GeneralInformation

Hostnames	ad.tinker.vn static.vnpt.vn
Domains	tinker.vn vnpt.vn
Country	Viet Nam
City	Hanoi
Organization	Vietnam Posts and Telecommunications Group
ISP	VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
ASN	AS135905

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

22 80 443 3306 4730 9200

80777979 | 2025-01-16T13:43:37.879718

22 / tcp

SSH-2.0-OpenSSH_7.4
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABAQC6dTkeTljA95trQ7gncEoBrcwlsE/atEULDXmi5iSAJ3C8
c7ddMMxeqPlowEOojmpLPbnvxlJoR7BrzQ6KZsGivxEx07Hlp/TJPA17nes5OMl5zD0St93DVU6c
cv3U+MWychroq2x+y8ah9SuTQCPOs51NV8JdnOwCggejYN2CNfrxK0JTKeWN6BUGyPijZkB16Y5Z
+LqIulR7aRcdkNyMcxvcawES74lLbaESwf5IiCwyUuDGvwVAjOmSO4ZX3yl0KBy3+yLhadfaetge
Sywr4X/c2Ras9IMAGLudb9bZ4hhWryu8XefBXEWz5G5hYs4nh0S0ckxE5wOD+8PFRgWl
Fingerprint: c6:2c:4a:a0:f0:60:7b:fe:fe:2c:1d:46:8c:4a:88:c0

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group-exchange-sha1
	diffie-hellman-group14-sha256
	diffie-hellman-group14-sha1
	diffie-hellman-group1-sha1

Server Host Key Algorithms:
	ssh-rsa
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com
	aes128-cbc
	aes192-cbc
	aes256-cbc
	blowfish-cbc
	cast128-cbc
	3des-cbc

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

CVE-2023-38408 CVE-2008-3844 CVE-2023-51767 CVE-2021-41617 CVE-2020-15778 13 moreCVE-2023-51385 CVE-2023-48795 CVE-2020-14145 CVE-2019-6111 CVE-2019-6110 CVE-2019-6109 CVE-2018-20685 CVE-2018-15919 CVE-2018-15473 CVE-2017-15906 CVE-2016-20012 CVE-2007-2768 CVE-2021-36368

-1836475360 | 2025-01-17T12:10:12.894206

80 / tcp

404 Not Found

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Fri, 17 Jan 2025 12:10:12 GMT
Content-Type: text/html
Content-Length: 555
Connection: keep-alive

CVE-2023-44487 CVE-2021-3618

1198545769 | 2025-01-17T21:46:38.328864

443 / tcp

Document

HTTP/1.1 200 OK
Server: nginx/1.20.1
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.29
Cache-Control: no-cache, private
Date: Fri, 17 Jan 2025 21:46:38 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6InBZNUJ6SjZXXC9YQk5uR1NLQ09VdmdnPT0iLCJ2YWx1ZSI6IjdiVjFQNVZHWEJuVkgwak5kMHYyNDVoUE84RnYySEhHTXFKQmgxMmtDZ0xjYUQ0eFwvdjZuS0FZZEdJa2tBTjFxaHVncjBUMnhGVnN4NVpkT1d5NFgwZz09IiwibWFjIjoiNDBiZWYyZGYyZDdmMzIzZjE2MDhiMDRiZTkxM2U4YzhlZmFhZGJjZjQ4Yjk2OGIwMzFmNmQ0ZjhjZTc5NzE1YiJ9; expires=Fri, 17-Jan-2025 23:46:38 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_session=eyJpdiI6IlpnT3hJOUpFSjMrRTFxckRxT3Q4MlE9PSIsInZhbHVlIjoiR3g2UWFKMzN4UHlaWXFPXC9FMjRveXJPWDBNXC9QQ0ZpMmx1UDdTSW9tTEtrdjdOc2QwbEdFN2s0RzMwU3NRaGlIVUJzazVadWk2elZPUmF1V3l4RHVSdz09IiwibWFjIjoiZDhhMTdiMTViYTFkN2I0NmI0NjIzZDliOWRjMjZhN2RiOTYwZTNiYWUzY2U0NmE0NzhmNTU0NWEwY2ViMWZlNyJ9; expires=Fri, 17-Jan-2025 23:46:38 GMT; Max-Age=7200; path=/; httponly
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:bd:78:2a:4f:37:8a:70:39:b8:75:c2:9a:03:f0:13:84:69
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, O=Let's Encrypt, CN=E6
        Validity
            Not Before: Dec 16 16:55:03 2024 GMT
            Not After : Mar 16 16:55:02 2025 GMT
        Subject: CN=ad.tinker.vn
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:55:ea:6e:79:e1:be:d1:d3:a7:47:2b:47:00:c3:
                    2f:a5:18:e3:eb:29:86:50:63:78:ba:89:ea:e0:ab:
                    b7:6a:d7:51:e7:15:8e:f7:ea:51:2a:62:39:16:f6:
                    51:2e:fc:49:d3:bc:c0:3f:37:6d:33:70:e1:4b:eb:
                    1d:5e:17:54:58
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                72:3D:19:6D:26:53:E6:29:D8:3B:0D:B6:ED:95:56:61:AD:42:80:06
            X509v3 Authority Key Identifier: 
                93:27:46:98:03:A9:51:68:8E:98:D6:C4:42:48:DB:23:BF:58:94:D2
            Authority Information Access: 
                OCSP - URI:http://e6.o.lencr.org
                CA Issuers - URI:http://e6.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:ad.tinker.vn
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Dec 16 17:53:33.412 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:B1:10:57:73:5E:6A:7B:B3:25:E5:AE:
                                96:F2:8E:4A:25:6D:5D:D8:2D:B1:63:AE:80:91:C2:B7:
                                77:AB:0F:C7:16:02:20:60:9E:87:E5:1C:1F:0A:ED:4A:
                                D1:D9:04:84:B7:CE:2D:C4:36:C4:F8:0B:B8:18:FE:EE:
                                76:02:2A:A4:BD:D1:09
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Dec 16 17:53:33.443 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1B:AE:E9:48:A1:67:AD:CC:78:65:8F:56:
                                50:10:8A:4D:BC:DA:B5:B4:DE:32:1B:DB:77:31:D2:FF:
                                36:54:8D:DC:02:21:00:8A:11:96:04:8D:D2:3A:AB:F3:
                                BB:72:B9:78:25:5E:5C:D2:5F:54:5F:87:E5:20:5F:4E:
                                87:D7:F7:A0:AF:F0:E8
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:66:02:31:00:a4:a6:a2:5d:2a:80:42:ab:3e:3e:a4:c1:7d:
        ac:39:79:bc:97:d1:7f:09:b7:ab:7b:b8:54:d5:d9:ed:9f:ed:
        c6:de:05:c0:af:40:d4:4a:09:64:ee:76:48:32:6a:65:20:02:
        31:00:b9:d7:36:fb:27:87:e6:e5:3c:75:c1:9e:94:24:71:06:
        86:66:fb:55:b4:c1:9f:7b:99:6e:67:ff:c9:23:8f:29:ff:d9:
        72:de:15:d2:ec:b7:af:3d:5c:b6:f3:37:3c:5b

CVE-2022-37454 CVE-2017-8923 CVE-2023-44487 CVE-2021-21703 CVE-2021-3618 8 moreCVE-2013-2220 CVE-2024-5458 CVE-2022-31629 CVE-2022-4900 CVE-2021-21707 CVE-2021-21706 CVE-2007-3205 CVE-2022-31628

-2105859950 | 2025-01-08T12:55:06.572432

3306 / tcp

MySQL:
  Error Message: Host '224.84.0.70' is not allowed to connect to this MySQL server
  Error Code: 1130

-1989139373 | 2025-01-15T03:24:34.019220

4730 / tcp

Version:
OK 1.1.12

Jobs:
tinker.sync.order	0	0	1
chiaki.sync.order	0	0	1
inoutput.update	11	0	0
warehouse.inoutput.event	0	0	1
inoutput.create	9	0	0
warehouse.shipping.match_files	0	0	1
inoutput.save	0	0	1
.

Workers:
32 14.225.27.67 GearmanWorker:10 : inoutput.save
33 14.225.27.67 GearmanWorker:10 : warehouse.inoutput.event warehouse.shipping.match_files chiaki.sync.order tinker.sync.order
34 224.137.0.68 - :
.

-1239678615 | 2025-01-19T06:53:27.791437

9200 / tcp

HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 334


Elastic:
  Total Size: 19.04 MB
  Total Docs: 14,050
  Indices:
    ipp (575.0 B)
    tinker (19.04 MB)
    website (575.0 B)

CVE-2015-5377 CVE-2023-31418 CVE-2019-7611 CVE-2023-46674 CVE-2021-22144 6 moreCVE-2021-22137 CVE-2021-22135 CVE-2020-7021 CVE-2020-7019 CVE-2019-7614 CVE-2020-7020

14.225.27.67

Last Seen: 2025-01-19

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

80777979 | 2025-01-16T13:43:37.879718
22 / tcp

OpenSSH7.4

-1836475360 | 2025-01-17T12:10:12.894206
80 / tcp

nginx1.20.1

1198545769 | 2025-01-17T21:46:38.328864
443 / tcp

nginx1.20.1

-2105859950 | 2025-01-08T12:55:06.572432
3306 / tcp

MySQL

-1989139373 | 2025-01-15T03:24:34.019220
4730 / tcp

Gearman1.1.12

-1239678615 | 2025-01-19T06:53:27.791437
9200 / tcp

Elastic1.4.5

Products

Pricing

Contact Us

14.225.27.67

Last Seen: 2025-01-19

Tags:

GeneralInformation

Vulnerabilities All ports Port 22 Port 80 Port 443 Port 9200 Latest CVSS

OpenPorts

80777979 | 2025-01-16T13:43:37.879718 22 / tcp

OpenSSH7.4

-1836475360 | 2025-01-17T12:10:12.894206 80 / tcp

nginx1.20.1

1198545769 | 2025-01-17T21:46:38.328864 443 / tcp

nginx1.20.1

-2105859950 | 2025-01-08T12:55:06.572432 3306 / tcp

MySQL

-1989139373 | 2025-01-15T03:24:34.019220 4730 / tcp

Gearman1.1.12

-1239678615 | 2025-01-19T06:53:27.791437 9200 / tcp

Elastic1.4.5

Products

Pricing

Contact Us

Vulnerabilities

80777979 | 2025-01-16T13:43:37.879718
22 / tcp

-1836475360 | 2025-01-17T12:10:12.894206
80 / tcp

1198545769 | 2025-01-17T21:46:38.328864
443 / tcp

-2105859950 | 2025-01-08T12:55:06.572432
3306 / tcp

-1989139373 | 2025-01-15T03:24:34.019220
4730 / tcp

-1239678615 | 2025-01-19T06:53:27.791437
9200 / tcp