GeneralInformation

Hostnames

ec2-18-138-101-38.ap-southeast-1.compute.amazonaws.com
expertite.com

Domains

amazonaws.com expertite.com

Cloud Provider

Amazon

Cloud Region

ap-southeast-1

Cloud Service

EC2

Country

Singapore

City

Singapore

Organization

Amazon Data Services Singapore

ISP

Amazon.com, Inc.

ASN

AS16509

WebTechnologies

CDN

BootstrapCDN3.3.7

Google Hosted Libraries

JavaScript frameworks

AngularJS1.6.4

JavaScript libraries

jQuery3.1.1

UI frameworks

Bootstrap3.3.7

OpenPorts

80 443

80 / tcp

293410365 | 2025-04-17T21:44:46.932561

Hashes

hash

1674690861

http.dom_hash

-2060582466

http.html_hash

293410365

http.server_hash

-982608622

http.title_hash

1180404099

503 Service Temporarily Unavailable

HTTP/1.1 503 Service Temporarily Unavailable
Server: awselb/2.0
Date: Thu, 17 Apr 2025 21:44:46 GMT
Content-Type: text/html
Content-Length: 564
Connection: keep-alive

443 / tcp

1571432548 | 2025-04-02T22:45:21.317525

Hashes

hash

-1273671653

http.dom_hash

2071698587

http.favicon.hash

-926163524

http.html_hash

1571432548

http.title_hash

706734641

Recruitment Software, Candidate CRM and ATS | Expertite

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Wed, 02 Apr 2025 22:45:20 GMT
Set-Cookie: PLAY_SESSION=f51007a47e83bd2605daddfed352af303421ed0d-csrfToken=82a574d06c164d1cc1c718d519f03fcfca446cd0-1743633920965-7f0d1d98300d7d19944db30d; Path=/; Secure; HTTPOnly
Strict-Transport-Security: max-age=31536000
Content-Length: 41788
Connection: keep-alive

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:94:fd:f3:06:72:41:e5:6a:17:8e:a2:de:e3:78:c8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Amazon, CN=Amazon RSA 2048 M03
        Validity
            Not Before: Apr  2 00:00:00 2024 GMT
            Not After : Apr 30 23:59:59 2025 GMT
        Subject: CN=*.expertite.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:af:e7:a6:23:cd:da:3a:57:45:47:c3:fe:d9:38:
                    e4:75:84:e7:8f:05:28:26:73:84:17:97:d1:82:bb:
                    ac:a9:0e:64:45:b9:65:58:ea:60:39:19:19:bb:17:
                    b8:43:49:63:62:5e:b3:d3:41:53:8b:a7:69:57:ef:
                    3e:d3:9f:fa:80:7a:6a:3c:f9:c5:55:7f:da:f0:73:
                    24:3b:24:a7:45:23:a4:33:1d:fd:39:cc:8e:8a:45:
                    78:bc:f0:c9:dc:77:b5:a9:7d:18:64:01:83:3b:b3:
                    86:49:87:44:4f:9e:19:35:13:5a:db:35:77:01:c7:
                    b8:92:81:ba:ee:e7:01:32:34:6f:ab:dd:a5:3e:c0:
                    5f:34:14:1d:cf:0e:3d:04:49:a2:25:3b:4a:20:dc:
                    3a:a5:48:88:ac:89:4e:9a:bc:3d:75:ec:a6:aa:64:
                    08:28:27:86:55:57:8a:8c:51:d9:65:d5:b5:72:c3:
                    85:13:d8:7c:7e:8d:bf:d7:a5:7b:09:45:55:97:3f:
                    ee:3e:12:2c:a7:d5:59:04:e3:1a:c3:43:d7:33:0b:
                    e3:07:32:30:45:cd:61:51:93:c2:4e:eb:b1:51:59:
                    57:58:b9:e2:12:e6:e1:33:27:63:b9:29:bf:73:94:
                    66:22:a4:60:3b:39:a5:b5:f1:ec:2d:ee:47:65:21:
                    6f:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                55:D9:18:5F:D2:1C:CC:01:E1:58:B4:BE:AB:D9:55:42:01:D7:2E:02
            X509v3 Subject Key Identifier: 
                39:B6:67:C1:70:31:3E:D1:A2:86:EF:13:C0:3E:0A:0A:9E:69:A2:56
            X509v3 Subject Alternative Name: 
                DNS:*.expertite.com, DNS:expertite.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.r2m03.amazontrust.com/r2m03.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.r2m03.amazontrust.com
                CA Issuers - URI:http://crt.r2m03.amazontrust.com/r2m03.cer
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
                                1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
                    Timestamp : Apr  2 09:32:14.705 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:78:0F:1C:62:C3:99:09:5F:11:8C:E8:D2:
                                FC:CD:CC:4B:00:80:69:74:83:82:E8:3D:09:C1:7B:36:
                                33:81:70:17:02:20:31:2E:77:2D:B5:0B:E4:F3:93:CA:
                                DC:03:01:7E:80:44:1F:78:2A:00:72:0C:47:EA:33:5C:
                                C1:5D:6A:1F:51:3F
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Apr  2 09:32:14.643 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:00:92:0E:DA:AE:26:D5:E8:76:16:95:0C:
                                D2:81:36:3D:7B:FB:61:29:6C:C0:3E:09:68:EE:6D:F0:
                                41:3E:1C:D2:02:20:17:BA:5C:69:7D:3E:5B:5B:0F:BF:
                                48:71:A3:EE:05:64:37:C1:62:E6:51:77:AD:06:4B:71:
                                61:C5:71:BB:1A:42
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Apr  2 09:32:14.655 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:D5:AE:EE:7A:05:00:B2:19:31:0D:99:
                                E6:DA:35:23:48:99:8B:63:BC:8D:AE:9A:82:EC:8A:75:
                                DA:70:88:18:F1:02:21:00:A6:AA:4B:F2:DB:D4:D7:FE:
                                C3:FD:7E:91:B5:E5:8D:DD:98:FC:54:22:24:BA:A3:46:
                                9E:DD:A3:91:28:18:8C:4E
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a5:b3:98:d6:54:fc:98:05:96:c3:62:43:2c:34:d7:97:d6:ec:
        ed:5a:45:5e:3a:7c:74:cb:15:d2:50:5d:67:ac:71:9b:39:57:
        ec:20:29:15:d7:10:4e:81:62:cb:11:fa:dd:e6:6b:f1:fd:f1:
        46:49:54:07:b2:9e:d1:41:9c:55:0e:b9:f3:ea:6c:71:1f:13:
        19:2e:ee:44:30:8e:c3:9c:5e:70:de:67:4f:90:09:c1:f2:ab:
        34:40:f9:0b:42:db:e4:81:c3:49:1c:58:45:b4:e5:16:8c:2e:
        01:21:3b:f2:f8:30:65:4d:1f:16:98:3a:b2:b2:ed:78:47:ab:
        bd:8e:53:54:3f:da:ba:80:8c:7f:9e:9b:0f:1f:24:91:68:fc:
        a2:d8:a6:36:69:2f:5c:4c:9a:f3:e4:85:34:2e:5f:07:92:ff:
        7f:4a:6f:91:fc:d8:0d:82:5d:ea:10:11:ea:ab:6f:d0:11:92:
        6f:11:0a:c5:57:f0:2c:59:86:4f:45:77:1a:46:37:a3:1f:79:
        ab:c2:36:d5:32:ae:76:29:c4:a5:cf:1a:82:e8:f7:cc:64:f8:
        80:ec:ea:0a:68:a5:85:fa:be:cd:d2:d0:bf:59:48:3c:d0:ea:
        72:0e:c0:7f:e0:7d:f6:55:9d:8c:44:9e:fe:92:42:3c:74:ec:
        ad:cf:df:3c

Vulnerabilities

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(4)

CVE-2024-21490

7.5This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:** This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).

CVE-2024-8373

4.8Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

CVE-2024-8372

4.8Improper sanitization of the value of the '[srcset]' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and greater. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .

CVE-2024-6484

6.4A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

2020(3)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-7676

5.4angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.

2019(3)

CVE-2019-11358

6.1jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

CVE-2019-10768

7.5In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.

CVE-2019-8331

6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

2018(4)

CVE-2018-20677

6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2018-20676

6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-14042

6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040

6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

2016(1)

CVE-2016-10735

6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

18.138.101.38

Last Seen: 2025-04-17

Tags:

GeneralInformation

WebTechnologies

OpenPorts

80 / tcp

293410365 | 2025-04-17T21:44:46.932561

Hashes

AWS ELB2.0

443 / tcp

1571432548 | 2025-04-02T22:45:21.317525

Hashes

Vulnerabilities

Products

Pricing

Contact Us

18.138.101.38

Last Seen: 2025-04-17

Tags:

GeneralInformation

WebTechnologies

OpenPorts

80 / tcp 293410365 | 2025-04-17T21:44:46.932561

Hashes

AWS ELB2.0

443 / tcp 1571432548 | 2025-04-02T22:45:21.317525

Hashes

Vulnerabilities All ports Port 443 Latest CVSS

Products

Pricing

Contact Us

80 / tcp

293410365 | 2025-04-17T21:44:46.932561

443 / tcp

1571432548 | 2025-04-02T22:45:21.317525

Vulnerabilities