apple ATS 9 iOS 9            TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 Tor 17.0.9 Win 7             TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 6u45                    No connection
 Java 7u25                    TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
 Java 8u31                    TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.1l               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
 OpenSSL 1.0.2e               TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)

 Done 2017-09-28 03:47:06 [ 256s] -->> 65.39.205.61:443 (npiamerica.org) <<--
##############################################################################################################################################################################################################################################################################
                                        JTSEC full recon Anonymous #opnazi #2