Internet Archives

This image has an empty alt attribute; its file name is image-27.png

The Archives:

There are three main archives for US-related purposes, (though there are several other initiatives around the world, see wiki page List of Archiving Initiatives.).

web.archive.org – The Internet Archive / WAYBACKMACHINE is :

  • the archive with more archived data
  • does have keyword search
  • does have a reverse image search via – rootabout.com
  • BUT when you are searching for a url you will only find results for that exact url you typed

archive.is – Archive Today is :

  • a better archive for finding websites and information as it will find subdomains or related hosts for the url that you searched
  • can lookup social media and google maps
  • consider using spoonbill in conjunction with archive.is searches on Twitter, spoonbill technique (below) will let you see all a Twitter account’s profile changes over time
  • BUT it no keyword search tool
  • reportedly has less data than the Internet Archive

https://webarchive.loc.gov/ – The Library of Congress Web Archive is categorized and its content was deliberately chosen, therefore I think it is best to search for you subject matter before looking for a specific website. Alternatively, if you see your website-of-interest is archived there, look at its category so you can maybe find other useful sites. :

  • LOC is best used if you are looking for a specific subject. Go to the central page – https://www.loc.gov/web-archives/ – will let you search by subject, dates, locations, series, etc.

https://carbondate.cs.odu.edu/ – attempts to figure out when a website was created (consider using this in conjunction with whois history searches from previous post)

http://timetravel.mementoweb.org/ – look up archived website from specified date and time

Rootabout.com – does reverse image searches in Internet Archive and Open Library

Spoonbill – See Twitter profiles’ changes over time by using the following url with the account username:

https://spoonbill%5B.%5Dio/twitter/data/search_ish <–input other twitter usernames here and remove the brackets from ” spoonbill[.]io ”

Websites to Lookup “Whois” Domain Registration History

This posts lists out the current free resources available for obtaining history whois domain registration information. Be aware that these services will also let you search often by email or name of the registrant too

1 – WhoIsXMLAPI

The Domain Research Suite of WhoIsXMLAPI is currently the best bet.

https://drs.whoisxmlapi.com/

See the post below from ToolsForReporters.com to read a walkthrough of the service. The main points are that you have to sign up for a free account, you will only get a limited number of searches, and you have to login and go to the Domain Research Suite in order to access the Whois History Search tool.

2 – Whoxy

Whoxy is also a great source that will let you run a few free searches. You may need to sign up for a free account at some point

whoxy.com

3 – Tools for Reverse Whois Lookups: DomainBigData and ViewDNSinfo

These two are actually not for whois history, but rather it is for reverse whois lookups (i.e. check if an email was used to register any domains). It seems like a similar enough topic

domainbigdata.com

https://viewdns.info/reversewhois/

That’s it!

Genealogy – How To Document People in RootsMagic Software

This is a run through for how to document one new person and one fact about them in the free version of the genealogy software RootsMagic.

Short Version (without citing any sources)

If you want to just start building your family tree without worrying about documentation, getting started is very easy.

A.) Open RootsMagic,

B.) choose to open a new file,

C) choose a file name and place to save it,

D.) an empty family tree will appear, looking like the picture above,

E.) Double click where it says to “Add Person”, a window appears where you can type in any info about the person

F.) Now just click “OK”, a new window will appear asking you to source your information but you can ignore it and just click Cancel on the bottom right corner.

And then you are done! you have added a new person onto your family tree!

The process is basically three parts, A.) open a new file, B.) create a source C.) label one person on a family tree.

Longer Version (with how to cite your information)

In this example we have a named person, and we have one fact about them that we want to include on our family tree and cite where we obtained the information.

The person is a random “John Smith”, who’s date of death is documented in FindAGrave.com (see below).

(The basic search function for findagrave.com)
(the record for a random person named John Smith)

How-To Process

So in order to document this information in RootsMagic, take the following steps.

1 – Open opening the software click on “new file”, then “Empty File”, and then “Documents”

2 – you will be prompted to choose a place to save the new file and what to name it. I default to choose the location as Documents and choose a random name.

3 – You will then be prompted with the following options. You can ignore and just hit OK, but to check LDS support and Family Tree Support (but that is for reasons that will be addressed in a separate post).

4 – Now you will be presented with an empty family tree and the spot for one unidentified person highlighted.

5 – In order to document a fact, then we first want to create a source for the fact. On the left side click on “Sources”

6 – You are brought to the page seen below. At this point, click on the plus sign on the top bar.

SIDE NOTE: Do not be confused by the “Edit Source” section on the right, especially since it says free form under source type. This gives the false impression that you can type sourcing information in there. But that section is only for editing an existing source. If you type anything in there it will not be saved because there are no sources yet that you could edit. So do NOT touch the section on the right, just click the plus sign on the top bar.

7 – Clicking the plus sign will bring up a menu of different source types as seen below. But for this post, we will just use Free Form for the sake of simplicity. So click on “Free Form”, make sure it is highlighted, and then click “Next” on the bottom right.

7 – A window pops up with different sections for inputing information about the source.

8 – Now input the relevant information into the source file. In this case we are just documenting the existence of a gravesite based on a webpage from FindAGrave.com.

At the very least, you should input 3 pieces of information.

  • a title (for example, “FindAGrave record for John Smith”)
  • information that you want recorded (for example, “John Smith”, “died in 1788”)
  • some kind of sourcing for the record, in this case i just pasted the url for the webpage listing the information

The final result looks like below. Then hit “ok”

9 – This returns you to the Sourcing page and now you see that a source has been added to the list.

10 – On the left side, click on “People” and you are brought to a page with a blank family tree and a spot for one unidentified person. Click where it says “+ a person”

11- A popup window appears where you can input information about the person.

12 – Input the name and date of death as seen below and then hit “OK”

13 – A new window appears where we can provide the source for the information that we provided.

14 – Next to each fact about the person, there are 5 boxes on the right that have pictures above them. In the line on top where it lists the name as John Smith, we click on the box to the right that is under the picture of a pen. (note that the same fact is at the bottom of the screen, but this is just redundant, feel free to ignore)

15 – After clicking on the box under the pen, the heading on the right side of the screen will change from “Person”, to “Sources”. Under the heading “Sources”, click where it says “+ Add source citation”.

16 – This brings you to a new screen where all of your sources are listed and you are supposed to choose the source that supports the fact (in this case the person’s name) that you have chosen. However, in this example you only have one source so it is automatically chosen and highlighted.

Now you click “Next” on the bottom right corner, followed by “OK”, then “OK”.

“People-Search Websites” (list of tools to search names, addresses, phones)

This image has an empty alt attribute; its file name is data-analysis.jpeg

The following is a list of websites that can search for US-based people if you know the individuals name, phone number, or address:

Search name, phone, or address

truepeoplesearch.com – name, address, phone (NAP)

searchpeoplefree.com – email, (NAP)

cyberbackgroundchecks.com – email, (NAP)

thatsthem.com – email, (NAP)

advancedbackgroundchecks.com – email, (NAP)

fastpeoplesearch.com – (NAP)

nuwber.com – (NAP)

familytreenow.com – (NAP) – focuses on genealogy

radaris.com – (NAP)

whitepages.com – (NAP)

clustrmaps.com – name, address

truthfinder.com – only for searching phones

Johndoe.com – better results for associates

xlek.com – name

howmanyofme.com – name

spytox.com – https://www.spytox.com/firstname-lastname

spokeo.com – https://www.spokeo.com/Firstname-Lastname?loaded=1

zabasearch.com – only use then name-based search

classmates.com – name

social-searcher.com – focuses on usernames and mentions in social media

yasni.com

homemetry.com – address

Property and other public records

Publicaccountability.org – name, address

Publicrecords.directory – name

https://publicrecords.netronline.com/ – this is a database listing the websites for county governments public records – especially the county appraiser or assessor, which have property records

Phone CallerID Lookup

https://calleridtest.com/

calleridservice.com

https://apeiron.io/cnam

https://www.spydialer.com/

telnyx.com

serviceobjects.om

Crowd-Sourced Phone Search

https://www.truecaller.com/

https://sync.me/

Remove Your Personal Information from the Internet

There are several companies and websites that make use of your personal information but they are required to allow you to opt out. Here is a list of the places and relevant links for you to find where your information is collected and opt out so that it cannot be used by these companies.

Data Brokers

The following links will let you opt out of the major marketing data brokers selling your information

  1. Acxiom
  2. Experian
  3. Oracle
  4. Lexis Nexis and 
  5. Epsilon.

Credit Data

Stop credit reporting agencies from sell your data (the source of junk mail offering “Pre-approved credit offers”) using Opt Out Prescreen:

optoutprescreen.com

Financial Data

Banks also share data about their customers. Choose the bank from the list below to opt out of having your data shared

  1. JP Morgan Chase
  2. Citi
  3. Wells Fargo, and 
  4. Bank of America.

Credit Card

Do a Google search of “[insert credit card company name here] opt out of sharing my information”

You will likely be brought to a page that tells you that you need to actually call them and request to “opt out of sharing my information”. This is inconvenient but most companies make the process relatively convenient. As two examples, see the info below for Capital One and Discover

Capital One – 1-888-817-2970 – click here

Discover Card – 1-800-225-5202 – webpage is here

You can take your name out of Caller ID databases. You should have an account on your carrier’s website. When you log in you will see there is a name listed next to your phone number. If you have more than one phone on the same account there will be a different name listed next to each number. If you change this name it will eventually be reflected in caller ID databases. You can test by calling a phone that does not have your number in its contacts.

Mailing Lists

You can opt out of some of these offers if you:

  • Visit DMAchoice.org to create an account with the Direct Marketing Association (DMA) and decide which mail you want to receive from DMA members. There’s a $2 processing fee, which will cover you for 10 years.
  • Request to be taken off non-DMA mailing and marketing lists, such as those run by RetailMeNot and Valpak.

No Call Lists

You can register for the National Do Not Call Registry – donotcall.gov – which is limited in its effect but still useful

As a backup to the Do Not Call Registry, you can also go to No Mo Robo – nomorobo.com –

Do Not Contact for Caretaker’s Registration – https://ims-dm.com/cgi/dncc.php

Remove your personal data (name, address, phone, birthday) from people-searching websites:

According to Inteltechniques.com: “The ‘MOST BANG FOR YOUR BUCK’ removals: Spokeo, Mylife, Radaris, Whitepages, Intelius, BeenVerified, Acxiom, Infotracer, Lexis Nexis, TruePeopleSearch”

Inteltechniques.com provides and exhaustive list of such websites and the urls for opting out of each of them – https://inteltechniques.com/workbook.html

You may choose to simply google your name and see which websites show up in your results with your personal information and focus on those.

Remove Google Street Views of Your Home

1 -Go to Google Streetview and look at your home. (note that the address has been blocked out with red for privacy)

2 – Click on the three dots (circled here in yellow) and then in the drop down choose “Report a Problem”

This brings you to a new page where you can adjust the photo to center the red and black square over your home

You choose from a list of options what you want to blur (in this case we chose “my home”)

And then you have to input a justification, such as “I am concerned for my privacy”

Don’t forgot two more issues, the first is that even after you have blurred the one image, you can move down the street one space and turn and see the same house, so you have to blur the house from a few different locations and angles

Second, don’t forget about Google Maps’ time machine feature.

See the little clock on the bottom left

When you click on it, you will see the same location from different times in the past. You will also have to blur them individually.

There are similar options for removing photos from Bing Maps, Mapillary.com, and https://kartaview.org/.

And that is it for now!

What you can do with a “right-click”

You can often find good data from a website if you use a right-click.

Here is a quick example, below is a screenshot of a people-searching website. The results from a name search show that the website knows the person’s Facebook account, but you may have to pay for this info.

Instead, you can just right-click on the “Facebook” button and choose “inspect”

Now we see the publicly accessible coding that exists behind the website’s front facing page. A window pops up below showing the site’s coding and if we hover our cursor over a part of the code, we see that the corresponding part of the website will be highlighted so that we know what we are looking at. So you cannot see my cursor, but it is hovering over the highlighed part of the coding text that includes the word “Facebook” and now you see that this is the part of the code that tells the website to show the word “Facebook” on the screen.

What is more important is that 4 lines up from the highlighted line of code, you see a line of code that starts with:

<a class=”detail” href=

The term “href” signals that a link will follow it (In case you are curious, “href” stands for Hypertext REFerence)

As you see in the screenshot below, if we highlight the “href” line we see that it corresponds to the “Facebook” button on the webpage. So when the coding says “href=”, it means that the link in the button on the webpage screen will take you to the url that follows “href=”.

I you want to be overly literal about it, the code is communicating that the href is the location that the button takes you, so the code is saying that the href “=” (or “is”) the following url. Though I have obscured the full link, you see below that the link is for a specific Facebook account and therefore you now know the location of the Facebook account without actually haveing to click on the button itself.

This is just one example. You may notice that some company websites will have a page with photos of all of its staff members but you need to hover your cursor over a photo for the name and info of the staff member to appear. This is an increasingly common trend in corporate websites. If you encounter such a page, you can right-click and hit inspect. Doing so will bring you to the coding behind the website, which will include all of the info for each staff member, thereby allowing you to avoid the cumbersome process of hovering your cursor over each photo one at a time. This is especially useful if you are looking for a specific name.

If you find yourself needing to access, download, and manipulate (on your own computer) the data from a website (such as info on staff members), you can consider using the tool Parsehub. There is a great explanation of how you can use this tool even if you are a complete novice. See the guide “Saving time and rearranging websites” written by Samantha Sunne on ToolsForReporters.com (one of my favorite websites).

Find Information About Email Addresses in Data Breach Websites

When researching an email account, you can use Data Breach Websites to find a variety of information such as, but not limited to, websites where the email registered an account, alternate emails / phone numbers, coworkers, and social media accounts.

This post explains what Data Breach Websites are and discusses several sites that are available as of May 2021 (these sites regularly disappear and then are replaced by new ones).

What is a data breach website?

Data breaches occur in almost any website and the leaked information is often posted on dark web forums or discovered elsewhere before ultimately being taken down.

Before that information is taken down, breach data websites will obtain the information, verify it, and identify which breach it came from. Data breach websites will let you search for your own email address and find out which breaches had your email address in them, as well as other information listed along with it. You can then request that the breach data website remove your data from their holdings.

If you are researching an email address that is not your own, it can be helpful to research it in one of these websites so find out more information about it. For example, if the email was listed in a data breach of account information for LinkedIn accounts, you will know that the email address is registered to a LinkedIn account.

It is important to note that data breach websites maintain deep web databases so you can only obtain their information by going to the site itself.

List of Websites

The following is a list of Data Breach Websites and the information you can search as an input:

Data Breach Websites

leak-lookup.com – email

intelx.io – email

haveibeenpwned.com – email, phone

dehashed.com – email, username, phone, password, domain, IP

Phonebook.cz – email domain

leakpeek.com – email, username, password, keyword, email domain

The following are okay, but not great:

breachchecker.com – email

leakcheck.net – email, username

cybernews.com/personal-data-leak-check – email

Email Reputation / Survey of Breach Websites

EmailRep.io – email

Breach-Specific Websites

publicemailrecords.com – email

haveibeenzucked.com – email

checkashleymadison.com/ – email

Hash Decryption

hashes.com

dehash.me

github.com/HashPals/Search-That-Hash

Pastebin

open a browser tab and copy and paste:

https://psbdmp.ws/api/search/

…followed by the email you are searching (for example, to search for the email “moreinfo@search-ish.com”, you would type the following – https://psbdmp.ws/api/search/moreinfo@search-ish.com

you can follow up on any unique id / username discovered in your results by copy and pasting:

https://pastebin.com/

…followed by the username. So for example when search a username (such as “myusername”) you would use the url – https://pastebin.com/myusername

And here are some other US-focused email search websites (not data breach sites) while you are at it:

https://thatsthem.com/reverse-email-lookup

https://www.searchpeoplefree.com/email

https://www.manycontacts.com/en/mail-check

Back to data breach info…

Explanation for Standard Data Breach Websites

Standard breach databases (haveibeenpwned.com, and breachchecker.com) will let you search for an email address and the website will tell you which data breaches had the email in them. The screenshot below is a classic example of search results. The email that was searched was found in two different breaches and the breach website gives an explanation of each breach.

Email Reputation

EmailRep.io gives an overview of data on an email address that includes, whether it has been seen in breaches and the timeframe. This is a great place to start so you have an idea of what sort of information is out there.

See a standard set of results below

reputation – means likelihood that it is a legit, not spam email address

references – refers to the number of places the website has spotted the email, see below for more info on where the website gets its data.

blacklisted – self explanatory

credentials_leaked – presumably referring to a breach data leak

data_breach – gets right to the point and tells you if the email is in any breaches and the dates below are the earliest and latest dates of the breaches

valid_mx – refers to an mx lookup, which is basically a test to see if the domain of the email ( or website associated with the domain) is currently capable of hosting email addresses.

profiles – this is where it will list if the email is registered to a Linkedin or Twitter account.

EmailRep claims that it does not rely soley on databreaches but also uses “hundreds of data points from social media profiles, professional networking sites, dark web credential leaks, data breaches, phishing kits, phishing emails, spam lists…” etc.

The website also has a free api available.

Search More Than Emails

Some Breach Websites will let you search for other things in breach data. For example, leak-lookup.com will give you a limited number of lookups for free when you register and it lets you also search for phone numbers, IP addresses, Passwords, and Usernames. But in this case the results will only identify the data breaches. So if you search for an email domain, it will not show you the email addresses with the domain.

Raw Data

Intelx.io and Leakpeek.com will often give you limited access to the raw data from a breach. This is a great way to find new email accounts owned by the same user. This is especially helpful for finding the true identity of internet trolls who will often set up a “burner” email account for troll-like activities but there is often a link to their true email which could link to their true identity.

Decryption

Companies will often store users’ data internally “hashed” or encrypted in case it is breached. When you see a random string of about 25 characters in a data breach, that usually means that it is hashed data. Depending on the kind of hash, it might be possible to decrypt it with Hashes.com. Just paste the string and hit the “Submit & Search” button.

Email Domains

Searching for email domains (at sites like phonebook.cz)will let you search a website domain for email addresses with the same domain. So in the example below, I wanted to research the website Snov.io so I searched for email addresses with the same name. This listed several work email addresses. If you click on one, it automatically opens a search for the email in intelc.io

Another site that can be used for this purpose is leakpeek.com. This website is notable because it will also let you search for email addresses by domain (though it will not identify the full email addresses) and because it will often give partial information from the breach itself.

Breach-Specific

Several websites provide information for only one data breach. They are usually only worth checking if you have other reason to believe that the email is located in that database.

publicemailrecords.com – River City Media Breach

haveibeenzucked.com – Facebook breach

checkashleymadison.com/ – Ashley Madison breach

Note that the breach for publicmailrecords.com, River City Media Breach, is unlike the other two breach-specific sites because this breach may appear in the results of a standard data breach website’s search. See the example search results above for a regular breach site, which indicates that you should look for the same email at publicmailrecords.com.

That’s it!

Identify a Company’s Employees, Use Recruiter Websites

This post explains how to find a company’s employees by using publicly available OSINT tools.

A previous post explained how to find employees’ work email addresses for any company. That process simply required that you search for the company’s website domain in the tools Phonebooks.cz, Snov.io, and Hunter.io to look for email addresses that have the same domain as the company’s website. This process gave a list of work email addresses used by employees.

This current post will address how to identify the users of those email addresses in addition to other company employees as well.

Who Owns the Email?

Using the list of work email addresses that we gained from the aforementioned tools, we can identify the person that uses the email address. We start with the email username which will be a partial identification of the person’s name. Usually there will be an established pattern where “John Smith” working at “Fake Company” will be something like “jsmith@Fake_Company.com”.

From here we go to the website aihitdata.com.

AIHIT identifies company employees from corporate registrations, domain registrations, social media, company websites, and other sources. It logs each name and title and even continues to monitor its sources in case a new name appears on a registration and replaces an old one. For any company in a country with public corporate registries (like the United States) you can assume it will appear in this database.

We search for our company by name in the search bar and then in the results page we click on “people” and we receive a list of employee names, titles, and sometimes their work email addresses.

From here we can take an educated guess about who owns which email address. For example, you can see on the right that an employee named Alexander has the username “al” for their email address. From here we can search for the personal contact information for each employee using professional recruitment websites like Apollo.io, Contactout.com, and Rocketreach.co.

Professional Recruitment Websites

These websites have databases full of the names, titles, and contact information for employees of various companies large and small. The sources of their data are not clear. Rocketreach.co vaguely states that their information comes from “publicly sourced data,” and their leads are  “generated by tying together 100s of pieces of data using learning algorithms”. What IS for certain, is that there are a lot of complaints by people on sites like Reddit and Trustpilot (see here and here) claiming that these sites are publishing personal contact information that was not intended to be public.

Professional recruitment websites have databases that are specifically built so that you cannot find someone by their name. Instead, you have to search using someone’s employer and title. Now that we have linked a number of work email addresses to a name, title, and employer, we can search for them in these websites. Note that these websites will require that you sign up for a free account if you want to see the person’s contact information.

Here we see the same employee on Apollo.io and the site offers to give you their work email and personal phone number if you get a free account.

And here on ContactOut.com we see the employee’s Gmail address is available

You can find more information about the employee by searching for their email address in Breach Data websites, which were explained in a previous post.

Some more tools below for searching random employees:

Aleph.occrp.org – and – littlesis.org – are good for random searches of an email, name, or phone number as they use a variety of unusual data sources.

Bearsofficialstore.com – scrapes LinkedIn and other sources, let’s you search by name or employer

Openpayrolls.com – search government employees

That’s it, you’re done!

How to Search Pastebin (new tools for 2022)

URL-based Search For Data Breaches

  1. Open a browser tab and copy and paste:

https://psbdmp.ws/api/search/

…followed by the email you are searching (for example, to search for the email “moreinfo@search-ish.com”, you would type the following – https://psbdmp.ws/api/search/moreinfo@search-ish.com

2. You can follow up on any unique id / username discovered in your results by copy and pasting:

https://pastebin.com/

…followed by the username. So for example when search a username (such as “myusername”) you would use the url – https://pastebin.com/myusername

Search Multiple Sites at Once

Go to – https://Pastebin.ga

This is a new tool that searches a list of Pastebin sites at once and was updated as of May 2021.

See list of sites searched below:

That’s it!

Genealogy – Social Security Death Index

The Social Security Death Index (SSDI) is an official list of American’s whose deaths were reported to the Social Security Administration. The SSDI is available online (though only included deaths after 1965) and can be accessed for free at FamilySearch.org, GenealogyBank.com, and Ancestry.com. See the URLs below:

(screenshot from Genealogy Bank – https://www.genealogybank.com/explore/ssdi/all)

The SSDI is a public database maintained by the Social Security Administration of US citizens who had received social security benefits (so not everyone but still most people in the US) and died after 1965 (when the list was computerized). This is a more or less comprehensive list of Americans who have died.

Genealogy websites often include this data in their repositories.

More information on the list is available here:

https://www.familysearch.org/wiki/en/United_States_Social_Security_Administration_Records

Freedom of Information Act Requests

You can submit a Freedom of Information Act (FOIA) request to the Social Security Administration to request the information listed in the deceased person’s original application form for a social security card, which is called an SS-5. You will have to pay a fee of about $20. You can request a copy of the original document, if it is available, or a computer generated list of the information from the form (this is called a “Numident printout”).

This service was surprisingly fast, I submitted my request for a Numident printout and received a response in the mail 16 days later.

For more information you can go to (https://www.ssa.gov/foia/request.html)

Process for FOIA request:

1 – Go to FOIA Online (https://foiaonline.gov/foiaonline/action/public/home) click on “create request” and then “begin”.

2 – in the next page, there is a drop down menu at the top where you choose which agency you are interested in. After you choose Social Security Administration a form appears for your SS-5/Numident request.

3 – Now you have to fill out the form, choose SS-5 or Numident, pay the fee, and hit “submit”

I requested a Numident printout and received my response in the mail 2 weeks later. Below is a redacted copy of what I received in the mail:

In particular, note the following pieces of information included in this response:

  • Date of Birth
  • Date of Death
  • Place of Birth
  • Place of Death
  • Social Security Number
  • Names of Parents

That’s it!