Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #######################################################################################################################################
- Hostname npiamerica.org ISP Squarespace, Inc. (AS53831)
- Continent North America Flag
- US
- Country United States Country Code US (USA)
- Region Unknown Local time 28 Sep 2017 03:22 CDT
- Metropolis Unknown Postal Code Unknown
- City Unknown Latitude 37.751
- IP Address 65.39.205.61 Longitude -97.822
- #######################################################################################################################################
- [i] Scanning Site: http://npiamerica.org JTSEC full recon Anonymous #opnazi #2
- B A S I C I N F O
- ====================
- [+] Site Title:
- [+] IP address: 65.39.205.61
- [+] Web Server: Could Not Detect
- [+] CMS: Could Not Detect
- [+] Cloudflare: Not Detected
- [+] Robots File: Could NOT Find robots.txt!
- W H O I S L O O K U P
- ========================
- Domain Name: NPIAMERICA.ORG
- Registry Domain ID: D162850178-LROR
- Registrar WHOIS Server:
- Registrar URL: http://www.tucows.com
- Updated Date: 2017-03-13T04:58:21Z
- Creation Date: 2011-07-22T18:34:06Z
- Registry Expiry Date: 2019-07-22T18:34:06Z
- Registrar Registration Expiration Date:
- Registrar: Tucows Inc.
- Registrar IANA ID: 69
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Reseller:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Registry Registrant ID: C140762647-LROR
- Registrant Name: Contact Privacy Inc. Customer 0135276165
- Registrant Organization: Contact Privacy Inc. Customer 0135276165
- Registrant Street: 96 Mowat Ave
- Registrant City: Toronto
- Registrant State/Province: ON
- Registrant Postal Code: M6K3M1
- Registrant Country: CA
- Registrant Phone: +1.4165385457
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: npiamerica.org@contactprivacy.com
- Registry Admin ID: C140762647-LROR
- Admin Name: Contact Privacy Inc. Customer 0135276165
- Admin Organization: Contact Privacy Inc. Customer 0135276165
- Admin Street: 96 Mowat Ave
- Admin City: Toronto
- Admin State/Province: ON
- Admin Postal Code: M6K3M1
- Admin Country: CA
- Admin Phone: +1.4165385457
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: npiamerica.org@contactprivacy.com
- Registry Tech ID: C140762647-LROR
- Tech Name: Contact Privacy Inc. Customer 0135276165
- Tech Organization: Contact Privacy Inc. Customer 0135276165
- Tech Street: 96 Mowat Ave
- Tech City: Toronto
- Tech State/Province: ON
- Tech Postal Code: M6K3M1
- Tech Country: CA
- Tech Phone: +1.4165385457
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: npiamerica.org@contactprivacy.com
- Name Server: NS1.HOVER.COM
- Name Server: NS2.HOVER.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of WHOIS database: 2017-09-28T06:33:58Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
- G E O I P L O O K U P
- =========================
- [i] IP Address: 65.39.205.61
- [i] Country: US
- [i] State: N/A
- [i] City: N/A
- [i] Latitude: 37.750999
- [i] Longitude: -97.821999
- H T T P H E A D E R S
- =======================
- [i] HTTP/1.0 400 Bad Request
- [i] content-length: 378
- [i] x-synthetic: true
- [i] expires: Thu, 01 Jan 1970 00:00:00 UTC
- [i] pragma: no-cache
- [i] cache-control: no-cache, must-revalidate
- [i] content-type: text/html; charset=UTF-8
- [i] connection: close
- [i] date: Thu, 28 Sep 2017 06:34:59 UTC
- [i] x-contextid: l3AEKv9Z/LL9Tpunq
- [i] x-via: 1.0 echo017
- D N S L O O K U P
- ===================
- npiamerica.org. 896 IN A 65.39.205.61
- npiamerica.org. 900 IN NS ns2.hover.com.
- npiamerica.org. 900 IN NS ns1.hover.com.
- npiamerica.org. 900 IN SOA ns1.hover.com. dnsmaster.hover.com. 1375732716 10800 3600 604800 900
- npiamerica.org. 900 IN MX 10 mx.hover.com.cust.hostedemail.com.
- S U B N E T C A L C U L A T I O N
- ====================================
- Address = 65.39.205.61
- Network = 65.39.205.61 / 32
- Netmask = 255.255.255.255
- Broadcast = not needed on Point-to-Point links
- Wildcard Mask = 0.0.0.0
- Hosts Bits = 0
- Max. Hosts = 1 (2^0 - 0)
- Host Range = { 65.39.205.61 - 65.39.205.61 }
- N M A P P O R T S C A N
- ============================
- Starting Nmap 7.01 ( https://nmap.org ) at 2017-09-28 06:35 UTC
- Nmap scan report for npiamerica.org (65.39.205.61)
- Host is up (0.038s latency).
- PORT STATE SERVICE VERSION
- 21/tcp filtered ftp
- 22/tcp filtered ssh
- 23/tcp filtered telnet
- 25/tcp filtered smtp
- 80/tcp open rtsp
- 110/tcp filtered pop3
- 143/tcp filtered imap
- 443/tcp open ssl/https?
- 445/tcp filtered microsoft-ds
- 3389/tcp filtered ms-wbt-server
- 1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at
- Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
- Nmap done: 1 IP address (1 host up) scanned in 24.98 seconds
- S U B - D O M A I N F I N D E R
- ==================================
- [i] Total Subdomains Found : 2
- [+] Subdomain: npiamerica.org
- [-] IP: 65.39.205.61
- [+] Subdomain: www.npiamerica.org
- [-] IP: 65.39.205.61
- NetRange: 65.39.205.0 - 65.39.205.255
- CIDR: 65.39.205.0/24
- NetName: SQUAR-30
- NetHandle: NET-65-39-205-0-1
- Parent: NET65 (NET-65-0-0-0-0)
- NetType: Direct Assignment
- OriginAS:
- Organization: Squarespace, Inc. (SQUAR-30)
- RegDate: 2017-04-10
- Updated: 2017-04-10
- Ref: https://whois.arin.net/rest/net/NET-65-39-205-0-1
- OrgName: Squarespace, Inc.
- OrgId: SQUAR-30
- Address: 225 Varick St
- City: New York
- StateProv: NY
- PostalCode: 10014
- Country: US
- RegDate: 2012-04-26
- Updated: 2017-01-04
- Comment: https://squarespace.com
- Ref: https://whois.arin.net/rest/org/SQUAR-30
- OrgNOCHandle: SYSTE409-ARIN
- OrgNOCName: Systems
- OrgNOCPhone: +1-347-758-4644
- OrgNOCEmail: systems-net@squarespace.com
- OrgNOCRef: https://whois.arin.net/rest/poc/SYSTE409-ARIN
- OrgTechHandle: SYSTE409-ARIN
- OrgTechName: Systems
- OrgTechPhone: +1-347-758-4644
- OrgTechEmail: systems-net@squarespace.com
- OrgTechRef: https://whois.arin.net/rest/poc/SYSTE409-ARIN
- OrgAbuseHandle: ABUSE5803-ARIN
- OrgAbuseName: Abuse
- OrgAbusePhone: +1-347-758-4644
- OrgAbuseEmail: abuse-network@squarespace.com
- OrgAbuseRef: https://whois.arin.net/rest/poc/ABUSE5803-ARIN
- [*] Performing TLD Brute force Enumeration against npiamerica.org
- [*] The operation could take up to: 00:01:07
- [*] A npiamerica.biz.af 5.45.75.45
- [*] CNAME npiamerica.biz.at free.biz.at
- [*] A free.biz.at 216.92.134.29
- [*] A npiamerica.co.asia 91.195.240.135
- [*] A npiamerica.org.aw 142.4.20.12
- [*] A npiamerica.co.ba 176.9.45.78
- [*] A npiamerica.com.ba 195.222.33.180
- [*] A npiamerica.com.be 95.173.170.166
- [*] A npiamerica.biz.by 71.18.52.2
- [*] A npiamerica.biz.bz 199.59.242.150
- [*] A npiamerica.net.cc 54.252.89.206
- [*] A npiamerica.com.cc 54.252.107.64
- [*] A npiamerica.co.cc 175.126.123.219
- [*] A npiamerica.org.ch 72.52.4.122
- [*] A npiamerica.biz.cl 185.53.178.8
- [*] A npiamerica.com 50.63.202.22
- [*] A npiamerica.com.com 52.33.196.199
- [*] CNAME npiamerica.biz.cm i.cns.cm
- [*] A i.cns.cm 118.184.56.30
- [*] A npiamerica.net.com 199.59.242.150
- [*] A npiamerica.co.com 173.192.115.17
- [*] A npiamerica.org.com 23.23.86.44
- [*] A npiamerica.co.cm 85.25.140.105
- [*] A npiamerica.net.cm 85.25.140.105
- [*] A npiamerica.biz.cr 72.52.4.122
- [*] A npiamerica.biz.cx 72.52.4.122
- [*] A npiamerica.com.cz 62.109.128.30
- [*] A npiamerica.biz.cz 185.53.179.7
- [*] A npiamerica.net.cz 80.250.24.177
- [*] CNAME npiamerica.co.de co.de
- [*] A co.de 144.76.162.245
- [*] CNAME npiamerica.org.de www.org.de
- [*] A www.org.de 78.47.128.8
- [*] A npiamerica.com.de 50.56.68.37
- [*] A npiamerica.net.eu 78.46.90.98
- [*] A npiamerica.org.eu 78.46.90.98
- [*] A npiamerica.biz.fi 185.55.85.123
- [*] A npiamerica.fm 173.230.131.38
- [*] CNAME npiamerica.com.fi dnspod-vip3.mydnspod.net
- [*] A dnspod-vip3.mydnspod.net 119.28.48.218
- [*] A dnspod-vip3.mydnspod.net 119.28.48.237
- [*] A npiamerica.biz.fm 173.230.131.38
- [*] A npiamerica.org.fr 149.202.133.35
- [*] A npiamerica.biz.gl 72.52.4.122
- [*] CNAME npiamerica.co.gp co.gp
- [*] A co.gp 144.76.162.245
- [*] A npiamerica.co.hn 208.100.40.203
- [*] CNAME npiamerica.biz.hn parkmydomain.vhostgo.com
- [*] CNAME parkmydomain.vhostgo.com westuser.dopa.com
- [*] A westuser.dopa.com 107.186.245.119
- [*] CNAME npiamerica.net.hr net.hr
- [*] A net.hr 192.0.78.24
- [*] A net.hr 192.0.78.25
- [*] A npiamerica.co.ht 72.52.4.122
- [*] A npiamerica.co.jobs 50.17.193.222
- [*] A npiamerica.com.jobs 50.19.241.165
- [*] A npiamerica.net.jobs 50.19.241.165
- [*] A npiamerica.biz.jobs 50.19.241.165
- [*] A npiamerica.org.jobs 50.19.241.165
- [*] A npiamerica.biz.ky 199.184.144.27
- [*] A npiamerica.la 173.230.141.80
- [*] CNAME npiamerica.biz.li 712936.parkingcrew.net
- [*] A 712936.parkingcrew.net 185.53.179.29
- [*] A npiamerica.biz.lu 195.26.5.2
- [*] A npiamerica.biz.ly 64.136.20.39
- [*] A npiamerica.biz.md 72.52.4.122
- [*] A npiamerica.co.mk 87.76.31.211
- [*] A npiamerica.co.mobi 54.225.105.179
- [*] A npiamerica.biz.my 202.190.174.44
- [*] A npiamerica.net 104.154.30.61
- [*] A npiamerica.co.net 188.166.216.219
- [*] A npiamerica.net.net 52.50.81.210
- [*] A npiamerica.org.net 23.23.86.44
- [*] A npiamerica.com.nl 83.98.157.102
- [*] A npiamerica.co.nl 37.97.184.204
- [*] A npiamerica.net.nl 83.98.157.102
- [*] A npiamerica.co.nr 208.100.40.202
- [*] CNAME npiamerica.co.nu co.nu
- [*] A co.nu 144.76.162.245
- [*] A npiamerica.org.nu 80.92.84.139
- [*] CNAME npiamerica.com.nu com.nu
- [*] A com.nu 144.76.162.245
- [*] A npiamerica.net.nu 199.102.76.78
- [*] A npiamerica.org 65.39.205.61
- [*] A npiamerica.com.org 23.23.86.44
- [*] CNAME npiamerica.net.org pewtrusts.org
- [*] A pewtrusts.org 204.74.99.100
- [*] A npiamerica.ph 45.79.222.138
- [*] A npiamerica.co.ph 45.79.222.138
- [*] A npiamerica.com.ph 45.79.222.138
- [*] A npiamerica.net.ph 45.79.222.138
- [*] A npiamerica.org.ph 45.79.222.138
- [*] A npiamerica.co.pl 212.91.6.55
- [*] A npiamerica.org.pm 208.73.211.165
- [*] A npiamerica.org.pm 208.73.211.177
- [*] A npiamerica.org.pm 208.73.210.217
- [*] A npiamerica.org.pm 208.73.210.202
- [*] A npiamerica.co.ps 66.96.132.56
- [*] CNAME npiamerica.biz.ps biz.ps
- [*] A biz.ps 144.76.162.245
- [*] A npiamerica.co.pt 194.107.127.52
- [*] A npiamerica.pw 141.8.226.58
- [*] A npiamerica.co.pw 141.8.226.59
- [*] A npiamerica.net.pw 141.8.226.59
- [*] A npiamerica.biz.pw 141.8.226.59
- [*] A npiamerica.org.pw 141.8.226.59
- [*] A npiamerica.net.ro 69.64.52.127
- [*] A npiamerica.org.re 217.70.184.38
- [*] CNAME npiamerica.co.ro now.co.ro
- [*] A now.co.ro 185.27.255.9
- [*] A npiamerica.com.ru 178.210.89.119
- [*] A npiamerica.biz.se 185.53.179.6
- [*] CNAME npiamerica.net.se 773147.parkingcrew.net
- [*] A 773147.parkingcrew.net 185.53.179.29
- [*] A npiamerica.co.sl 91.195.240.135
- [*] A npiamerica.com.sr 143.95.106.249
- [*] A npiamerica.co.su 72.52.4.122
- [*] A npiamerica.biz.st 91.121.28.115
- [*] A npiamerica.biz.tc 64.136.20.39
- [*] A npiamerica.biz.tf 85.236.153.18
- [*] A npiamerica.net.tf 188.40.70.29
- [*] A npiamerica.net.tf 188.40.70.27
- [*] A npiamerica.net.tf 188.40.117.12
- [*] A npiamerica.co.tl 208.100.40.202
- [*] A npiamerica.co.to 175.118.124.44
- [*] A npiamerica.co.tv 31.186.25.163
- [*] A npiamerica.biz.tv 72.52.4.122
- [*] A npiamerica.org.tv 72.52.4.122
- [*] CNAME npiamerica.biz.uz biz.uz
- [*] A biz.uz 144.76.162.245
- [*] A npiamerica.vg 88.198.29.97
- [*] A npiamerica.co.vg 88.198.29.97
- [*] A npiamerica.com.vg 88.198.29.97
- [*] A npiamerica.net.vg 68.178.254.180
- [*] A npiamerica.biz.vg 89.31.143.20
- [*] A npiamerica.ws 64.70.19.203
- [*] A npiamerica.biz.ws 184.168.221.104
- [*] A npiamerica.com.ws 202.4.48.211
- [*] A npiamerica.net.ws 202.4.48.211
- [*] A npiamerica.org.ws 202.4.48.211
- + -- ----------------------------=[Running Nslookup]=------------------------ -- +
- Server: 192.168.1.254
- Address: 192.168.1.254#53
- Non-authoritative answer:
- Name: npiamerica.org
- Address: 65.39.205.61
- npiamerica.org has address 65.39.205.61
- npiamerica.org mail is handled by 10 mx.hover.com.cust.hostedemail.com.
- + -- ----------------------------=[Checking OS Fingerprint]=----------------- -- +
- [-] fingerprint:snmp: need UDP port 161 open
- Xprobe2 v.0.3 Copyright (c) 2002-2005 fyodor@o0o.nu, ofir@sys-security.com, meder@o0o.nu
- [+] Target is npiamerica.org
- [+] Loading modules.
- [+] Following modules are loaded:
- [x] [1] ping:icmp_ping - ICMP echo discovery module
- [x] [2] ping:tcp_ping - TCP-based ping discovery module
- [x] [3] ping:udp_ping - UDP-based ping discovery module
- [x] [4] infogather:ttl_calc - TCP and UDP based TTL distance calculation
- [x] [5] infogather:portscan - TCP and UDP PortScanner
- [x] [6] fingerprint:icmp_echo - ICMP Echo request fingerprinting module
- [x] [7] fingerprint:icmp_tstamp - ICMP Timestamp request fingerprinting module
- [x] [8] fingerprint:icmp_amask - ICMP Address mask request fingerprinting module
- [x] [9] fingerprint:icmp_port_unreach - ICMP port unreachable fingerprinting module
- [x] [10] fingerprint:tcp_hshake - TCP Handshake fingerprinting module
- [x] [11] fingerprint:tcp_rst - TCP RST fingerprinting module
- [x] [12] fingerprint:smb - SMB fingerprinting module
- [x] [13] fingerprint:snmp - SNMPv2c fingerprinting module
- [+] 13 modules registered
- [+] Initializing scan engine
- [+] Running scan engine
- [-] ping:tcp_ping module: no closed/open TCP ports known on 65.39.205.61. Module test failed
- [-] ping:udp_ping module: no closed/open UDP ports known on 65.39.205.61. Module test failed
- [-] No distance calculation. 65.39.205.61 appears to be dead or no ports known
- [+] Host: 65.39.205.61 is up (Guess probability: 50%)
- [+] Target: 65.39.205.61 is alive. Round-Trip Time: 0.49960 sec
- [+] Selected safe Round-Trip Time value is: 0.99919 sec
- [-] fingerprint:tcp_hshake Module execution aborted (no open TCP ports known)
- [-] fingerprint:smb need either TCP port 139 or 445 to run
- [+] Primary guess:
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Other guesses:
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Host 65.39.205.61 Running OS: (Guess probability: 100%)
- [+] Cleaning up scan engine
- [+] Modules deinitialized
- [+] Execution completed.
- + -- ----------------------------=[Gathering Whois Info]=-------------------- -- +
- Domain Name: NPIAMERICA.ORG
- Registry Domain ID: D162850178-LROR
- Registrar WHOIS Server:
- Registrar URL: http://www.tucows.com
- Updated Date: 2017-03-13T04:58:21Z
- Creation Date: 2011-07-22T18:34:06Z
- Registry Expiry Date: 2019-07-22T18:34:06Z
- Registrar Registration Expiration Date:
- Registrar: Tucows Inc.
- Registrar IANA ID: 69
- Registrar Abuse Contact Email:
- Registrar Abuse Contact Phone:
- Reseller:
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Registry Registrant ID: C140762647-LROR
- Registrant Name: Contact Privacy Inc. Customer 0135276165
- Registrant Organization: Contact Privacy Inc. Customer 0135276165
- Registrant Street: 96 Mowat Ave
- Registrant City: Toronto
- Registrant State/Province: ON
- Registrant Postal Code: M6K3M1
- Registrant Country: CA
- Registrant Phone: +1.4165385457
- Registrant Phone Ext:
- Registrant Fax:
- Registrant Fax Ext:
- Registrant Email: npiamerica.org@contactprivacy.com
- Registry Admin ID: C140762647-LROR
- Admin Name: Contact Privacy Inc. Customer 0135276165
- Admin Organization: Contact Privacy Inc. Customer 0135276165
- Admin Street: 96 Mowat Ave
- Admin City: Toronto
- Admin State/Province: ON
- Admin Postal Code: M6K3M1
- Admin Country: CA
- Admin Phone: +1.4165385457
- Admin Phone Ext:
- Admin Fax:
- Admin Fax Ext:
- Admin Email: npiamerica.org@contactprivacy.com
- Registry Tech ID: C140762647-LROR
- Tech Name: Contact Privacy Inc. Customer 0135276165
- Tech Organization: Contact Privacy Inc. Customer 0135276165
- Tech Street: 96 Mowat Ave
- Tech City: Toronto
- Tech State/Province: ON
- Tech Postal Code: M6K3M1
- Tech Country: CA
- Tech Phone: +1.4165385457
- Tech Phone Ext:
- Tech Fax:
- Tech Fax Ext:
- Tech Email: npiamerica.org@contactprivacy.com
- Name Server: NS1.HOVER.COM
- Name Server: NS2.HOVER.COM
- DNSSEC: unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
- >>> Last update of WHOIS database: 2017-09-28T06:32:46Z <<<
- For more information on Whois status codes, please visit https://icann.org/epp
- Access to Public Interest Registry WHOIS information is provided to assist persons in determining the contents of a domain name registration record in the Public Interest Registry registry database. The data in this record is provided by Public Interest Registry for informational purposes only, and Public Interest Registry does not guarantee its accuracy. This service is intended only for query-based access. You agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (a) allow, enable, or otherwise support the transmission by e-mail, telephone, or facsimile of mass unsolicited, commercial advertising or solicitations to entities other than the data recipient's own existing customers; or (b) enable high volume, automated, electronic processes that send queries or data to the systems of Registry Operator, a Registrar, or Afilias except as reasonably necessary to register domain names or modify existing registrations. All rights reserved. Public Interest Registry reserves the right to modify these terms at any time. By submitting this query, you agree to abide by this policy.
- + -- ----------------------------=[Gathering OSINT Info]=-------------------- -- +
- *******************************************************************
- * *
- * | |_| |__ ___ /\ /\__ _ _ ____ _____ ___| |_ ___ _ __ *
- * | __| '_ \ / _ \ / /_/ / _` | '__\ \ / / _ \/ __| __/ _ \ '__| *
- * | |_| | | | __/ / __ / (_| | | \ V / __/\__ \ || __/ | *
- * \__|_| |_|\___| \/ /_/ \__,_|_| \_/ \___||___/\__\___|_| *
- * *
- * TheHarvester Ver. 2.7 *
- * Coded by Christian Martorella *
- * Edge-Security Research *
- * cmartorella@edge-security.com *
- *******************************************************************
- [-] Searching in Bing:
- Searching 50 results...
- Searching 100 results...
- [+] Emails found:
- ------------------
- No emails found
- [+] Hosts found in search engines:
- ------------------------------------
- [-] Resolving hostnames IPs...
- + -- ----------------------------=[Gathering DNS Info]=---------------------- -- +
- ; <<>> DiG 9.10.3-P4-Debian <<>> -x npiamerica.org
- ;; global options: +cmd
- ;; Got answer:
- ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 59658
- ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
- ;; OPT PSEUDOSECTION:
- ; EDNS: version: 0, flags:; udp: 4096
- ;; QUESTION SECTION:
- ;org.npiamerica.in-addr.arpa. IN PTR
- ;; AUTHORITY SECTION:
- in-addr.arpa. 3600 IN SOA b.in-addr-servers.arpa. nstld.iana.org. 2017043195 1800 900 604800 3600
- ;; Query time: 202 msec
- ;; SERVER: 192.168.1.254#53(192.168.1.254)
- ;; WHEN: Thu Sep 28 02:34:04 EDT 2017
- ;; MSG SIZE rcvd: 124
- Smartmatch is experimental at /usr/bin/dnsenum line 698.
- Smartmatch is experimental at /usr/bin/dnsenum line 698.
- AXFR record query failed: REFUSED
- AXFR record query failed: REFUSED
- dnsenum VERSION:1.2.4
- ----- npiamerica.org -----
- Host's addresses:
- __________________
- npiamerica.org. 877 IN A 65.39.205.61
- Name Servers:
- ______________
- ns2.hover.com. 900 IN A 64.98.148.13
- ns1.hover.com. 575 IN A 216.40.47.26
- Mail (MX) Servers:
- ___________________
- mx.hover.com.cust.hostedemail.com. 3600 IN A 216.40.42.4
- Trying Zone Transfers and getting Bind Versions:
- _________________________________________________
- Trying Zone Transfer for npiamerica.org on ns2.hover.com ...
- Trying Zone Transfer for npiamerica.org on ns1.hover.com ...
- brute force file not specified, bay.
- + -- ----------------------------=[Gathering DNS Subdomains]=---------------- -- +
- ____ _ _ _ _ _____
- / ___| _ _| |__ | (_)___| |_|___ / _ __
- \___ \| | | | '_ \| | / __| __| |_ \| '__|
- ___) | |_| | |_) | | \__ \ |_ ___) | |
- |____/ \__,_|_.__/|_|_|___/\__|____/|_|
- # Coded By Ahmed Aboul-Ela - @aboul3la
- [-] Enumerating subdomains now for npiamerica.org
- [-] verbosity is enabled, will show the subdomains results in realtime
- [-] Searching now in Baidu..
- [-] Searching now in Yahoo..
- [-] Searching now in Google..
- [-] Searching now in Bing..
- [-] Searching now in Ask..
- [-] Searching now in Netcraft..
- [-] Searching now in DNSdumpster..
- [-] Searching now in Virustotal..
- [-] Searching now in ThreatCrowd..
- [-] Searching now in SSL Certificates..
- [-] Searching now in PassiveDNS..
- ThreatCrowd: www.npiamerica.org
- SSL Certificates: www.npiamerica.org
- Yahoo: www.npiamerica.org
- Virustotal: www.npiamerica.org
- Netcraft: www.npiamerica.org
- + -- ----------------------------=[Pinging host]=---------------------------- -- +
- PING npiamerica.org (65.39.205.61) 56(84) bytes of data.
- 64 bytes from 65.39.205.61 (65.39.205.61): icmp_seq=1 ttl=244 time=221 ms
- --- npiamerica.org ping statistics ---
- 1 packets transmitted, 1 received, 0% packet loss, time 0ms
- rtt min/avg/max/mdev = 221.375/221.375/221.375/0.000 ms
- + -- ----------------------------=[Running TCP port scan]=------------------- -- +
- Starting Nmap 7.60 ( https://nmap.org ) at 2017-09-28 02:34 EDT
- Nmap scan report for npiamerica.org (65.39.205.61)
- Host is up (0.24s latency).
- Not shown: 471 filtered ports
- Some closed ports may be reported as filtered due to --defeat-rst-ratelimit
- PORT STATE SERVICE
- 80/tcp open http
- 443/tcp open https
- Nmap done: 1 IP address (1 host up) scanned in 16.45 seconds
- + -- ----------------------------=[Running Intrusive Scans]=----------------- -- +
- + -- --=[Port 21 closed... skipping.
- + -- --=[Port 22 closed... skipping.
- + -- --=[Port 23 closed... skipping.
- + -- --=[Port 25 closed... skipping.
- + -- --=[Port 53 closed... skipping.
- + -- --=[Port 79 closed... skipping.
- + -- --=[Port 80 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking http://npiamerica.org
- Generic Detection results:
- No WAF detected by the generic detection
- Number of requests: 13
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- http://npiamerica.org [200 OK] Cookies[JSESSIONID,ss_sd], Country[UNITED STATES][US], Frame, HTTPServer[SSWS], HttpOnly[JSESSIONID], IP[65.39.205.61], Script[text/javascript], Title[Squarespace - Claim This Domain][Title element contains newline(s)!], UncommonHeaders[x-contextid,x-servedby,x-via]
- __ ______ _____
- \ \/ / ___|_ _|
- \ /\___ \ | |
- / \ ___) || |
- /_/\_|____/ |_|
- + -- --=[Cross-Site Tracer v1.3 by 1N3 @ CrowdShield
- + -- --=[Target: npiamerica.org:80
- + -- --=[Site not vulnerable to Cross-Site Tracing!
- + -- --=[Site not vulnerable to Host Header Injection!
- + -- --=[Site vulnerable to Cross-Frame Scripting!
- + -- --=[Site vulnerable to Clickjacking!
- HTTP/1.1 501 Not Implemented
- content-length: 386
- x-synthetic: true
- expires: Thu, 01 Jan 1970 00:00:00 UTC
- pragma: no-cache
- cache-control: no-cache, must-revalidate
- content-type: text/html; charset=UTF-8
- connection: close
- date: Thu, 28 Sep 2017 06:35:09 UTC
- x-contextid: SMyawdJh/qAJO5HGN
- x-via: 1.1 echo028
- <html>
- <head>
- <title>501 Not Implemented</title>
- <style> body { background-color: #F2F2F2; color: #3E3E3E; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; } pre { word-wrap: break-word; } </style>
- </head>
- <body>
- <h1>501 Not Implemented</h1>
- <p><pre>SMyawdJh/qAJO5HGN @ Thu, 28 Sep 2017 06:35:09 GMT</pre>
- <p><pre>SEC-45</pre>
- <p><pre></pre>
- </body>
- </html>
- HTTP/1.1 400 Bad Request
- content-length: 378
- x-synthetic: true
- expires: Thu, 01 Jan 1970 00:00:00 UTC
- pragma: no-cache
- cache-control: no-cache, must-revalidate
- content-type: text/html; charset=UTF-8
- connection: close
- date: Thu, 28 Sep 2017 06:35:10 UTC
- x-contextid: D8r3fCSW/IBIz0suh
- x-via: 1.1 echo019
- <html>
- <head>
- <title>400 Bad Request</title>
- <style> body { background-color: #F2F2F2; color: #3E3E3E; font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; font-size: 12px; } pre { word-wrap: break-word; } </style>
- </head>
- <body>
- <h1>400 Bad Request</h1>
- <p><pre>D8r3fCSW/IBIz0suh @ Thu, 28 Sep 2017 06:35:10 GMT</pre>
- <p><pre>SEC-43</pre>
- <p><pre></pre>
- </body>
- </html>
- + -- ----------------------------=[Checking HTTP Headers]=------------------- -- +
- + -- --=[Checking if X-Content options are enabled on npiamerica.org...
- + -- --=[Checking if X-Frame options are enabled on npiamerica.org...
- + -- --=[Checking if X-XSS-Protection header is enabled on npiamerica.org...
- + -- --=[Checking HTTP methods on npiamerica.org...
- Access-Control-Allow-Credentials: true
- Access-Control-Allow-Method: POST, OPTIONS
- Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type
- + -- --=[Checking if TRACE method is enabled on npiamerica.org...
- + -- --=[Checking for META tags on npiamerica.org...
- <meta name="keywords" content="home page, web host, webhost, home, homepage, webpage, square space, squarespace, website, site maker, site builder, website maker, website builder, publishing, personal publishing, personal website, weblog, blog, web log" />
- <meta name="description" content="Squarespace. A new way of thinking about website publishing." />
- <meta name="copyright" content="(c) 2003-2004 Squarespace, Inc." />
- <meta name="MSSmartTagsPreventParsing" content="true" />
- <meta name="robots" content="noindex,nofollow,noarchive" />
- + -- --=[Checking for open proxy on npiamerica.org...
- <div id="footer">
- Copyright © 2003-2017, Squarespace Inc. unless otherwise noted. All rights reserved.<br />
- <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
- </div>
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- + -- --=[Enumerating software on npiamerica.org...
- Server: SSWS
- + -- --=[Checking if Strict-Transport-Security is enabled on npiamerica.org...
- + -- --=[Checking for Flash cross-domain policy on npiamerica.org...
- <div id="footer">
- Copyright © 2003-2017, Squarespace Inc. unless otherwise noted. All rights reserved.<br />
- <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
- </div>
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- + -- --=[Checking for Silverlight cross-domain policy on npiamerica.org...
- <div id="footer">
- Copyright © 2003-2017, Squarespace Inc. unless otherwise noted. All rights reserved.<br />
- <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
- </div>
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- + -- --=[Checking for HTML5 cross-origin resource sharing on npiamerica.org...
- + -- --=[Retrieving robots.txt on npiamerica.org...
- <div id="footer">
- Copyright © 2003-2017, Squarespace Inc. unless otherwise noted. All rights reserved.<br />
- <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
- </div>
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- + -- --=[Retrieving sitemap.xml on npiamerica.org...
- <div id="footer">
- Copyright © 2003-2017, Squarespace Inc. unless otherwise noted. All rights reserved.<br />
- <a href="http://www.squarespace.com">Squarespace</a> | <a href="http://www.squarespace.com/terms">Terms of Service</a> | <a href="http://www.squarespace.com/privacy">Privacy Policy</a>
- </div>
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- + -- --=[Checking cookie attributes on npiamerica.org...
- Set-Cookie: JSESSIONID=D7E041DE6A982244EBC87D9FB5B809D7.v5-web020; Path=/; HttpOnly
- set-cookie: ss_sd=eyJpZCI6IjZlMWVmOTA5ZTU1YmJjNWI2YTNjZWEyOTQ3OGIwMzBjNjNlNTBjNjUiLCJ0cyI6MTUwNjU4MDUyMDM3N32gX3ahUPhD2cDvGNclg3yYJkMKLA; Path=/
- + -- --=[Checking for ASP.NET Detailed Errors on npiamerica.org...
- <link rel="stylesheet" type="text/css" href="/universal/styles/service-error-pages.css?CE=75" title="default" />
- <div id="error-page">
- <a href="http://www.squarespace.com"><img src="/universal/images/error-pages/logo-emboss.png" style="border: none;" alt="SQUARESPACE" /></a>
- <link rel="stylesheet" type="text/css" href="/universal/styles/service-error-pages.css?CE=75" title="default" />
- <div id="error-page">
- <a href="http://www.squarespace.com"><img src="/universal/images/error-pages/logo-emboss.png" style="border: none;" alt="SQUARESPACE" /></a>
- + -- ----------------------------=[Running Web Vulnerability Scan]=---------- -- +
- - Nikto v2.1.6
- ---------------------------------------------------------------------------
- + Target IP: 65.39.205.61
- + Target Hostname: npiamerica.org
- + Target Port: 80
- + Start Time: 2017-09-28 02:35:22 (GMT-4)
- ---------------------------------------------------------------------------
- + Server: SSWS
- + Cookie ss_sd created without the httponly flag
- + The anti-clickjacking X-Frame-Options header is not present.
- + The X-XSS-Protection header is not defined. This header can hint to the user agent to protect against some forms of XSS
- + Uncommon header 'x-via' found, with contents: 1.1 echo007
- + Uncommon header 'x-servedby' found, with contents: v5-web008
- + Uncommon header 'x-contextid' found, with contents: wYDcDXHj/GERivrKa
- + The X-Content-Type-Options header is not set. This could allow the user agent to render the content of the site in a different fashion to the MIME type
- + Uncommon header 'x-synthetic' found, with contents: true
- + No CGI Directories found (use '-C all' to force check all possible dirs)
- + Server leaks inodes via ETags, header found with file /universal/favicon.ico, fields: 0xW/1150 0x1505845310000
- + Uncommon header 'access-control-allow-method' found, with contents: POST, OPTIONS
- + OSVDB-3092: /css: This might be interesting...
- + OSVDB-3092: /service/: This might be interesting...
- + /configuration/: Admin login page/section found.
- + 7464 requests: 13 error(s) and 13 item(s) reported on remote host
- + End Time: 2017-09-28 03:40:06 (GMT-4) (3884 seconds)
- ---------------------------------------------------------------------------
- + 1 host(s) tested
- + -- ----------------------------=[Saving Web Screenshots]=------------------ -- +
- [+] Screenshot saved to /usr/share/sniper/loot/screenshots/npiamerica.org-port80.jpg
- + -- ----------------------------=[Running Google Hacking Queries]=--------------------- -- +
- + -- ----------------------------=[Running InUrlBR OSINT Queries]=---------- -- +
- _____ .701F. .iBR. .7CL. .70BR. .7BR. .7BR'''Cq. .70BR. .1BR'''Yp, .8BR'''Cq.
- (_____) 01 01N. C 01 C 01 .01. 01 01 Yb 01 .01.
- (() ()) 01 C YCb C 01 C 01 ,C9 01 01 dP 01 ,C9
- \ / 01 C .CN. C 01 C 0101dC9 01 01'''bg. 0101dC9
- \ / 01 C .01.C 01 C 01 YC. 01 , 01 .Y 01 YC.
- /=\ 01 C Y01 YC. ,C 01 .Cb. 01 ,C 01 ,9 01 .Cb.
- [___] .J01L. .JCL. YC .b0101d'. .J01L. .J01. .J01010101C .J0101Cd9 .J01L. .J01./ 2.1
- __[ ! ] Neither war between hackers, nor peace for the system.
- __[ ! ] http://blog.inurl.com.br
- __[ ! ] http://fb.com/InurlBrasil
- __[ ! ] http://twitter.com/@googleinurl
- __[ ! ] http://github.com/googleinurl
- __[ ! ] Current PHP version::[ 7.0.22-3 ]
- __[ ! ] Current script owner::[ root ]
- __[ ! ] Current uname::[ Linux Kali 4.12.0-kali2-amd64 #1 SMP Debian 4.12.12-2kali1 (2017-09-13) x86_64 ]
- __[ ! ] Current pwd::[ /usr/share/sniper ]
- __[ ! ] Help: php inurlbr.php --help
- ------------------------------------------------------------------------------------------------------------------------
- [ ! ] Starting SCANNER INURLBR 2.1 at [28-09-2017 03:41:29]
- [ ! ] legal disclaimer: Usage of INURLBR for attacking targets without prior mutual consent is illegal.
- It is the end user's responsibility to obey all applicable local, state and federal laws.
- Developers assume no liability and are not responsible for any misuse or damage caused by this program
- [ INFO ][ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-npiamerica.org.txt ]
- [ INFO ][ DORK ]::[ site:npiamerica.org ]
- [ INFO ][ SEARCHING ]:: {
- [ INFO ][ ENGINE ]::[ GOOGLE - www.google.jo ]
- [ INFO ][ SEARCHING ]::
- -[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE API ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ ENGINE ]::[ GOOGLE_GENERIC_RANDOM - www.google.ie ID: 013269018370076798483:wdba3dlnxqm ]
- [ INFO ][ SEARCHING ]::
- -[:::]-[:::]-[:::]-[:::]-[:::]-[:::]
- [ INFO ][ TOTAL FOUND VALUES ]:: [ 6 ]
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 0 / 6 ]-[03:41:39] [ - ]
- |_[ + ] Target:: [ https://www.npiamerica.org/s/TheFoundersonRaceTaylor-fxjn.pdf ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP::0
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 1 / 6 ]-[03:41:39] [ - ]
- |_[ + ] Target:: [ http://www.npiamerica.org/the-national-policy-institute/blog/mcworld-and-the-mujahedin ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP::0
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 2 / 6 ]-[03:41:39] [ - ]
- |_[ + ] Target:: [ https://www.npiamerica.org/podcast/category/2013-conference-preview ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP::0
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 3 / 6 ]-[03:41:39] [ - ]
- |_[ + ] Target:: [ https://www.npiamerica.org/the-national-policy-institute/blog/the-martin-zimmerman-case-the-facts ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP::0
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 4 / 6 ]-[03:41:39] [ - ]
- |_[ + ] Target:: [ http://www.npiamerica.org/the-national-policy-institute/blog/apocalypse-now ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP::0
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org
- _[ - ]::--------------------------------------------------------------------------------------------------------------
- |_[ + ] [ 5 / 6 ]-[03:41:39] [ - ]
- |_[ + ] Target:: [ http://www.npiamerica.org/the-national-policy-institute/blog/the-civil-rights-myth ]
- |_[ + ] Exploit::
- |_[ + ] Information Server:: , , IP::0
- |_[ + ] More details::
- |_[ + ] Found:: UNIDENTIFIED
- |_[ + ] ERROR CONECTION:: Could not resolve host: www.npiamerica.org
- [ INFO ] [ Shutting down ]
- [ INFO ] [ End of process INURLBR at [28-09-2017 03:41:39]
- [ INFO ] [ TOTAL FILTERED VALUES ]:: [ 0 ]
- [ INFO ] [ OUTPUT FILE ]:: [ /usr/share/sniper/output/inurlbr-npiamerica.org.txt ]
- |_________________________________________________________________________________________
- \_________________________________________________________________________________________/
- + -- --=[Port 110 closed... skipping.
- + -- --=[Port 111 closed... skipping.
- + -- --=[Port 135 closed... skipping.
- + -- --=[Port 139 closed... skipping.
- + -- --=[Port 161 closed... skipping.
- + -- --=[Port 162 closed... skipping.
- + -- --=[Port 389 closed... skipping.
- + -- --=[Port 443 opened... running tests...
- + -- ----------------------------=[Checking for WAF]=------------------------ -- +
- Traceback (most recent call last):
- File "/usr/bin/wafw00f", line 8, in <module>
- ^ ^
- _ __ _ ____ _ __ _ _ ____
- ///7/ /.' \ / __////7/ /,' \ ,' \ / __/
- | V V // o // _/ | V V // 0 // 0 // _/
- |_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
- <
- ...'
- WAFW00F - Web Application Firewall Detection Tool
- By Sandro Gauci && Wendel G. Henrique
- Checking https://npiamerica.org
- main()
- File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 808, in main
- if attacker.normalrequest() is None:
- File "/usr/lib/python2.7/dist-packages/wafw00f/__init__.py", line 96, in normalrequest
- return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
- File "/usr/lib/python2.7/dist-packages/wafw00f/lib/evillib.py", line 323, in request
- h.request(method, path, headers=headers)
- File "/usr/lib/python2.7/httplib.py", line 1042, in request
- self._send_request(method, url, body, headers)
- File "/usr/lib/python2.7/httplib.py", line 1082, in _send_request
- self.endheaders(body)
- File "/usr/lib/python2.7/httplib.py", line 1038, in endheaders
- self._send_output(message_body)
- File "/usr/lib/python2.7/httplib.py", line 882, in _send_output
- self.send(msg)
- File "/usr/lib/python2.7/httplib.py", line 844, in send
- self.connect()
- File "/usr/lib/python2.7/httplib.py", line 1263, in connect
- server_hostname=server_hostname)
- File "/usr/lib/python2.7/ssl.py", line 363, in wrap_socket
- _context=self)
- File "/usr/lib/python2.7/ssl.py", line 611, in __init__
- self.do_handshake()
- File "/usr/lib/python2.7/ssl.py", line 848, in do_handshake
- match_hostname(self.getpeercert(), self.server_hostname)
- File "/usr/lib/python2.7/ssl.py", line 282, in match_hostname
- % (hostname, ', '.join(map(repr, dnsnames))))
- ssl.CertificateError: hostname 'npiamerica.org' doesn't match either of '*.squarespace.com', 'squarespace.com'
- + -- ----------------------------=[Checking Cloudflare]=--------------------- -- +
- ____ _ _ _____ _ _
- / ___| | ___ _ _ __| | ___|_ _(_) |
- | | | |/ _ \| | | |/ _` | |_ / _` | | |
- | |___| | (_) | |_| | (_| | _| (_| | | |
- \____|_|\___/ \__,_|\__,_|_| \__,_|_|_|
- v1.0.1 by m0rtem
- [03:41:50] Initializing CloudFail - the date is: 28/09/2017
- [03:41:50] Fetching initial information from: npiamerica.org...
- [03:41:50] Server IP: 65.39.205.61
- [03:41:50] Testing if npiamerica.org is on the Cloudflare network...
- [03:41:50] npiamerica.org is not part of the Cloudflare network, quitting...
- + -- ----------------------------=[Gathering HTTP Info]=--------------------- -- +
- https://npiamerica.org [200 OK] Cookies[JSESSIONID,ss_sd], Country[UNITED STATES][US], Frame, HTTPServer[SSWS], HttpOnly[JSESSIONID], IP[65.39.205.61], Script[text/javascript], Title[Squarespace - Claim This Domain][Title element contains newline(s)!], UncommonHeaders[x-contextid,x-servedby,x-via]
- + -- ----------------------------=[Gathering SSL/TLS Info]=------------------ -- +
- AVAILABLE PLUGINS
- -----------------
- PluginSessionResumption
- PluginOpenSSLCipherSuites
- PluginCertInfo
- PluginHSTS
- PluginHeartbleed
- PluginCompression
- PluginChromeSha1Deprecation
- PluginSessionRenegotiation
- CHECKING HOST(S) AVAILABILITY
- -----------------------------
- npiamerica.org:443 => 65.39.205.61:443
- SCAN RESULTS FOR NPIAMERICA.ORG:443 - 65.39.205.61:443
- ------------------------------------------------------
- * Deflate Compression:
- OK - Compression disabled
- * Session Renegotiation:
- Client-initiated Renegotiations: OK - Rejected
- Secure Renegotiation: OK - Supported
- * Certificate - Content:
- SHA1 Fingerprint: c430dffb8ef5eef744fe69ca01870a3b2bfed83f
- Common Name: *.squarespace.com
- Issuer: DigiCert SHA2 High Assurance Server CA
- Serial Number: 054A4A7D8CECA20E03B849428D213BB5
- Not Before: May 31 00:00:00 2017 GMT
- Not After: Jul 3 12:00:00 2019 GMT
- Signature Algorithm: sha256WithRSAEncryption
- Public Key Algorithm: rsaEncryption
- Key Size: 2048 bit
- Exponent: 65537 (0x10001)
- X509v3 Subject Alternative Name: {'DNS': ['*.squarespace.com', 'squarespace.com']}
- * Certificate - Trust:
- Hostname Validation: FAILED - Certificate does NOT match npiamerica.org
- Google CA Store (09/2015): OK - Certificate is trusted
- Java 6 CA Store (Update 65): OK - Certificate is trusted
- Microsoft CA Store (09/2015): OK - Certificate is trusted
- Mozilla NSS CA Store (09/2015): OK - Certificate is trusted
- Apple CA Store (OS X 10.10.5): OK - Certificate is trusted
- Certificate Chain Received: ['*.squarespace.com', 'DigiCert SHA2 High Assurance Server CA']
- * Certificate - OCSP Stapling:
- OCSP Response Status: successful
- Validation w/ Mozilla's CA Store: OK - Response is trusted
- Responder Id: 5168FF90AF0207753CCCD9656462A212B859723B
- Cert Status: good
- Cert Serial Number: 054A4A7D8CECA20E03B849428D213BB5
- This Update: Sep 28 02:02:34 2017 GMT
- Next Update: Oct 5 01:17:34 2017 GMT
- * SSLV2 Cipher Suites:
- Server rejected all cipher suites.
- * SSLV3 Cipher Suites:
- Server rejected all cipher suites.
- * Session Resumption:
- With Session IDs: NOT SUPPORTED (0 successful, 5 failed, 0 errors, 5 total attempts).
- With TLS Session Tickets: NOT SUPPORTED - TLS ticket not assigned.
- SCAN COMPLETED IN 9.77 S
- ------------------------
- Version: 1.11.10-static
- OpenSSL 1.0.2-chacha (1.0.2g-dev)
- Testing SSL server npiamerica.org on port 443 using SNI name npiamerica.org
- TLS Fallback SCSV:
- Server supports TLS Fallback SCSV
- TLS renegotiation:
- Secure session renegotiation supported
- TLS Compression:
- Compression disabled
- Heartbleed:
- TLS 1.2 not vulnerable to heartbleed
- TLS 1.1 not vulnerable to heartbleed
- TLS 1.0 not vulnerable to heartbleed
- Supported Server Cipher(s):
- Preferred TLSv1.2 128 bits ECDHE-RSA-AES128-GCM-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-GCM-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-GCM-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-GCM-SHA384 DHE 2048 bits
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA256 Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA384 Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA256 DHE 2048 bits
- Accepted TLSv1.2 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA256 DHE 2048 bits
- Accepted TLSv1.2 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.2 128 bits AES128-GCM-SHA256
- Accepted TLSv1.2 256 bits AES256-GCM-SHA384
- Accepted TLSv1.2 128 bits AES128-SHA256
- Accepted TLSv1.2 256 bits AES256-SHA256
- Accepted TLSv1.2 128 bits AES128-SHA
- Accepted TLSv1.2 256 bits AES256-SHA
- Preferred TLSv1.1 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.1 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.1 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.1 128 bits AES128-SHA
- Accepted TLSv1.1 256 bits AES256-SHA
- Preferred TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
- Accepted TLSv1.0 128 bits DHE-RSA-AES128-SHA DHE 2048 bits
- Accepted TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 2048 bits
- Accepted TLSv1.0 128 bits AES128-SHA
- Accepted TLSv1.0 256 bits AES256-SHA
- SSL Certificate:
- Signature Algorithm: sha256WithRSAEncryption
- RSA Key Strength: 2048
- Subject: *.squarespace.com
- Altnames: DNS:*.squarespace.com, DNS:squarespace.com
- Issuer: DigiCert SHA2 High Assurance Server CA
- Not valid before: May 31 00:00:00 2017 GMT
- Not valid after: Jul 3 12:00:00 2019 GMT
- ######################################################################################################################################
- testssl 2.9dev from https://testssl.sh/dev/
- This program is free software. Distribution and
- modification under GPLv2 permitted.
- USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!
- Please file bugs @ https://testssl.sh/bugs/
- ######################################################################################################################################
- Using "OpenSSL 1.0.2-chacha (1.0.2i-dev)" [~183 ciphers]
- on Kali:/usr/share/sniper/plugins/testssl.sh/bin/openssl.Linux.x86_64
- (built: "Jun 22 19:32:29 2016", platform: "linux-x86_64")
- Start 2017-09-28 03:42:52 -->> 65.39.205.61:443 (npiamerica.org) <<--
- rDNS (65.39.205.61): --
- Service detected: HTTP
- Testing protocols via sockets except SPDY+HTTP2
- SSLv2 not offered (OK)
- SSLv3 not offered (OK)
- TLS 1 offered
- TLS 1.1 offered
- TLS 1.2 offered (OK)
- SPDY/NPN not offered
- HTTP2/ALPN h2, http/1.1 (offered)
- Testing ~standard cipher categories
- NULL ciphers (no encryption) not offered (OK)
- Anonymous NULL Ciphers (no authentication) not offered (OK)
- Export ciphers (w/o ADH+NULL) not offered (OK)
- LOW: 64 Bit + DES encryption (w/o export) not offered (OK)
- Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK)
- Triple DES Ciphers (Medium) not offered (OK)
- High encryption (AES+Camellia, no AEAD) offered (OK)
- Strong encryption (AEAD ciphers) offered (OK)
- Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4
- PFS is offered (OK) ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA
- DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256
- DHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA
- DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256
- DHE-RSA-AES128-SHA
- Elliptic curves offered: prime256v1
- Testing server preferences
- Has server cipher order? yes (OK)
- Negotiated protocol TLSv1.2
- Negotiated cipher ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Cipher order
- TLSv1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA
- DHE-RSA-AES256-SHA AES128-SHA AES256-SHA
- TLSv1.1: ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA
- DHE-RSA-AES256-SHA AES128-SHA AES256-SHA
- TLSv1.2: ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
- DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384
- ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256
- DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA
- AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256
- AES128-SHA AES256-SHA
- Testing server defaults (Server Hello)
- TLS extensions (standard) "server name/#0" "renegotiation info/#65281"
- "EC point formats/#11" "status request/#5"
- "application layer protocol negotiation/#16"
- Session Ticket RFC 5077 hint (no lifetime advertised)
- SSL Session ID support yes
- Session Resumption Tickets no, ID: no
- TLS clock skew Random values, no fingerprinting possible
- Signature Algorithm SHA256 with RSA
- Server key size RSA 2048 bits
- Fingerprint / Serial SHA1 C430DFFB8EF5EEF744FE69CA01870A3B2BFED83F / 054A4A7D8CECA20E03B849428D213BB5
- SHA256 5C6BA46ACEC6D420F7F79E379BDCDCF811A8D26535167B83DA4C8F20B9FC6C51
- Common Name (CN) *.squarespace.com
- subjectAltName (SAN) *.squarespace.com squarespace.com
- Issuer DigiCert SHA2 High Assurance Server CA (DigiCert Inc from US)
- Trust (hostname) certificate does not match supplied URI (same w/o SNI)
- Chain of trust Ok
- EV cert (experimental) no
- Certificate Expiration 643 >= 60 days (2017-05-30 20:00 --> 2019-07-03 08:00 -0400)
- # of certificates provided 2
- Certificate Revocation List http://crl3.digicert.com/sha2-ha-server-g5.crl
- http://crl4.digicert.com/sha2-ha-server-g5.crl
- OCSP URI http://ocsp.digicert.com
- OCSP stapling offered
- OCSP must staple no
- DNS CAA RR (experimental) --
- Certificate Transparency no
- Testing HTTP header response @ "/"
- HTTP Status Code 200 OK
- HTTP clock skew -1 sec from localtime
- Strict Transport Security --
- Public Key Pinning --
- Server banner SSWS
- Application banner --
- Cookie(s) 2 issued: NONE secure, 1/2 HttpOnly
- Security headers --
- Reverse Proxy banner --
- Testing vulnerabilities
- Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension
- CCS (CVE-2014-0224) not vulnerable (OK)
- Ticketbleed (CVE-2016-9244), experiment. not vulnerable (OK), no session ticket extension
- Secure Renegotiation (CVE-2009-3555) not vulnerable (OK)
- Secure Client-Initiated Renegotiation not vulnerable (OK)
- CRIME, TLS (CVE-2012-4929) not vulnerable (OK)
- BREACH (CVE-2013-3587) no HTTP compression (OK) - only supplied "/" tested
- POODLE, SSL (CVE-2014-3566) not vulnerable (OK)
- TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK)
- SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK)
- FREAK (CVE-2015-0204) not vulnerable (OK)
- DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK)
- make sure you don't use this certificate elsewhere with SSLv2 enabled services
- https://censys.io/ipv4?q=5C6BA46ACEC6D420F7F79E379BDCDCF811A8D26535167B83DA4C8F20B9FC6C51 could help you to find out
- LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no common primes detected
- BEAST (CVE-2011-3389) TLS1: ECDHE-RSA-AES128-SHA
- ECDHE-RSA-AES256-SHA
- DHE-RSA-AES128-SHA
- DHE-RSA-AES256-SHA AES128-SHA
- AES256-SHA
- VULNERABLE -- but also supports higher protocols (possible mitigation): TLSv1.1 TLSv1.2
- LUCKY13 (CVE-2013-0169), experimental potentially VULNERABLE, uses cipher block chaining (CBC) ciphers with TLS
- RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)
- Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength
- Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)
- -----------------------------------------------------------------------------------------------------------------------------
- xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH 256 AESGCM 256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- xc028 ECDHE-RSA-AES256-SHA384 ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- xc014 ECDHE-RSA-AES256-SHA ECDH 256 AES 256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
- x9f DHE-RSA-AES256-GCM-SHA384 DH 2048 AESGCM 256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
- x6b DHE-RSA-AES256-SHA256 DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
- x39 DHE-RSA-AES256-SHA DH 2048 AES 256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA
- x9d AES256-GCM-SHA384 RSA AESGCM 256 TLS_RSA_WITH_AES_256_GCM_SHA384
- x3d AES256-SHA256 RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA256
- x35 AES256-SHA RSA AES 256 TLS_RSA_WITH_AES_256_CBC_SHA
- xc02f ECDHE-RSA-AES128-GCM-SHA256 ECDH 256 AESGCM 128 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- xc027 ECDHE-RSA-AES128-SHA256 ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
- xc013 ECDHE-RSA-AES128-SHA ECDH 256 AES 128 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- x9e DHE-RSA-AES128-GCM-SHA256 DH 2048 AESGCM 128 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
- x67 DHE-RSA-AES128-SHA256 DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
- x33 DHE-RSA-AES128-SHA DH 2048 AES 128 TLS_DHE_RSA_WITH_AES_128_CBC_SHA
- x9c AES128-GCM-SHA256 RSA AESGCM 128 TLS_RSA_WITH_AES_128_GCM_SHA256
- x3c AES128-SHA256 RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA256
- x2f AES128-SHA RSA AES 128 TLS_RSA_WITH_AES_128_CBC_SHA
- Running client simulations via sockets
- Android 2.3.7 TLSv1.0 DHE-RSA-AES128-SHA, 2048 bit DH
- Android 4.1.1 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- Android 4.3 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- Android 4.4.2 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Android 5.0.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Android 6.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Android 7.0 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Chrome 51 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Chrome 57 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Firefox 49 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Firefox 53 Win 7 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- IE 6 XP No connection
- IE 7 Vista TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- IE 8 XP No connection
- IE 8 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- IE 11 Win 7 TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bit DH
- IE 11 Win 8.1 TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bit DH
- IE 11 Win Phone 8.1 Update TLSv1.2 DHE-RSA-AES128-GCM-SHA256, 2048 bit DH
- IE 11 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Edge 13 Win 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Edge 13 Win Phone 10 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Opera 17 Win 7 TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
- Safari 5.1.9 OS X 10.6.8 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- Safari 7 iOS 7.1 TLSv1.2 ECDHE-RSA-AES128-SHA256, 256 bit ECDH (P-256)
- Safari 9 OS X 10.11 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Safari 10 OS X 10.12 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Apple ATS 9 iOS 9 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Tor 17.0.9 Win 7 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 6u45 No connection
- Java 7u25 TLSv1.0 ECDHE-RSA-AES128-SHA, 256 bit ECDH (P-256)
- Java 8u31 TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.1l TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- OpenSSL 1.0.2e TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256, 256 bit ECDH (P-256)
- Done 2017-09-28 03:47:06 [ 256s] -->> 65.39.205.61:443 (npiamerica.org) <<--
- ##############################################################################################################################################################################################################################################################################
- JTSEC full recon Anonymous #opnazi #2
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement