31.31.196.28

As of: Jun 13, 2024 11:00pm UTC | Latest

Basic Information

Reverse DNS
server209.hosting.reg.ru
Forward DNS
www.m.arteasyan.ru, www.suas64.ru, www.nonstopagency.ru, www.transservise.net, www.kuna.media, ...
Routing
31.31.196.0/24  via AS-REG, RU (AS197695)
OS
linux
Services (15)
21/FTP, 22/SSH, 25/SMTP, 53/DNS, 80/HTTP, 110/POP3, 111/PORTMAP, 143/IMAP, 443/HTTP, 465/SMTP, 587/SMTP, 993/IMAP, 995/POP3, 1500/HTTP, 3306/MYSQL
Labels
Database Email File Sharing Remote Access

FTP 21/TCP
06/13/2024 16:44 UTC

File Sharing

Details

Banner
220 FTP Server ready.
Auth TLS Response
234 AUTH TLS successful
Status Code
220
Status Meaning
Service ready for new user.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

SSH 22/TCP
06/13/2024 18:52 UTC

Remote Access

Software

linux
Dropbear SSH Project Dropbear SSH 2022.82

Details

Host Key
Algorithm
ecdsa-sha2-nistp256
Fingerprint
e52702aad3c4363b464c7a64cd8dbc45c9d1bd027c318575c74abc546b4f7de0
Negotiated
Key Exchange
[email protected]
Symmetric Cipher
aes128-ctr [] aes128-ctr []
MAC
hmac-sha2-256 [] hmac-sha2-256 []

SMTP 25/TCP
06/13/2024 23:00 UTC

Email

Software

linux
exim 4.97.1

Details

Banner
220 server209.hosting.reg.ru ESMTP Exim 4.97.1 Fri, 14 Jun 2024 02:00:18 +0300
EHLO
250-server209.hosting.reg.ru Hello www.censys.io [206.168.32.96]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

DNS 53/UDP
06/12/2024 23:44 UTC


Details

Server Type
AUTHORITATIVE
R Code
REFUSED

HTTP 80/TCP
06/13/2024 14:14 UTC


Software

nginx

Details

http://31.31.196.28/
Status
200  OK
Body Hash
sha1:ce9c7868089c71d595acb3c3aad088605927b1f4
HTML Title
Домен не добавлен в панели
Response Body
      
    

POP3 110/TCP
06/13/2024 19:27 UTC

Email

Software

linux
Dovecot

Details

Banner
+OK Dovecot ready.
Start TLS
+OK Begin TLS negotiation now.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

PORTMAP 111/UDP
06/13/2024 04:38 UTC


Details

Banner (Hex)
  
00000000
00000010
00000020
00000030
00000040
00000050
00000060
00000070
00000080
00000090
1a a9 ff e1 00 00 00 01 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 01 00 01 86 a0
00 00 00 04 00 00 00 06 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 03 00 00 00 06 00 00 00 6f
00 00 00 01 00 01 86 a0 00 00 00 02 00 00 00 06
00 00 00 6f 00 00 00 01 00 01 86 a0 00 00 00 04
00 00 00 11 00 00 00 6f 00 00 00 01 00 01 86 a0
00 00 00 03 00 00 00 11 00 00 00 6f 00 00 00 01
00 01 86 a0 00 00 00 02 00 00 00 11 00 00 00 6f
00 00 00 00
................
................
...........o....
...............o
................
...o............
.......o........
...........o....
...............o
....

IMAP 143/TCP
06/13/2024 11:16 UTC

Email

Software

linux
Dovecot

Details

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
Start TLS
a001 OK Begin TLS negotiation now.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_8b3ccbb12ea0

HTTP 443/TCP
06/13/2024 19:06 UTC


Software

nginx

Details

https://31.31.196.28/
Status
200  OK
Body Hash
sha1:ce9c7868089c71d595acb3c3aad088605927b1f4
HTML Title
Домен не добавлен в панели
Response Body
      
    

TLS

Handshake
Version Selected
TLSv1_3
Cipher Selected
TLS_AES_256_GCM_SHA384
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
29d29d00029d29d00042d42d0000005d86ccb1a0567e012264097a0315d7a7
JA3S
15af977ce25de452b96affa2addb1036
JA4S
t130200_1302_a56c5b993250

SMTP 465/TCP
06/13/2024 19:48 UTC

Email

Software

linux
exim 4.97.1

Details

Banner
220 server209.hosting.reg.ru ESMTP Exim 4.97.1 Thu, 13 Jun 2024 22:48:24 +0300
EHLO
250-server209.hosting.reg.ru Hello www.censys.io [167.94.138.50]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250 HELP

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da01e52cd5e3f9306da4ac348a0fe7af8
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

SMTP 587/TCP
06/13/2024 18:51 UTC

Email

Software

exim 4.97.1

Details

Banner
220 server209.hosting.reg.ru ESMTP Exim 4.97.1 Thu, 13 Jun 2024 21:51:09 +0300
EHLO
250-server209.hosting.reg.ru Hello www.censys.io [206.168.32.108]
250-SIZE 52428800
250-8BITMIME
250-PIPELINING
250-PIPECONNECT
250-AUTH LOGIN PLAIN
250-STARTTLS
250 HELP
Start TLS
220 TLS go ahead

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

IMAP 993/TCP
06/13/2024 18:35 UTC

Email

Software

Dovecot

Details

Banner
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

POP3 995/TCP
06/13/2024 21:42 UTC

Email

Software

Dovecot

Details

Banner
+OK Dovecot ready.

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
05d02d20d21d20d05c05d02d05d20da23a7a927f270a23608b3c7a72999cab
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

HTTP 1500/TCP
06/13/2024 00:28 UTC


Software

linux

Details

https://31.31.196.28:1500/
Status
200  OK
Body Hash
sha1:c9c82ff832ee059ad7200d096fcc4202acfa35fe
HTML Title
Authorization
Response Body
      Javascript required for login

Your browser is out of date, so the interface may work incorrectly. Please
update or change the browser
    

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
d2044f5cb91ac0c8e7d33164df52f0ed15ef35597d7d14b9752aaa8c35896cdc
Subject
CN=*.hosting.reg.ru
Issuer
C=BE, O=GlobalSign nv-sa, CN=AlphaSSL CA - SHA256 - G4
Names
*.hosting.reg.ru, hosting.reg.ru
Fingerprint
JARM
29d02d00029d29d22c29d02d29d29ddec047dae5c8df4f14546ec68b9cee76
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_8b3ccbb12ea0

MYSQL 3306/TCP
06/13/2024 22:18 UTC

Database

Software

Oracle MySQL 5.7.27-30

Details

Protocol Version
10
Character Set
8

TLS

Handshake
Version Selected
TLSv1_2
Cipher Selected
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Certificate
Fingerprint
281e864663a978b0facc45ca7960d21d03b1b8787c846ab6b55fd4c684ac8f02
Subject
CN=MySQL_Server_5.7.23-24_Auto_Generated_Server_Certificate
Issuer
CN=MySQL_Server_5.7.23-24_Auto_Generated_CA_Certificate
Fingerprint
JA3S
303951d4c50efb2e991652225a6f02b1
JA4S
t120200_c02f_344b4dce5a52

Geographic Location

City
Moscow
Province
Moscow
Country
Russia (RU)
Coordinates
55.75222, 37.61556
Timezone
Europe/Moscow