GeneralInformation

Hostnames	128.6.225.35.bc.googleusercontent.com
Domains	googleusercontent.com
Cloud Provider	Google
Cloud Region	us-central1
Country	United States
City	Council Bluffs
Organization	Google LLC
ISP	Google LLC
ASN	AS396982

WebTechnologies

Analytics

Google Analytics

Tag managers

Google Tag Manager

UI frameworks

Bootstrap3.3.7

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(1)

CVE-2024-6484

6.4A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting (XSS) attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an <a> tag due to inadequate sanitization. This vulnerability could potentially enable attackers to execute arbitrary JavaScript within the victim's browser.

2019(1)

CVE-2019-8331

6.1In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

2018(4)

CVE-2018-20677

6.1In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.

CVE-2018-20676

6.1In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.

CVE-2018-14042

6.1In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.

CVE-2018-14040

6.1In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.

2016(1)

CVE-2016-10735

6.1In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.

OpenPorts

80 443

80 / tcp

-1474004462 | 2025-03-09T14:52:27.793357

Hashes

hash

138971007

http.dom_hash

-1015457960

http.favicon.hash

-1992859697

http.html_hash

-1474004462

http.robots_hash

1714206274

http.title_hash

-1449700520

Site Not Available

HTTP/1.1 200 OK
Date: Sun, 09 Mar 2025 14:52:27 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2274
Connection: keep-alive
Content-Security-Policy-Report-Only: default-src acsbap.com *.acsbapp.com *.google-analytics.com *.voicepad.com analytics.crea.ca *.hireaiva.com aiva-live-chat.storage.googleapis.com;frame-src 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.googletagmanager.com *.onboardnavigator.com *.youtube.com;img-src 'self' 'unsafe-inline' data: *.bing.com *.elmstreettechnology.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.googleusercontent.com *.gstatic.com *.mapbox.com storage.cloud.google.com storage.googleapis.com unpkg.com *.yourelevate.com *.jotfor.ms *.jotform.com;script-src 'self' 'unsafe-inline' acsbap.com acsbapp.com *.bing.com *.elmstreettechnology.com connect.facebook.net *.facebook.com *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googleusercontent.com *.jotform.com *.jotfor.ms *.voicepad.com *.hireaiva.com aiva-live-chat.storage.googleapis.com 'nonce-0edd7a3a56398d9a9819732af8bed471';connect-src wss://ws-mt1.pusher.com https://sockjs-mt1.pusher.com https://staging.hireaiva.com https://sandbox.hireaiva.com https://aiva.hireaiva.com https://widget.hireaiva.com;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"8e2-zZ43PuO2zdL2xBkpTK+1QsY/Poo"
Set-Cookie: connect.sid=s%3A5zRrl4ykBRc7QZFwCYAKBvEhhGoCZG0_.8EjHo9U1IU74gOkxRpj8rTO2AUvs46zWOpIdTesXbj0; Path=/; HttpOnly
Vary: Accept-Encoding

Vulnerabilities

443 / tcp

1476310059 | 2025-03-05T13:33:28.285291

Hashes

hash

-548516239

http.dom_hash

-1015457960

http.favicon.hash

-1992859697

http.html_hash

1476310059

http.robots_hash

1714206274

http.title_hash

-1449700520

Site Not Available

HTTP/1.1 200 OK
Date: Wed, 05 Mar 2025 13:27:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2276
Connection: keep-alive
Content-Security-Policy-Report-Only: default-src acsbap.com *.acsbapp.com *.google-analytics.com *.voicepad.com analytics.crea.ca *.hireaiva.com aiva-live-chat.storage.googleapis.com;frame-src 'self' 'unsafe-inline' *.google.com *.google-analytics.com *.googletagmanager.com *.onboardnavigator.com *.youtube.com;img-src 'self' 'unsafe-inline' data: *.bing.com *.elmstreettechnology.com *.facebook.com *.google-analytics.com *.googletagmanager.com *.googleusercontent.com *.gstatic.com *.mapbox.com storage.cloud.google.com storage.googleapis.com unpkg.com *.yourelevate.com *.jotfor.ms *.jotform.com;script-src 'self' 'unsafe-inline' acsbap.com acsbapp.com *.bing.com *.elmstreettechnology.com connect.facebook.net *.facebook.com *.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.googleusercontent.com *.jotform.com *.jotfor.ms *.voicepad.com *.hireaiva.com aiva-live-chat.storage.googleapis.com 'nonce-65ab7efa8c18182116fb4082c08e13be';connect-src wss://ws-mt1.pusher.com https://sockjs-mt1.pusher.com https://staging.hireaiva.com https://sandbox.hireaiva.com https://aiva.hireaiva.com https://widget.hireaiva.com;base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-DNS-Prefetch-Control: off
Expect-CT: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15724800; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-XSS-Protection: 0
ETag: W/"8e4-/Qm08zPhrPlCHl0rbRhVQbc7wjo"
Set-Cookie: connect.sid=s%3A5wuQ9wvL4VlQz5-jGIQl74KiHokO1Zsa.yNmw5RQDWrmMwE0zIrJU0vVgBxT30McvDJ132qbeNco; Path=/; HttpOnly
Vary: Accept-Encoding

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b2:82:85:ab:6c:be:1c:b7:f5:bf:be:b7:c9:69:7d:50
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: O=Acme Co, CN=Kubernetes Ingress Controller Fake Certificate
        Validity
            Not Before: Mar  1 06:46:48 2025 GMT
            Not After : Mar  1 06:46:48 2026 GMT
        Subject: O=Acme Co, CN=Kubernetes Ingress Controller Fake Certificate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a1:11:27:54:af:f8:d4:2e:1a:5c:00:0b:35:c8:
                    cf:c4:ae:5a:fd:1b:3b:65:5b:60:03:ca:e7:06:bf:
                    b1:56:07:00:09:ef:c3:d2:94:97:cd:ea:72:59:eb:
                    43:24:ec:18:22:7a:d5:3e:78:e2:d1:af:e7:41:c9:
                    0b:66:ee:eb:c3:6b:9b:f7:7e:a9:38:4e:87:0e:cb:
                    28:be:49:65:2a:bb:4e:68:18:25:c4:ee:a3:78:e8:
                    6b:fc:33:9d:c0:f6:6c:e1:4a:d1:1f:ee:28:bb:15:
                    15:00:21:ca:37:91:c2:18:48:1b:d7:02:7e:10:a9:
                    ad:bb:5d:52:e9:82:eb:41:c7:84:43:64:6c:b4:2a:
                    44:c0:ed:28:62:a8:52:71:9d:2c:57:31:77:28:b3:
                    68:87:92:5b:67:38:6b:b6:d5:ad:5f:93:cf:9b:be:
                    c8:e6:45:1f:68:be:98:82:43:74:ec:5e:41:63:e8:
                    a8:c5:dd:76:56:e6:e8:e0:e9:4e:c4:fb:df:d9:ac:
                    8b:19:9c:7d:9f:68:4d:2e:c7:2a:fb:0b:90:85:db:
                    26:4f:87:27:e6:f8:fe:11:96:77:bf:1a:00:58:90:
                    fe:00:c9:eb:38:30:d0:50:82:66:66:89:e9:39:80:
                    54:4b:1f:27:3c:a5:02:73:43:ef:53:42:b7:d9:2f:
                    18:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:ingress.local
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        50:cd:7f:71:71:b6:7f:90:92:95:14:5f:5b:f8:cc:26:5e:ba:
        ff:00:34:b9:c1:cf:da:5f:cd:82:ea:17:f7:78:d1:a9:79:e0:
        6c:fe:4e:af:95:99:ff:c1:42:64:b6:02:07:a8:b2:95:16:48:
        39:da:c6:a5:c8:98:7f:82:6f:15:db:98:39:01:62:6f:12:36:
        13:56:5a:7b:d3:45:48:b9:cb:4b:13:64:98:7a:55:1e:16:fb:
        39:e1:bd:77:bd:0b:84:94:23:d1:8b:a9:f0:b3:90:26:6c:f4:
        7e:8c:55:3b:30:4c:08:99:d7:4c:f3:26:dd:b7:15:1e:29:77:
        f2:5b:38:96:89:81:3e:f7:73:7c:f5:ca:c2:ae:c2:f9:e6:bd:
        bc:91:8c:17:f7:d7:81:9c:e9:c6:aa:f0:f2:f3:93:fd:c1:74:
        ee:ca:73:54:19:7b:f2:38:ef:fc:aa:1f:8a:f6:32:6e:03:04:
        ae:1d:17:eb:df:36:cf:85:29:ee:1e:b2:f6:65:4b:78:81:54:
        ac:d2:73:75:0a:06:f7:f2:78:78:ad:49:b4:25:4c:13:0d:70:
        ae:16:9f:2f:ce:1b:c9:4f:2f:72:72:4e:9d:c1:f3:bb:01:0f:
        6d:cf:f1:ad:57:ae:fc:4e:65:61:c2:3d:f8:ba:96:bc:ea:5f:
        76:e0:18:14

Vulnerabilities

35.225.6.128

Last Seen: 2025-03-09

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

-1474004462 | 2025-03-09T14:52:27.793357

Hashes

443 / tcp

1476310059 | 2025-03-05T13:33:28.285291

Hashes

Products

Pricing

Contact Us

35.225.6.128

Last Seen: 2025-03-09

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp -1474004462 | 2025-03-09T14:52:27.793357

Hashes

443 / tcp 1476310059 | 2025-03-05T13:33:28.285291

Hashes

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

-1474004462 | 2025-03-09T14:52:27.793357

443 / tcp

1476310059 | 2025-03-05T13:33:28.285291