Professional Documents
Culture Documents
On the commuter-side, Rapido works like any other taxi-booking app. To book a ride, users
have to sign up and enter pickup and destination points. Once the booking is confirmed, the name,
photo, and bike number of the Captain is shared with them.
Whois is a widely used Internet record listing that identifies who owns a domain and how to
get in contact with them.
IP ADDRESS : 52.84.162.17
This web site is used to find the sub domains of the target.
faq.rapido.com
static.rapido.com
www.rapido.com
pay.rapido.com
c.rapido.com
email.rapido.com
Nmap, short for Network Mapper, is a free and open source tool used for vulnerability checking, port
scanning and, of course, network mapping.
Some commands for NMAP
Metasploit is the world's leading open-source penetrating framework used by security engineers as a
penetration testing system and a development platform that allows to create security tools and
exploits.
penetration testing
Matching Modules
================
Interact with a module by name or index. For example info 3, use 3 or use post/windows/manage/pptp_tunnel
[*] 104.16.51.11:1723 - Packet sent. Kernel should halt on a Stop Error (BSOD).
dnsenum VERSION:1.2.6
rapido.com. 60 IN A 13.249.235.101
rapido.com. 60 IN A 13.249.235.39
rapido.com. 60 IN A 13.249.235.117
rapido.com. 60 IN A 13.249.235.46
Name Servers:
______________
___________________
alt4.aspmx.l.google.com. 138 IN A 64.233.171.26
_________________________________________________
Email ID : info@rapido.com
Wappalyzer is a technology profiler that shows you what websites are built with. Find out what CMS a website
is using, as well as any framework, ecommerce platform, JavaScript libraries and many more.
CMS : CONTENTFULL
MARKETING AUTOMATION : VWO ENGAGE
ANALYTIC : VWO ; GOOGLE ANALYTICS
ADVERTISING : MICROSOFT ADVERTISING
JAVA SCRIPT FRAMWORK : MUSTACHE 2.2.1 ; VUE.JS ; NUXT.JS
TAG MANAGERS : GOOGLE TAG MANAGER
JAVA SCRIPT LIBEARIES : LODUSH 4.17.21 ;JQUERY 3.5.1 ; CORE-JS 2.6.12
FORNT SCRIPT : TYPEKIT ; GOOGLE FONT API
PAAS : AMAZON WEB SERVICES
WEB FRAME WORKS : NUXT.JS
MIS CELLANEOUS : WEB PACK
REVIEWS : TRUSTPILLOT
WEB SERVER : NUXT.JS
PROGRAMING LANGUAGES : NODE.JS
CDN : AMAZON CLOUDFRONT
CUSTOMER DATA PLATFORM : BLUE CONIC
Httpstatus.io : http://rapido.com
Nessus is a remote security scanning tool, which scans a computer and raises an alert if it discovers any
vulnerabilities that malicious hackers could use to gain access to any computer you have connected to a
network.
Description:
This plugin attempts to determine the type and the version of the remote web server.
Description:
This test gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive
and HTTP pipelining are enabled, etc…
Description:
This plugin is a SYN 'half-open' port scanner. It shall be reasonably quick even against a firewalled target.
Service Detection:
Description:
Nessus was able to identify the remote service by its banner or by looking at the error message it sends when it
receives an HTTP request.
Description:
By using information obtained from a Nessus scan, this plugin reports CPE (Common Platform Enumeration)
matches for various hardware and software products found on a host.
Device Type:
Description:
Based on the remote operating system, it is possible to determine what the remote system type is (eg: a printer,
router, general-purpose computer, etc).
Description:
Nessus was able to resolve the fully qualified domain name (FQDN) of the remote host.
Description:
The remote web proxy accepts unauthenticated HTTP requests from the Nessus scanner. By routing requests
through the affected proxy, a user may be able to gain some degree of anonymity while browsing websites,
which will see requests as originating from the remote host itself rather than the user's host.
Description:
This plugin displays, for each tested host, information about the scan itself :
- The version of the plugin set.
OS Identification:
Description:
Using a combination of remote probes (e.g., TCP/IP, SMB, HTTP, NTP, SNMP, etc.), it is possible to guess the
name of the remote operating system in use. It is also possible sometimes to guess the version of the
operating system.
Description:
The remote host implements TCP timestamps, as defined by RFC1323. A side effect of this feature is that the
uptime of the remote host can sometimes be computed.
Traceroute Information:
Description:
nikto -h rapido.com
- Nikto v2.1.6
---------------------------------------------------------------------------
+ Target IP: 13.249.235.46
+ Target Hostname: rapido.com
+ Target Port: 80
+ Message: Multiple IP addresses found: 13.249.235.46, 13.249.235.101,
13.249.235.117, 13.249.235.39
+ Start Time: 2022-08-05 00:50:44 (GMT-4)
---------------------------------------------------------------------------
+ Server: CloudFront
+ Retrieved via header: 1.1 a9b691f245c119185c9460c052954cac.cloudfront.net
(CloudFront)
+ The anti-clickjacking X-Frame-Options header is not present.
+ The X-XSS-Protection header is not defined. This header can hint to the user agent to
protect against some forms of XSS
+ Uncommon header 'x-amz-cf-id' found, with contents:
RGXskvBTQXTa3bZLO6qQgpfYxyv3wUPzW6-STS7KEmrUpx_EUrFEIw==
+ Uncommon header 'x-amz-cf-pop' found, with contents: HYD50-C3
+ Uncommon header 'x-cache' found, with contents: Redirect from cloudfront
+ The X-Content-Type-Options header is not set. This could allow the user agent to render
the content of the site in a different fashion to the MIME type
+ Root page / redirects to: https://rapido.com/
+ No CGI Directories found (use '-C all' to force check all possible dirs)
USED TOOLS NAME:-DNSDUMBUSTER
DNS SERVERS :-
ns-1450.awsdns-53.org.
205.251.197.170 AMAZON-02
ns-1450.awsdns-53.org United States
ns-189.awsdns-23.com.
205.251.192.189 AMAZON-02
ns-189.awsdns-23.com United States
ns-1983.awsdns-55.co.uk.
205.251.199.191 AMAZON-02
ns-1983.awsdns-55.co.uk United States
ns-897.awsdns-48.net.
205.251.195.129 AMAZON-02
ns-897.awsdns-48.net United States
The package contains a tool for gathering subdomain names, e-mail addresses, virtual hosts, open
ports/ banners, and employee names from different public
─(kali㉿kali)-[~]
compras@paserapido.com
info@rapido.com
support@rapido.com
autodiscover.rapido.com.co
blog.rapido.com.ua
c.rapido.com:104.17.122.18, 104.17.121.18
c.rapido.com:104.17.121.18, 104.17.122.18
cpanel.rapido.com.my:103.6.198.121
cpanel.rapido.com.ua
cpcalendars.rapido.com.co
cpcalendars.rapido.com.my:103.6.198.121
cpcalendars.rapido`.com.ua
cpcontacts.rapido.com.co
cpcontacts.rapido.com.my:103.6.198.121
cpcontacts.rapido.com.ua
demo.rapido.com.my
dom.rapido.com.ua
email.rapido.com
email.rapido.com:104.16.210.86
email.rapido.com:104.16.209.86
email.rapido.com:r1-smtp-in-2.dotmailer.co.uk
email.rapido.com:104.16.207.86
email.rapido.com:104.16.206.86
email.rapido.com:r1-smtp-in-1.dotmailer.co.uk
faq.rapido.com:104.16.51.111, 104.16.53.111
faq.rapido.com:rapidocom.zendesk.com
faq.rapido.com:104.16.53.111, 104.16.51.111
faq.rapido.com:mail-pod-18.int.zendesk.com
faq.rapido.com:rapidocom.zendesk.com.
job.rapido.com.ua
mail.rapido.com.co
mail.rapido.com.my:103.6.198.121
mail.rapido.com.tr:168.119.145.131
mail.rapido.com.tw:211.22.63.76
mail.rapido.com.ua
mail.rapido.com.uy:200.40.204.69
pay.rapido.com:54.171.137.22, 3.251.23.0, 54.154.225.51
pay.rapido.com:3.251.23.0, 54.154.225.51, 54.171.137.22
pay.rapido.com:52.31.27.215
pay.rapido.com:54.171.33.187
pay.rapido.com:52.30.163.173
pay.rapido.com:52.213.189.152
pay.rapido.com:52.19.16.107
pay.rapido.com:54.171.137.22, 54.154.225.51, 3.251.23.0
pay.rapido.com:54.154.225.51, 3.251.23.0, 54.171.137.22
shop.rapido.com.tr:23.227.38.65
stage.rapido.com.ua
staging.rapido.com.ua
static.rapido.com:13.32.145.99, 13.32.145.62, 13.32.145.42, 13.32.145.101
static.rapido.com:13.32.145.101, 13.32.145.42, 13.32.145.62, 13.32.145.99
static.rapido.com:d2669ijg7ahnmh.cloudfront.net
static.rapido.com:d2669ijg7ahnmh.cloudfront.net.
support.ukrnames.com.rapido.com.ua
test.rapido.com.ua
webdisk.rapido.com.co
webdisk.rapido.com.my:103.6.198.121
webmail.rapido.com.my:103.6.198.121
webmail.rapido.com.ua
www.demo.rapido.com.my
www.pay.rapido.com
www.rapido.com:13.33.21.91
www.rapido.com:13.249.9.83, 13.249.9.61, 13.249.9.42, 13.249.9.6
www.rapido.com:13.249.9.61, 13.249.9.42, 13.249.9.83, 13.249.9.6
www.rapido.com:54.230.126.107
www.rapido.com:13.249.9.42, 13.249.9.83, 13.249.9.6, 13.249.9.61
www.rapido.com:99.84.64.37
www.rapido.com:13.249.9.61, 13.249.9.6, 13.249.9.83, 13.249.9.42
www.rapido.com:13.249.9.6, 13.249.9.42, 13.249.9.61, 13.249.9.83
www.rapido.com:13.249.9.61, 13.249.9.42, 13.249.9.6, 13.249.9.83
www.rapido.com:54.230.126.52
www.rapido.com:54.230.126.80
www.rapido.com:99.84.64.38
www.rapido.com:99.84.64.72
www.rapido.com:99.84.64.70
www.rapido.com:13.227.66.14
www.rapido.com:13.227.66.11
www.rapido.com:54.230.126.79
www.rapido.com.ng:52.60.87.163
www.rapido.com.qa:35.213.129.245
www.rapido.com.tr:193.70.57.224
www.rapido.com.ua
www.rapido.com.uy:190.64.69.90
x22www.rapido.com
UESDTOOL NAME: SHODAN.IO
Shodan Report
Rapido
Open ports
o 443
o 3389
o 81
o 8081
o 80
Organization
o Unified Layer
o Google LLC
o Mundivox LTDA
o TELEFÔNICA BRASIL S.A
o Aliyun Computing Co., LTD
Vulnerabilities
No information avallible
Products
o Apache httpd
o Exim smtpd
o Remote Desktop Protocol
o Microsoft IIS httpd
o AirSpace DVR
Tags
o self-signed
o cloud
o starttls
o vpn
o videogame
Operating Systems
Web Technologies
o Bootstrap
o Google Tag Manager
o Slick
o jQuery
o jQuery UI
o tlsv1.2
o tlsv1
o tlsv1.1
o tlsv1.3
o sslv3
JARM Fingerprints
o 26d26d16d26d26d22c26d26d26d26dfd9c9d1...
o 0000000000000000000000000000000000000...
o 05d02d20d21d20d00005d02d05d20d597e681...
o 05d02d20d21d20d05c05d02d05d20d74fcf65...
o 14d14d16d14d14d08c14d14d14d14dfd9c9d1...
JA3S Fingerprints
o 873bc234a06e363e550fcfe0dd382a6c
o a70303593a393dfd863b76d9da6c3ace
o 364ff14b04ef93c3b4cfa429d729c0d9
o 378bca6b37a511c71501b117b1aa4e5c
o f3afa07016296e8ebe0edf7150534bd9
THANK YOU